Selecting a Managed Security Services Provider
Look for a provider that can deliver an end-to-end view across the network.
Not long ago
- By Rob Aragao
- May 01, 2007
, an IT security professional's worst nightmare was that some bored 16-year-old might try to break into the company's systems. Today, the world is significantly more complicated, thanks to both the rise of hacking for profit and the increase in complex regulatory mandates that further stress IT infrastructures.
Every IT organization faces the challenge of how to best implement a security program that protects critical information assets from potentially devastating breaches while delivering the tools that business units need to address risk- and compliance-management requirements. Many companies are turning to managed security services providers (MSSPs) to help them strike the right balance in managing IT risk. Following are three important criteria to consider when evaluating an MSSP:
1. Broad technical knowledge and ability to collaborate.
It's no longer enough to just protect the perimeter. Mitigating IT risk requires that an MSSP have high-level technical expertise. A few years ago, a network outage typically indicated that there was probably something physically wrong with the network. Today, such outages can be caused by viruses, worms or other security problems, as well as possible hardware failures. So it's critical that your MSSP be able to quickly diagnose both traditional IT issues and security problems. Also, developing an effective risk-management program requires the MSSP to work closely with your internal IT organization, so it's best to choose a provider committed to such collaboration.
2. Business understanding and ability to develop anti-threat procedures.
As potential threats increase, your infrastructure's security strategy must evolve as well. Your MSSP should understand your business requirements and adequately monitor, analyze and respond to all security-related incidents and still ensure compliance with service level agreements. In addition, as new requirements evolve in the face of competition and government regulations, your MSSP must be able to expand beyond traditional IT security issues to meet the business' areas of concern. An effective IT risk-management program can minimize financial risk by taking proactive action to:
- Maximize operational integrity (by reducing potential IT inefficiencies such as unavailable or poorly performing systems).
- Ensure regulatory compliance (by implementing IT programs that comply with numerous government and industry mandates).
- Preserve brand integrity (by showing that sensitive or confidential IT assets are protected from security breaches).
- Support legal action (by retaining IT security data and being able to provide audits on demand).
3. Ability to combine, correlate and analyze IT data.
In today's fast-changing environment, it's imperative that you have a useful, holistic picture of IT-related business risk. So look for an MSSP that can leverage all the data at its disposal rather than just cobbling together point solutions that only solve part of the problem.
Progressive MSSPs typically use consolidated data models that provide a wealth of critical information, including system-configuration and asset-state snapshots and performance, vulnerability and threat data. Ultimately, your MSSP should be able to unify and correlate data from disparate IT silos across the application, network and server layers to present a single end-to-end view of your risk-, security- and compliance-management status. That view will, in turn, help you improve efficiency, reduce downtime, cut total cost of ownership and increase accountability, among other benefits.
Rob Aragao is director of systems engineering and services for eIQNetworks Inc. (www.eiqnetworks.com), an Acton, Mass.-based provider of security information management solutions.