Vendor Management

Top Answer:

Top Answer: Depends on what it is!

Top Answer: I want to understand your how your product / service works techncialy, what is your company strategy and most importantly skip the marketing terms/hot topics. At the end of the day I want to know if you are a fit within my technology roadmap and how specifically that can work.

Top Answer: Without a doubt - Technical Debt! It's a ball and chain that creates an ever increasing drag on any organization, stifles innovation, and prevents transformation.

Top Answer: See https://www.channele2e.com/channel-partners/csps/cloud-market-share-2020-amazon-aws-microsoft-azure-google-ibm/

Are IT leaders turning to SaaS Management Platforms to track SaaS usage and spend across the organization?

Top Answer:

Top Answer: Switches have been affected a lot by supply chain issues. I am currently seeing 6-12 months wait times on some vendors. A whole series is not available, and sometimes you need to move to a more expensive model to get something sooner. Some firewall models have been affected as well for us. I manage this by working with multiple vendors (always have preferred and backup vendors) and keeping open communication about what we need with the vendor reps. We have equipment that we regularly order every few weeks, so we keep communication open with the vendor reps/account managers. Often they provide us with a heads up about local quantities available, what models are low and will likely have issues with stock in the near future. Be ready to be flexible. For example, when I am building new storage or HCI solution, I don't ask for Vendor A only on the switching side but ask about what is the ETA of each switch vendor and then adjust the design/specs accordingly to what is available. Sometimes buying from a different location (country) gets the equipment faster, so if you do have offices in multiple countries, check local availability as well. Add extra planning time. I try to add additional six months to my standard planning/order time. We have multiple stocking locations spread across the continent, so we often order a lot of inventory and stock it to have what we need.

Top Answer: There is no right answer here; well, the right answer is  "it depends" :) From a security standpoint, it's best to have multiple vendors and multiple firewalls in this case. If there is a zero-day vulnerability in a firewall from Vendor 1, then the Firewall from Vendor 2 will likely not be affected. Now, having multi-vendor firewalls is more challenging from support and employee training. It is easier to get your team trained on supporting one firewall vendor and keeping up with all new features than training on multiple firewall products. I have been on both ends of the fence, and it's way easier from a management/organizational side to deal with one vendor/product, but it doesn't mean it's the best approach.  Cost is likely increased in multiple vendor strategies. Let's say you need to buy 1000 firewalls. If you buy them from one vendor, your purchasing power is higher, so you can negotiate better pricing vs buying 250 firewalls from 4 different vendors. In the case above, if you need to purchase firewall management software to manage all the policies remotely, firmware updates etc., very likely, having one management product to manage 1000 firewalls will be cheaper than four different vendor management products.  If you are an MSP, then it makes sense to have a multi-vendor strategy to offer an entry-level firewall, mid-range firewall, and enterprise-level depending on the client. They can all be from different vendors, and the differentiator here is the price, support, features etc. Again, it's hard to tell what is better without knowing much about your use case and environment. 

Connecting your ERP to global banks can be a headache. This Pulse survey of 100 IT leaders sheds light on how technology can simplify the process.

Top Answer: Sometimes companies have a third-party assessment organization that is responsible for managing its vendor relationships. Somewhere along the way, there could be a finding against that third party for their own failures. And there would likely be a contract penalty or clause that needs to be exercised in order to put them back in good graces. I'm not very knowledgeable about how those third-party assessment programs work. There are a lot of challenges with third parties because, how do you trust, but verify what a third party says to you about the security of their environment and the processes that they use? They can tell you that they patch, monitor and respond but there's a point where you can't verify that without being onsite, or on their network. 

How many SaaS vendors meet their customers' security and compliance requirements today? 100 CIOs share their experience.

Top Answer: Plenty of coffee dates. :) But on a more serious note you as a CISO need to know what you need and vendors need to have patience and understanding that not all technologies are relevant or needed for a particular organization. Pitching all the products your company offers doesn't make a lot of sense most of the time because there might be overlapping technologies in use and worst case scenario you end up looking desperate as a vendor if you pitch too many things. 

Top Answer: Teams recently went 3x3 (vs 7x7) which helped tremendously. Microsoft has announced 40+ in the future. Teams was already an alternative to Zoom as it was essentially 'free' with our O365 subscription.

Top Answer: We mostly depend on recommendations as well as some testing by our team members here. Even if it's a question of which ISP to go ahead with, we’ll have communication with 2 to 3 different providers. We make sure that our developers actually test a few of those services before we go ahead with one of them. 

Top Answer: No plan to migrate soon.

Top Answer: