The phrase “You can’t have your cake and eat it too” is an English proverb that’s been a popular saying in one form or another for almost 500 years. It means “You cannot keep your cake, if you want to eat your cake” – in other words, once you have eaten your cake, it is gone. This same concept applies to organisations who want to balance opposing, but related quantitative variables. You cannot keep your costs low (having the cake) if you make investments (eat the cake) to increase productivity and IT security. The below diagram helps illustrate this concept.
The image shows the balancing act a business may be forced to deal with when considering the productivity, security and costs associated with an end user computing strategy. To put it simply – you have three options, but you can only pick two:
These statements round out a general truth in the traditional IT world. Multiple disjointed technologies were used to secure and manage environments across device management, firewalls, antivirus and malware protection, group policy, identity management, 802.1x etc.
Productivity was disparate with different collaboration tools, file shares, local drives, servers, cloud storage, VPN’s, productivity applications, etc. And of course, all these technologies came with their independent associated costs, renewal fees, support costs and what’s worse – most of them did not talk to each other. For example, the tailored identity management system was not aware of the device health status the identity was being used on.
The resulting complexity became the enemy of security, interrupted productivity, and cost a fortune. To give you an indication of the complexity, 78% of today’s IT teams use over 50 different point products to keep their environments secure. 37% tap into 100 or more tools.1 This patchwork approach to security is expensive, so there tended to be an ethos of “sweating the assets” and milking them for all they were worth. This led to systems hanging around past their used-by date and becoming a burden on agility, progress and ironically security itself. Simplicity is the ultimate sophistication when it comes to cybersecurity.
If we look at a hypothetical example with all three variables under consideration with a bias towards productivity, the balance of the radar chart might look something like this.
While many of us enjoy fixed costs in our daily lives with Netflix subscriptions, motor vehicle lease costs, internet, rent and loan repayments, organisations also like fixed costs because they guarantee a finite expenditure for a given outcome. Cloud adoption is popular because the upfront fixed monthly cost of a service is known. IT projects that are fixed price are more favourable than projects delivered as time and materials. Agreements with known quantities of purchase and sales are easier to negotiate. Known fixed costs allow for better budget forecasting, better transparency, more accountability, and overall better management.
Also, once the cost is known (and fixed), it is no longer a “quantitative variable”, but becomes a “quantitative constant”.
And that is what Microsoft 365 E5 licensing enables for an organisation. It allows the jumbled mess of disparate security, management, and productivity systems to consolidate into a single cohesive solution for a fixed per-user monthly price. In other words… have your cake and eat it too!
Why am I talking about M365 E5 and not E3? The reason is because E5 is where all the security is, and security is what we need to flesh out that “Risk Mitigation” corner of the triangle. We all know about Office 365 and the productivity apps that are included (Teams, SharePoint, Exchange, OneDrive for Business, PowerBI, Stream, Sway, Yammer, the list goes on…) but security is what makes that productivity possible, in an environment that can be trusted.
With an E5 license you have access to the following:
The list above is just the icing on the cake, Microsoft 365 E5 is a layered trifle of security and productivity benefits. I have not even touched on the insights and telemetry you can see in the back end when these products connect and talk to each other. In under 60 seconds you can connect Cloud App Security to Office 365 and Azure Active Directory to start getting a bigger picture of what is going on. The wealth of insights you can achieve by connecting the products is incredible. I could keep going – but this blog post needs to wrap up.
My point is when you control the cost, and if you control the cost using Microsoft 365 E5, that radar chart starts to look a lot more like this:
Your three quantitative variables become a quantitative constant (the cost) and two variables (risk and productivity). And the two variables are up to you on how much you implement and deploy. You can consolidate your multiple product sets into a cohesive integrated solution. You reduce costs, administrative effort, boost security, enhance productivity, and get a better return on investment.
Take a moment to reflect on your own organisation’s IT setup and how you balance the variables of cost, productivity and security. Are you making things complicated (and expensive) for yourself by having disjointed products doing different things? Could you consolidate down to a single, simpler licensing model and still get the same capability? You might find you actually get more capability. Or could you get 90% of the capability with far less costs – and if so, is the missing 10% really that critical?
It’s worth thinking about. Or reach out to myself or your Data#3 account manager and we’ll be happy to talk about balancing your businesses variables, so you can have the cake and eat it too.
Tags: Cybersecurity, Device Management, Microsoft, Microsoft 365, Microsoft Azure, Microsoft Azure Active Directory, Productivity, Risk Mitigation