Do You Need an MSSP?
During the past few years, the number of data breaches reported has grown substantially. Your CEO has been paying attention and–suddenly–your IT department has a budget for security and compliance.
You remember taking a course on cybersecurity in 2003, but, other than that, you’re not sure you have the chops to take on a full security management program.
You remember a friend at another company mentioned that they use a Managed Security Service Provider (MSSP) for their compliance initiatives. MSSPs provide security management services to customers of all sizes (similar to your MSP). But before you run off and find a new service provider, ask yourself the following questions.
What is your driver for considering an MSSP?
When you start looking for an MSSP, you need to be clear about what you want from the engagement.
Are you looking to achieve PCI compliance? Or do you just want to make sure that your network/environment is protected?
Different MSSPs provide different services. For example, if it’s compliance you’re after, you’ll want to look for MSSPs with a QSA (Qualified Security Assessor) on staff; if it’s threat detection and security management, it’s important to understand the abilities and limitations of the MSSP’s security analysts.
Do you already have some security tools in place?
Hopefully, you’re already covering the basics and have a firewall and antivirus in place. (If not, stop what you’re doing and go buy these products now!) But beyond those tools, what else are you doing in terms of security?
Do you have a vulnerability scanner? Are you monitoring for network intrusions? If you already have these in place, who is managing the tools? Do you need an MSSP to take that over, or are you looking to do something beyond what you currently have in place?
Each MSSP has its specialty, but many of them are willing to work with you to define a package that will work best for your business.
How much budget do you have available?
Every MSSP has a plethora of services that it provides, with different levels of engagement.
Understand what budget you have available for the year and what types of offerings an MSSP provides. In many cases, a basic package consists of security monitoring, managed firewall, etc. But if you also need someone to investigate and respond to an incident, that will cost extra.
Do you have someone on your own staff with the skills needed to make up the gaps of your MSSP service?
What areas of security are you comfortable with managing, and where do you need help?
Similar to the question about budget, you need to evaluate the skills you have on your own team and how much time those employees have to dedicate to your security goals.
If your IT team has someone with experience in security and has the time to monitor the security tools you have in place, then you may need an MSSP only to fill the gap of responding to an alert.
What does your network architecture look like? What type of environment do you need help monitoring?
Is most of your environment in the cloud? Is it on-prem or in a data center?
Depending on what you want to monitor (maybe you only care about your HQ in Dallas, for example, or your PCI environment), you’ll need to look for MSSPs that can provide those services. If you’re already using an MSP to host some of your critical servers, it may be worth checking to see if they provide additional security services.
At the end of the day, the pros and cons of hiring an MSSP are completely dependent on the needs of your business and the resources you have available. But there’s still no silver bullet for managing security. If you believe managed service is the right option for you, the best course of action is to consult your peers about what is (and isn’t) working for them before beginning the procurement process.
It will always be difficult to assess security tools in a vacuum, but by speaking to experts with firsthand experience using specific solutions, narrowing down the list of products and features that are essential for your business becomes a much more manageable endeavor.
Lauren Barraco is product manager at AlienVault.
This guest blog is part of a Channel Futures sponsorship.