cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
dcontesti
Community Champion

Microsoft's E5 Licensing Strategy

Interesting article regarding Microsoft's E5 Licencing.  This article highlights some of the pitfalls of not including Security in discussions on purchasing tools.

 

https://www.linkedin.com/pulse/microsofts-e5-licensing-strategy-trojan-horse-teams-jt-mcfarlin-norbc...

 

Thoughts?

 

d

 

 

3 Replies
Early_Adopter
Community Champion

No one like being strong armed financially onto a tool. There are some good points in the article, but Microsoft’s evolving livening story is worth a thesis in of itself.

For me the bottom line is when you don’t have good alternatives they’ll Jack the price up.
JoePete
Advocate I

Some of the caution not only makes sense but applies to Microsoft historically, not just under E5 licensing. One of the issues with the Microsoft ecosystem is not that it is too hard or impossible to do things the right way; it's just that it is much easier to do things the wrong way. The author's point about separation of duties for example -  how often do we find an email administrator is some assistant/secretary in a business unit.

 

But I'm not sure the author offers a full solution. Suggesting that companies need to incorporate the "security team" in decision making, assumes you have such a team and they carry enough weight to undo the proposal with originated with a member of senior management of even the board. It's not a matter of getting the "security people" in the room. It's a matter of getting the people in the room to think of these things as part of the process. These are not complex concepts (separation of duties, compatibility, scalability, training). Security isn't being integrated into decision making because it is not being integrated into culture and leadership of companies. That's not happening because it isn't showing up in education. Someone can go from kindergarten through business school without ever being taught good computing habits. So when they get into decision making roles, they go with what they know or their gut - and that's usually some Microsoft solution that has a lot of gaps at the operational level - do you even have the right people and jobs to run this ecosystem?

dcontesti
Community Champion

@JoePete OM  you must have worked for my last supervisor.  He was always coming up with innovative ways of NOT hiring skilled people and yes he did get some of the admin staff to take one things like Account Admin.....I wonder why I left LOL

 

As to M$, I agree it is so easy to implement wrong or pray that there are not bugs in it when they deploy....

 

JoePete wrote:

 

But I'm not sure the author offers a full solution. Suggesting that companies need to incorporate the "security team" in decision making, assumes you have such a team and they carry enough weight to undo the proposal with originated with a member of senior management of even the board. It's not a matter of getting the "security people" in the room. It's a matter of getting the people in the room to think of these things as part of the process.

 

So very true.