Successful cybersecurity programs are made up of three parts: people, process, and technology. Most organizations invest a great deal of resources to make sure they have the right people. Those people in turn create processes to accomplish the organization’s mission. The technology and tools that support the processes, and in turn the people, become more complex over time. Tools in particular have enabled businesses and teams to rapidly solve complex business problems but an overlooked side effect often troubles us all – rationalizing an ever-expanding suite of products. Thankfully, the answer to stemming the tide of products comes in the form of a tool’s rationalization. A tools rationalization assesses five key metrics—deployment, operationalization, maturity, gap analysis, and feature overlaps.

  • Deployed – The rationalization should assess how deployed tools are in the environment. Many organizations struggled to identify if the tools they own are actually deployed to all the endpoints in the enterprise. The tools rationalization helps to answer questions like: How deployed are the tools? What percentage of endpoints have an agent or are supported agelessly and when did they last check in with the management server?
  • Operationalized – Misconfigurations top the list of breach causing incidents. Tools are typically deployed with minimal configuration as initial professional services are focused on installation with minimal configuration. Are you getting what you paid for? Statistically, you are ONLY getting what you paid for.
  • Mature – Software manufacturers vary when it comes to the maturity of products when compared to peers in the industry. Often, product is installed to satisfy a single use case or a combination of use cases. Studies show that use cases change over time and more capabilities are added to software platforms. It is important to assess existing tools to identify if they are doing what they are supposed to be doing as well as understanding if new capabilities have been added over time.
  • Gap Analysis – Organizations can own multiple tools and still have gaps in coverage, especially when it comes to cybersecurity solutions. The MITRE ATT&CK framework is a great metric that helps identify if there is a gap in a cybersecurity program and should be used in any tool’s rationalization.
  • Feature Overlaps – With an ever-expanding list of tools, it becomes more likely that an organization has multiple tools that can accomplish the same task. Larger organizations are notorious for buying technology to satisfy specific use cases. The problem with this approach is they end up having several tools that do the same thing and were purchased to address specific problems.

A tools rationalization validates the approach an organization is taking by making sure that the technology they own is providing the right support to people and processes. Overwhelmingly, leadership wants to know—are the tools that they have invested in still needed, used, and doing what they are supposed to be doing? A tools rationalization is especially valuable in a climate where budgets are shrinking, OPEX is tight, and CAPEX requires ironclad business justification.

Request to discuss your Cybersecurity and Business Continuity needs today.

If your organization is looking for guidance in ensuring cybersecurity and business continuity, as well as the productivity, wellness and safety of your employees as the situation around COVID-19 continues to evolve, please fill out the form and one of our team members will respond immediately to your request.



Creating a strategy for managing risk and compliance while helping to filter the myriad of cybersecurity technologies

Modern Infrastructure

Empowering your enterprise to its greatest potential through an efficient and secure IT infrastructure

Digital Workplace

Enhancing enterprises with Application and Desktop Virtualization, Device Management, Identity and Security Compliance, and Communications and Collaboration.

Cloud Enablement

Accelerating IT service delivery through the adoption of agile methodologies using systems-oriented approach

Microsoft Expertise

Helping set goals and establishing benchmarks with the successful deployment of Microsoft solutions

Enterprise Managed Services

Best IT practices with design, configuration, implementation, licensing and environmental services

Markets and Market Support Vehicles


Professional services and renowned expertise aligned with the trends and challenges facing a variety of industries


Addressing IT challenges faced by healthcare organizations through trusted services, solutions and relationships

Public Sector

Helping organizations manage costs and high availability while increasing security, compliance and efficiency

Group Purchasing

Industry-leading IT consulting services and technology solutions through a streamlined contracting process

Resource Library


e360 in-person and online events

Solutions Literature

Access content on e360 services


Read about trending technology

Press Releases

Get official updates about e360

News Stories

Read about industry and e360 news


e360 webinar and podcast content

About e360

Who We Are

Our mission, vision, leadership and team


e360 awards and recognition


e360's commitment to privacy


e360's commitment to privacy


e360 career opportunities

Connect With e360

e360 locations and contact resources