Try our new research platform with insights from 80,000+ expert users
2021-08-12T03:37:00Z

Tips for Selecting a New ITSM Tool

Shibu Babuchandran - PeerSpot reviewer
  • 31
Published:Aug 12, 2021
Search for a product comparison in Enterprise Asset Management (EAM)
PeerSpot user
0
PeerSpot user
Find out what your peers are saying about IBM, IFS, Infor and others in Enterprise Asset Management (EAM). Updated: October 2024.
815,791 professionals have used our research since 2012.
Related Questions
NP
Sep 13, 2023
Sep 13, 2023
Hello peers, I am a General Manager at a large healthcare company. I am researching EAM tools. There are several tools in the market but there aren't any really good ones for importing data. Which EAM tool are you using? What are the pros and cons of that tool? Thank you.
See 1 answer
it_user2268669 - PeerSpot reviewer
Sep 13, 2023
Here are some of the EAM tools people use and their pros and cons: IBM Maximo is a comprehensive EAM solution for managing assets, maintenance, and operations. It may be a good choice for large organizations with complex assets. Pros: Wide range of features Scalable and flexible Strong integration with other IBM products Cons: Can be complex to implement and manage Some say it is expensive SAP EAM is cloud-based and can be used to manage assets, operations, and maintenance. It may be suitable for organizations that want a scalable and flexible solution. Pros: Has comprehensive reporting capabilities that can help you track and analyze your assets Scalable and flexible Strong integration with other SAP products Cons: It is reported that the cost of SAP EAM can be high Not as many features as some other EAM solutions Oracle Asset Management is a comprehensive asset management solution that helps organizations manage their assets across their lifecycle, from procurement to disposal. It provides a single view of assets, their condition, and their performance and allows organizations to optimize their asset utilization, reduce costs, and improve compliance. Pros: Comprehensive and customizable EAM solution Supports a variety of data import formats Robust reporting capabilities Cons: Some find it expensive Can be complex and requires significant resources to implement and maintain If you are looking for an easy-to-use EAM tool with a built-in data import wizard, then SAP EAM or IBM Maximo may be a good choice. If you are looking for an EAM tool that supports various data import formats and allows you to customize the data import process, then Oracle Asset Management may be a good choice.
EB
Jun 21, 2023
Jun 21, 2023
@Shibu Babuchandran ​and others' answers are awesome! I just wanted to add this relevant short video that simplifies the cost of bringing the SOC in house compared with SOC-as-a-Service. https://www.netsurion.com/vide...
2 out of 14 answers
Shibu Babuchandran - PeerSpot reviewer
Oct 31, 2021
Hello, Below there are views on the pros and cons of Internal SOC and SOC-as-a-Service. Pros and cons of outsourced SOC: Outsourcing pros Trained personnel. The MSSP has experienced personnel immediately available, saving the organization the time and expense of hiring and training the dedicated people needed to do the analysis. Infrastructure. The MSSP also already has the facilities and tools required to do the job, saving more time and the upfront expense of building out an internal SOC. Continuous threat monitoring. MSSPs should provide SIEM capabilities that filter false alerts so forensics are only conducted on legitimate threats. This type of proactive, continuous threat hunting and monitoring may be difficult for a company's cybersecurity team to conduct on its own. Intelligent analysis. Outsourcing cybersecurity operations can provide security analysis capabilities while an organization builds its own in-house SOC. Outsourcing cons How much analysis is the MSSP going to provide? Outsourcing the cybersecurity operations function does not usually provide features such as multi-tier analysis of alerts or an incident response service. Instead, many outsourced cybersecurity operations only provide the equivalent of a Level 1 cybersecurity operations analysis. What happens to alerts that the MSSP cannot clear? The MSSP may only be able to analyze a subset of alert logs generated by an organization. Alerts from applications like databases and web applications may be outside of its area of expertise. If the MSSP is also a tools or hardware vendor, it may only be able to analyze logs from its own products. Who is going to provide a detailed analysis of potential threats? An organization still needs some internal analysis capabilities to deal with the smaller number of alerts that cannot be easily cleared by the MSSP and thus returned to the client. Does the MSSP provide compliance management? The SOC must operate in compliance with regulations and standards that the company must conform with. The MSSP should provide templates for required and recommended compliance processes and consider regulatory standards when developing vulnerability assessments for the company. For some organizations, complete and permanent outsourcing of cybersecurity operations is a desirable option. This is a reasonable approach for governmental organizations, in particular, where obtaining, training and managing people and facilities, as well as predicting cost-effectiveness, are preferably handled under a services contract rather than in-house. Governmental organizations may also have significant compliance obligations regarding cybersecurity where it may be convenient to transfer regulatory mandates to a contractor. In-house cybersecurity operations center Building an in-house cybersecurity operations center provides the greatest degree of control over cybersecurity operations and the best opportunity to get exactly the services that an organization needs. Building an in-house cybersecurity operations center can also provide the foundation for building future comprehensive cybersecurity services, including vulnerability management, incident response services, external and internal threat management services, and threat hunting. Compared to outsourcing the cybersecurity operations function, building in-house capability has the following pros and cons. Pros and cons of internal SOC In-house pros Tailors the operation to meet demands. Design the security operations and monitoring capabilities