Why Use a Managed Security Service?
Over the past few years, the number of data breaches reported has grown substantially. Your CEO has been paying attention and – suddenly – your IT department has a budget for security and compliance for 2017.
You remember taking a course on cybersecurity in 2003, but other than that, you’re not sure you have the chops to take on a full security management program.
You remember a friend at another company mentioned that they use a Managed Security Service Provider (MSSP) for their compliance initiatives.
MSSPs provide security management services to customers of all sizes (similar to your MSP).
But before you run off and find a new service provider, ask yourself the following questions.
What is your driver for considering an MSSP?
When you start looking for an MSSP, you need to be clear about what you want from the engagement.
Are you looking to achieve PCI compliance? Or do you just want to make sure that your network/environment is protected?
Different MSSPs provide different services.
If it’s compliance you’re after, you’ll want to look for MSSPs with a QSA (Qualified Security Assessor) on staff.
If it’s threat detection and security management, it’s important to understand the abilities and limitations of their security analysts.
Do you already have some security tools in place?
Hopefully you’re already covering the basics and have a firewall and antivirus in place. (If not, stop what you’re doing and go buy those now!!)
But beyond those tools, what else are you doing in terms of security?
Do you have a vulnerability scanner? Are you monitoring for network intrusions?
If you already have those in place, who is managing those tools?
Do you need an MSSP to take that over or are you looking to do something beyond what you currently have in place?
Each MSSP has their specialty but many of them are willing to work with you to define a package that will work best for your business.
How much budget do you have available?
Every MSSPs has a plethora of services that they provide with different levels of engagement.
Understand what budget you have available for the year and what types of offerings they provide.
In many cases, a basic package would consist of security monitoring, managed firewall, etc.
But if you also need someone to investigate and respond to an incident, that will cost extra.
Do you have someone on your own staff with the skills needed to make up the gaps of your MSSP service?
What areas of security are you comfortable with managing and where do you need help?
Similar to the question about budget, you need to evaluate what skills you have on your own team and how much time those employees have to dedicate to your security goals.
If your IT team has someone with experience in security and has the time to monitor the security tools you have in place, then you may only need an MSSP to fill the gap of responding to an alert.
What does your network architecture look like? What type of environment do you need help monitoring?
Is most of your environment in the cloud? Is it on-prem or in a data center?
Depending on what you want to monitor (maybe you only care about your HQ in Dallas or your PCI environment), you’ll need to look for MSSPs who can provide those services.
If you’re already using an MSP service to host some of your critical servers, you may be able to ask them if they provide additional security services.
At the end of the day, the pros and cons of hiring an MSSP are completely dependent on the needs of your business and the resources you have available.
There’s still no silver bullet for managing security.
If you believe managed service is the right option for you, the best course of action is to consult your peers about what is (and isn’t) working for them before beginning the procurement process.
It will always be difficult to assess security tools in a vacuum, but by speaking to experts with firsthand experience using specific solutions, narrowing down the list of products and features that are essential for your business becomes a much more manageable endeavor.
Lauren Barraco is product manager at AlienVault.