EMA: Customers Plan To Use More Managed Security Services
Businesses that have adopted managed security services are poised to boost their spending on those services over the next 12 months. That’s the gist of recent research from Enterprise Management Associates. Here are the details.
EMA reports that four times as many organizations expect to expand their use of managed security services over the next year than those planning to decrease their use. In addition, nearly 60 percent of organizations using SaaS-based security products anticipate growing that aspect of their data protection plan.
In the past, IT security has proven “a very sensitive area” when it comes to outsourcing, noted Scott Crawford, research director, Enterprise Management Associates. Crawford, who discussed the findings in a recent conference call, noted, however, that customer perceptions are changing.
Why? Organizations need to do more with less. That seems like a pat explanation for a lot of things these days, but business managers face a growing list of threats with a limited pool of human resources. Smaller businesses have long been identified as lacking in-house IT security expertise. And larger concerns have resource constraints of their own, according to Crawford.
“It may surprise some to know just how small the security management team is for some of the world’s largest organizations,” Crawford said.
The consulting firm’s research points to improving prospects for managed security services providers and SaaS security vendors. It also runs counter to Ovum research that reported a reduction in security outsourcing.
Ovum’s research, released in May 2010, seems to demonstrate that the traditional reluctance to outsource IT security remains an issue. Crawford said push back to managed security services stems from a couple of issues. The top concern, he said, surrounds data security and privacy — what will providers do with sensitive information?
Another key concern: outsourcing may increase or not reduce security management costs. Crawford said that sticking point translates into customer disappointment with the managed security value proposition. He said an organization may not always understand the total cost of what it seeks to outsource and, therefore, can’t really gauge the impact of offloading IT security chores.
It’s up to the MSP to explain the benefits of IT security outsourcing to customers. Business that have outsourced some security services may be willing to part with more, but service providers need to spell out what the customer stands to gain. Working with the customer to establish baseline costs for in-house IT security is probably a good place to start.
“I think helping prospective customers understand the total cost of their current approach does indeed make for a great baseline that can be used to measure the value of the service – if the service can be depended on to show a win that way,” Crawford said. “Not only would that help the customer better understand the gain, it could also be a great pre-sales tool.”
Crawford said far too many service providers employ a public utility analogy. But MSPs that provide greater insight into the services they provide — rather than just flipping a switch — help customers and, ultimately, themselves.
“Bottom line, I think [service providers] would do themselves a tremendous service by helping customers truly understand the impact as well as the value of the services transition,” Crawford said. “Being more up front about the value can
help foster customer loyalty — if the value is really there.”