that best meet the organization's requirements. Tracks capabilities that are stored on-site. Storing event log data internally lessens the risks that come with the external data transfer required to report security incidents. Improves communication. Breach transparency and coordinating incident response are typically much easier and faster when the processes are conducted in-house. Builds a unified security strategy. An in-house cybersecurity operations center can be the foundation for comprehensive security, threat and incident response capability. In-house cons Planning and implementation. The time required to get an in-house cybersecurity operations center up and running can easily be a year and is likely longer. CISOs and other security personnel will face a significant time investment in planning and implementing the SOC. Costs. Establishing an in-house SOC requires a significant budget, with upfront IT and personnel investment. Finding appropriate personnel. Hiring people who have the right skills, training and experience or developing and training existing in-house staff can be time-consuming and expensive. Acquiring multiple security technologies. Continuous threat detection and compliance monitoring across several departments likely will require purchasing several AI-driven security tools. This may be out of reach for security departments budget-wise, especially in smaller organizations. As with many cybersecurity decisions, the right approach for many organizations is to find the correct balance between managing the cybersecurity operations function in-house and outsourcing it to an MSSP. One reasonable option -- particularly for companies that intend to build an internal cybersecurity operations function -- is to take advantage of the speed that outsourcing provides while the organization builds its own cybersecurity operations. Outsourcing can provide at least some of the cybersecurity services needed today, and the organization can take advantage of the trained, experienced staff that an MSSP has at its disposal while building the services that it wants to provide on its own. When Should you Consider SOC as a service? There are many reasons why your business could benefit from a SOC as a service company: Having your own SOC is expensive: If you’re a small business owner, keeping your SOC in-house may be too expensive, as it can cost a lot to hire security specialists. Not only this, but you’ll also have to increase your office space to cater to them, which can take even more of a toll on your budget. Most SOC as a service companies offer 24/7 monitoring: Having an in-house SOC will only benefit you so much, as you can’t have your security specialists monitoring your systems for 24 hours a day (unless you pay them a lot to do so). Most SOC as a service companies offer 24/7 monitoring to their clients, so you’ll always be protected from cyber threats. They offer state-of-the-art protection: SOC as service companies offer the most up-to-date cybersecurity protection, and it’s likely that you will have a higher level of security if you outsource your SOC. It’s a lot easier for hackers to get into your systems if they are self-contained, and you are a lot more at risk if you decide to keep your security in the office. The security engineers are highly skilled: You could hire some security specialists in-house, but the likelihood is that they aren’t as highly skilled as those in SOC as a service companies, who deal with current threats on a daily basis. By going through SOC as a service companies, you can get access to these specialists, without paying the premium costs that you’d have to fork out if you were going to hire them directly. It offers you a good balance of human and tech support: Not only do SOC as a service companies offer the best technology that you can get when it comes to detecting issues, but they also have skilled people on hand to identify any potential issues, too. These companies offer a good balance between the two types of cybersecurity protection, for any type of business. They offer training to your members of staff: These SOC as service companies also can take the time to educate your staff members, so that they can identify any issues, and react appropriately. This means that you’ll have people on hand who can notice problems immediately. Peace of mind: When you outsource to a SOC as a service company, you can rest easy knowing that your cybersecurity is being looked after by expert analysts who know exactly what they’re doing. Having in-house cybersecurity has the tendency to be more unreliable, and it’s difficult to know that you’re hiring the right people for your business's needs. Regular reports: Some of these companies will send you regular reports on the status of your services (even hourly reports, in some cases) so that you are always up-to-date with the status of your cybersecurity. Flexibility: Some SOC as a service companies offer full support to your business and its cybersecurity needs, whereas others take a bit more of a backseat when it comes to your SOC. You can choose the level of support that you require, and tailor your SOC as a service plan to your budget, and your needs as a company. A SOC is something that could secure any organization and provide immense value, whether you decide to manage your cybersecurity in-house, or with an external SOC as a service company. However, SOC as a service companies offer an array of extra benefits for the business owner… if you partner with the right company.
AO
Nov 1, 2021
If you would like to operationalize the cost of running an SOC, you may go for SOC as a Service. It is also save to assume that the Cloud Service Provider of SOC as a service has specialized skills that you ordinarily would not have. The SOC as a service operator is able to have these specialized skill because they serve several customers and so the are able to distribute the cost of ownership across all customers. Understand that you would cede some level of governance to the SOC-as-a-service operator. For example assessment or audit, you may have to rely on third party assessment or audit report.
Download Free Report
Download our free Enterprise Asset Management (EAM) Report and find out what your peers are saying about IBM, IFS, Infor, and more! Updated: October 2024.
DOWNLOAD NOW
815,791 professionals have used our research since 2012.