Buying products with the most bells and whistles

Don’t buy based on features you’ll never use, focus on the core problem that you’re trying to fix . . .

The market for information-security products is huge today, with vendors competing hard for your IT dollars. The problem is that amid all the hype and all the competing products, customers frequently lose sight of the real goal: managing risk and protecting data.

I participate in company briefings and product demonstrations all the time, and I see the focus shifting from core functionality to the sexy bells and whistles. I like colorful graphs and geeked-out features as much as the next person, but the core functionality should be the top priority in any product selection.

To continue reading, register here and become an Insider. You'll get free access to premium content from CIO, Computerworld, CSO, InfoWorld, and Network World. See more Insider content or sign in.

Click to see:

The market for information-security products is huge today, with vendors competing hard for your IT dollars. The problem is that amid all the hype and all the competing products, customers frequently lose sight of the real goal: managing risk and protecting data.

I participate in company briefings and product demonstrations all the time, and I see the focus shifting from core functionality to the sexy bells and whistles. I like colorful graphs and geeked-out features as much as the next person, but the core functionality should be the top priority in any product selection.

Frequently, I see companies select products based strictly on user interface, reporting and promises of future functionality. Of course, none of this matters if you are purchasing a product that does not fit in your environment or doesn’t function as promised. Reports are critical for most security-related products, but a product with pretty reports and useless data is useless.

Just another pretty face

For example, I spoke with executives at a company that had recently purchased a security configuration-management tool and was complaining that it wasn’t working for them. The tool wasn’t providing the information and functionality they really needed to accomplish the job.

I asked how they arrived at their purchase decision and found they went with the best-looking dashboard, even though they never use this component of the product. They have daily reports e-mailed to them, ready for review first thing in the morning.

In the end, they purchased a product with the best-looking dashboard and excellent-looking reports, but functionality that did not work in their company, because it did not support the method they needed to use to communicate with all their servers. It also could not create all the reports they were looking for.