Selling Security Day Two: IPS and security agents

In part two in our series on how to justify security spending to your boss, Patrick Gray looks at how to sell endpoint security and intrusion detection systems.

So you want to acquire new endpoint security and intrusion detection systems but the boss won't write the cheque?

We asked Rob Blanco, McAfee's Client Relationship Executive for enterprise customers to tell us how he sells IPS and endpoint security solutions to management. His first response, when asked to outline his basic pitch, is a tad softball: "We explain how our solutions help customers do more and better than before. We discuss with customers how confidence in security posture will allow greater versatility for the business to adopt technology that makes them more competitive," he says.

But Blanco was just warming up. He comes up with a compelling case for using IPS and endpoint security software based on clawing back network resources from malware. And let's face it; if you're not using IPS or some form of endpoint security solution or endpoint AV, you've probably got a lot of malware on your network. "For network IPS, the most measurable payback, outside downtime and recovery expenses saved, is reducing capital and operational spend associated with network infrastructure availability costs," Blanco explains.

That infrastructure spend reduction comes from saved bandwidth. Enterprise network bandwidth requirements are still increasing, Blanco says, due to increasingly centralised storage and the popularity of sophisticated CRM solutions. Blanco says the enterprise can reclaim and reallocate 5-15 percent of network resources from unwanted and malicious traffic.

Blanco argues malware inside a large corporate network causes network degradation from malicious broadcasts from the friendly side of the firewall.

As for end-point security, "the most measurable payback is reducing operational spends attributed to managing devices. The more versatile the user's operating options, the greater the payback," Blanco says.

Helpdesk calls due to malware infections fall and productivity goes up due to increased reliability of endpoints. How much does it cost your organisation when a staffer is unable to work while their PC is rebuilt after a malware attack?

But don't overdo it, Blanco warns. Overstating the risk trade-off is a bad strategy for selling endpoint security and IPS. You don't want to seem like a FUD peddler. Don't suggest that the solution is a one-time fix, either. It will require ongoing budget to continue improving and tuning the system.

Above all, make sure you measure and report results to business for continued success, and make sure you relate the pitch of the system's purchase to broader corporate objectives.

If your boss says you already have strong security, Blanco has a pearler of a come-back. "Only if it was recently validated independently as it relates to the organisation's governance and associated regulatory requirements."

In other words, if your boss says your company is secure, ask them how they know.

Tomorrow: Authentication systems.

Read more on Data breach incident management and recovery