Time
2 hours 35 minutes
Difficulty
Advanced
CEU/CPE
3

Video Transcription

00:00
All right. Welcome to lessen for dot To we're gonna be talking about consolidating products.
00:06
All right, so we're learning objectives for this lesson. We're gonna be talking about a couple different scenarios. I wanted to give some scenarios that we can actually talk about, you know, problems that are out there and how we can kind of fix them as we go along. So we're gonna talk about a larger organization, lots of different departments, lots of requirements
00:23
on. Then we're gonna talk about it. Maybe a smaller organization, but maybe they're growing quickly.
00:28
So how are we gonna address those challenges and then considerations when we're talking about consolidating software and hardware? Some of those implications when we're talking about vulnerability management.
00:40
All right, so scenario one
00:42
business say so. We've got huge organizations, and they've got a lot of smaller departments, smaller organizations that are under that umbrella off the larger organization. So each department they want their own financial on time keeping software. They're just They have their own requirements, their own groups.
01:00
They need their own software for their requirements.
01:03
Um, so you've got department heads. They can't agree on one solution. They're like, Hey, No, I need this for this reason, you know, and I have my own funding. Um
01:11
uh, and I'm gonna buy the software because I have my own funding, and I don't have to worry about you guys. I don't I don't. You know, you guys could do whatever you want. I need this for my for my piece of the organization.
01:23
So what you gonna dio?
01:26
You know, I think this is really where executive management can kind of come in and say, Yeah, you have your own funding. Yes. You're your own, you know, organization. You have your own requirements, but we need to round table this and figure out how we can consolidate toe one product. Or maybe if we can't do want to be at least two,
01:42
you can't all have your own software that our whole infrastructure, we gotta upgrade all the time. And,
01:48
you know, it adds complexity. The environment that we really don't need. Ah, lot of financial software out there you could use, you know, could really meet all the objectives. It may just be. Maybe one department doesn't know about another product. Or maybe they didn't know another department was using this other thing, and they could just add their licensing to it. So
02:06
it's really about starting that conversation between department heads or,
02:09
you know, really the leadership in the organization to say, Hold up, guys, let's talk about this before we spend our money. I know you have your in charge your funding, but let's get together and talk about if we can consolidate this, you know that may or may not work, but it's always good to at least try, especially from an executive leadership standpoint, you know, understanding that.
02:28
Listen, I don't want to add undo complexity to my environment if I don't need Teoh.
02:35
Okay, so scenario to business be
02:37
eso We're gonna talk about a smaller organization growing fast. They've got lots of new customers. Uh, and they've got people who are performing lots of different job functions, you know, they're still small. They're still growing, so they've got people who might be doing. You know, maybe you've got your help desk person who's also your security analyst. Maybe you've got,
02:57
um,
02:58
an I T and security manager. Maybe they're doing both or trying toe, you know, trying to do both. See, Really, They don't have enough people to have a full security team. Maybe they have one security analyst, Um, so
03:10
they need to use open source free tools because the company's growing. Maybe we're not budgeting for that yet. So what do you do? How do you handle this?
03:20
I think it's important, especially from an executive leadership standpoint, to try to understand that these risks
03:29
that they're happening, that they can occur with trying to figure out.
03:34
Well, maybe I do need to, you know, maybe I do need to hire a full time security person. Maybe we're getting to that point where we have a lot of new customers and, yes, we need to support them. But we've got to spend the money. We've got to get a security person in here or maybe hiring a sock.
03:50
You know, maybe you can. You can hire a company to be your sock for you if you just you can't have him on site.
03:55
There's a lot of really great services out there that can help you improve your security and make sure that you're aware of what's going on as your company is growing quickly. Eso again. It's that
04:05
opening that dialogue and being okay to spend the money and say, You know what? We do need to have a sock. It's really important because if our customers data is compromised, will lose the business and that would be a big deal. So let's spend the money on security.
04:20
All right, So software applications
04:23
we discussed a little bit about this and why this continues to go through this whole thing whole course. Because if we don't know what we have, how can we secure it? How can we figure out what we have to dio? Um, so understanding what we have and then are we actually using it?
04:41
You may be someone has this application stall, but
04:44
maybe they have additional requirements. Maybe we can get rid of this end of life software and say, you what? There's new software out there that we can use that would better suit your needs. Ah, while also improving security for the infrastructure.
04:55
Uh, and then really addressing What's that process for purchasing new software
05:00
again in that bigger organization scenario? Do they have a bunch of people that just by software they could buy whatever they want? So maybe trying to wrangle that a little bit figuring out what we can dio uh, Teoh consolidate all of those new products.
05:15
AnAnd Legacy Software lets research Let's figure out why we still have it, what were using
05:20
and if we can add it to our next text. Retek re fresh on. If we can't, then let's figure out how to secure it. But, you know, maybe we can find a way we can add it to our next tech refresh
05:31
hardware.
05:32
Again, What do you have? There is plenty of times I've seen, you know, hardware sitting in racks that's not turned on and Santi commission and nobody's doing anything with it. Or maybe there's a server that's turned on, but it's not actually being used to. Maybe we can d comment eso Let's maybe consider some virtualization weaken virtualized desktops or our servers. Or maybe both,
05:53
um, that might help cut down on the amount of different types of hardware that we have
05:58
in reduced cost. You know, as we after we've integrated this project zero clients versus Towers Laptops. It's again with virtual izing desktops. They come with a lot less risk. Their zero clients. There's nothing on him. They're just used to access the virtual desktops. So you know, that could be a really great alternative where I'm not having to worry about patching.
06:16
You know, 1000
06:17
towers. I can just patch one image for beady eye are virtual desktop
06:24
and the cloud. It can be a great option. Um, I think that there's a lot to be said for looking at hybrid solutions. Maybe keeping some stuff on Prem and then keeping some stuff in the cloud may be having Diar hardware in case something maybe a cloud site goes down or something like that. You can. You can kind of use a hybrid solution
06:43
so you can add cloud to the mix to potentially save on costs as well as improved security. A song is your securing your deployments in the cloud?
06:53
So today we talked about two different scenarios to different businesses, where we might want to talk about product consolidation on and how to align our teams and improve vulnerability management practices.
07:03
How to effectively use software and applications on how to consolidate hardware and improve security overall in the organization.
07:14
And that's it for this lesson. I'll see you on the next one

Up Next

Executive Vulnerability Management

This course covers vulnerability management from an Executive Leadership level, and to help Executive Leadership understand the challenges of implementing a vulnerability management program, including implications if it is not set up properly.

Instructed By

Instructor Profile Image
Nikki Robinson
Cyber Engineer
Instructor