Reflections from Microsoft TechEd 2014

As the thousands of attendees prepared to return to their lives last Thursday afternoon I sat in the expo hall, reflecting on what we learned from the week in downtown Houston. 

First, Microsoft unleashed a flurry of new features for Microsoft Azure on Monday. These features ranged from direct connection between on-premises and Microsoft Azure environments to new embedded security features. It’s clear that Microsoft sees the future of networks, applications, and computing lay in the cloud and are making sure Microsoft Azure is ready. While it may be years before we see an onslaught of Fortune 100 companies moving their datacenters and application stack to the cloud the indicators are clear. The future of IT infrastructure is in the cloud whether we are ready or not.

Second, in some ways I feel sorry for today’s IT decision makers. As I scanned the expo hall I saw numerous security companies offering security solutions touting similar, if not the exact same benefits. The key to separating the wheat from the chaff for today’s IT decision makers is asking the right questions. Since most attendees will start getting barraged by vendors in the coming weeks here are a few questions they should consider when that vendor who gave them that cool t-shirt calls:

  1. What makes your solution different than everyone else? Be wary if the person on the other end of the phone cannot give you a crisp answer to this question. While you may be looking at a security technology that is commoditized any vendor with a clear vision of the market and where their solution fits should be able to answer this question.
  2. How does your solution work with cloud environments? Any vendor that hasn’t thought about a cloud strategy at this point is well behind.  Their product may not be suited for the cloud, and in some corner cases that might be ok. But for the majority of us with environments that are shifting to the cloud we need security solutions that can handle both on-premises and cloud environments in the same way.
  3. How much training is needed to be a proficient user of your solution? Anyone who has worked in IT knows that the best product in the world is about as useful as a cinder block without proper training. In some cases requiring a significant amount of training may be acceptable but if you are not in a position to make that investment it would be a wise decision to look at alternative solutions. Many a SIEM has died on the vine due to lack of skilled, trained resources to manage and use it.
  4. How do you handle security content updates to your solution? Threats are appearing all the time. The key to an effective security solution is the ability to incorporate fresh threat intelligence into your solution with as little lag time as possible. If the vendor cannot provide you near real time updates of threat intelligence feeds how can they possibly protect you from the latest attack vectors? They cannot. If they expect you to manage the update of this data you might want to reconsider your vendor selection.
  5. Do you offer a fully managed option? If you have a Security Operations Center with a staff of security ninjas congratulations, you can skip this question. For everyone else who struggles to find talented resources on tight budgets read on. As an IT leader it is your responsibility to make the most out of your resources. If you have little to no in-house security expertise you should consider offloading the burden of day-to day security monitoring to a trusted, proven vendor. Vendors who offer a SOC bring years of security experience to your team overnight. If the vendor doesn’t have a SOC or directs you to a laundry list of MSSPs you are still going to be faced with a tough decision. Ideally you want a vendor who not only develops the security solution but also can manage it for you.

Those are just a few questions attendees should think about when those calls and emails start coming in, and believe me they will.

Finally, what is apparent to me is that while Microsoft is investing in next generation cloud environments and vendors are messaging cloud, many people in charge of running security for companies, both large and small, are still trying to figure how to prepare their organizations for the move to the cloud. The fact of the matter is that security solutions purchased to handle your on-premises environment may not be suitable for the cloud. While you may think ditching an expensive on-premises product in favor of a lean, cloud based solution that can cover physical and cloud environments could strike a blow to your organizations bottom line, the reality is staying with a solution not fit for purpose could cause you more headaches in the future.

Microsoft TechEd is clearly a place to learn about the latest and greatest technology available for your environment. I am very impressed with the quality of the conference and in manner in which Microsoft took care of the attendees and exhibitors. I look forward to seeing how the conference continues to grow and change as more organizations embrace the cloud.