Secure your small business:
Apps → Data →

How Many Vendors Are Represented In Your Environments?

Too many suppliers or vendors can mean high costs, poor maintainability, and poor usability—generally the opposite of what was intended.

Our Critical Services team routinely encounters environments populated by multiple products from multiple vendors and multiple VARs or suppliers. In some cases, we encounter networks built with equipment from a large number of major equipment brands, or software stacks in which each piece is supplied by a different reseller.

Most of the time, we encourage these customers to radically simplify their environment and procurement—moving to a smaller number of solutions or vendors, and a smaller number of suppliers. Here’s why.

Environment Robustness and Security

Networks and environments combining hardware and software from a large number of vendors are often fragile, difficult to maintain, and difficult to secure. There are a number of reasons for this:

Unnecessary complexity is an enemy to efficiency, interoperability, and security.© Alain Lacroix / Dreamstime
  • Multiplied work and required knowledge. Each additional vendor solution tends to add its own configuration, update, and specialized knowledge needs, and its own best practices. Multiple solutions often means multiplied work, training, and learning requirements.

  • Poor interoperability. Yes, solutions may have APIs and other hooks, ports, connectors, or modules designed to enable cross-vendor interoperability, but each integration introduces more work and more fragility. As vendors multiply, monitoring, maintaining, and troubleshooting integrations can quickly overwhelm everything else.

  • Attack surface complexity. Each new solution or integration further complicates your attack surface, adding points of vulnerability to understand, to attend, to secure, and too often, to forget or inadvertently neglect.

  • Operational and forensic complexity. As or after incidents happen, complex multi-vendor, multi-solution environments make it difficult to understand and follow the flow of events or the nature of the attack.

Cost

Though in many cases customers have in part ended up in multi-vendor or multi-solution patchwork environments because of repeated decisions made based on cost, complex, multi-vendor environments are often far more costly in the end.

How many senior specialists can you afford to hire—or train? How does that compare to the number of vendors in your stack?© Ammentorp / Dreamstime
  • Training and personnel costs. As vendors and solutions pile up, so do both training and personnel costs. At the end of the day, skilled labor is needed to configure, maintain, operate, and secure each solution.

  • Interoperability costs. Integration between disparate solutions often incurs costs for API access, purpose-built integration modules or components, bespoke development or configuration work, and other similar needs.

  • Duplication, unneeded options, and other suboptimal spending. When there are multiple vendors and multiple solutions involved, it’s common that nobody fully understands the entire environment or its requirements. Purchase duplication, unneeded options or capabilities, and other suboptimal spending are the result.

  • Competing interests. When there are multiple resellers or distributors involved in supplying solutions, each provider is looking to maximize their own revenue and position—not necessarily to ensure that the customer’s needs are most efficiently met overall.

Poor Operability and Agility

Even under the best of circumstances, highly fragmented environments are difficult to maintain and use, for several reasons.

  • Many panes of glass or many different UIs. Multiple vendors often means many panes of glass, many different device or hardware UIs or workflows, and other instances of workflow fragmentation that forces staff to constantly context-switch through their workday.

  • Resistance to change. Excess complexity often leads to a kind of unintended inertia—because the environment is difficult to maintain, difficult to understand, and involves multiple stakeholders or types of expertise, a resistance to needed environment changes and general lack of agility are often the result. This can in turn mean lapses or gaps in maintenance or security that play into the other problems mentioned above.

Few Suppliers, Limited Vendors, Optimal Solutions

At Plurilock we generally recommend that customers minimize the number of suppliers or solution providers they use, and boil down their solution set to the smallest number of vendors and discrete solutions that make sense for the needs at hand.

In most cases, with fewer vendors and fewer solution providers in your stable, you’ll feel more satisfied with each of them—because they’re more likely to understand your environment and are putting your needs first.© Daniil Peshkov / Dreamstime
  • Fewer suppliers means your needs come first. When a small handful of suppliers or a single supplier serves a customer, the customer’s needs tend to come first—rather than maximize the value of a particular sale or contract, retention and customer satisfaction come first.

  • Limited vendors means solutions work as designed. Rather than trying to mix and match vendors and solutions through integrations and cobbled-together workflows, sticking to a limited number of vendors means systems and workflows that have been designed, optimized, and tested holistically.

  • Limited paperwork means better agility. Reducing the number of providers involved in an environment often means reducing delays and blockers around procurement decisions, paperwork, and signatures.

  • Benefits tend to follow. By limiting the number of suppliers and vendors in an environment rather than “shopping around” for each need or component, the result is often reduced long-term cost, increased effectiveness and productivity, and better security and maintainability.

Trust Plurilock and Plurilock Critical Services

Because Plurilock is a complete solution and service provider carrying, supporting, and engineering product lines from across the entire IT industry, we’re able to help our customers to rethink their environments optimally.

We strive to help them to arrive at minimum number of needed vendors and solutions, with the highest levels of simplicity and operability, and we’re able to act as a single provider of hardware, software, associated professional services, and training.

We encourage others to follow this model. So ask yourself—how many vendors are represented in your environments, and what is this level of complexity costing your organization? ■

Subscribe to the newsletter for Plurilock and cybersecurity news, articles, and updates.

You're on the list! Keep an eye out for news from Plurilock.