 | |||||||||
| |||||||||
 | |||||||||
Rediscovering the Value of Managed Security Services
Monitoring and analyzing company data can yield revealing results
March 2008
With all the hype surrounding the ongoing emergence and popularity of managed services providers, it is sometimes forgotten that one of the most long-established areas of managed services has been serving the information technology (IT) space for the better part of the last decade. In fact, managed security services (MSS) providers have been helping companies analyze and realize the value of their information and network security investments while minimizing their security risks for much longer than many may realize, and they have played an important ongoing role in recognizing security trends and establishing best practices across the various industries.
“What’s interesting about the ‘managed services’ label, especially given that it has increased in visibility and viability over the past couple years, is that it has become an umbrella term to describe so many things for so many people,” said Patrick Kerry, managed security services manager for Cupertino, Calif.-based Symantec Corp. “Where it was once driven out of telecom companies, systems integrators, and specialist providers, now there is also growing interest in extending such services to small- and medium-sized businesses. Value-added resellers are getting more involved, and the concept is even associated with practices like software as a service or on-demand services. While the overall managed service provider market is gaining new entrants on almost a daily basis, the managed security services provider market is well established and differentiation—and ultimately customer decisions—is determined by elements such as a provider’s proven track record, breadth of services, depth of security expertise, and third-party validation.”
MSSs are designed to provide a systematic approach to managing a client’s security needs, with services conducted either in-house or possibly outsourced to a third party that has expertise in overseeing network and information system security. An MSS provider can offer 24-7 system monitoring and management of firewalls and intrusion detection solutions, as well as overseeing general patch management and upgrades and conducting regular security assessments and audits.
MSS providers have many products at their disposal—custom- and vendor-supplied—for organizing and guiding security procedures. For many companies, MSS providers are an appealing alternative to performing security monitoring and analysis in-house, which can be both time-consuming and costly. An established MSS provider can bring the promise of experience and expertise to a vitally important area of IT management and administration, an area that is only becoming more important as government- and industry-ordained regulatory compliance initiatives continue to emerge.
“At the core of our service, we import our clients’ security log data—from firewalls, intrusion detection systems, and down to the host level—then compare that against our pool of global intelligence, and escalate confirmed security threats to our customers,” said Kerry. “By leveraging the world’s largest collection of global threat intelligence and highly skilled threat analysts, our MSS clients can stay focused on their core business while we protect their critical IT assets. MSS services also help control costs, reduce complexity, and help satisfy regulatory and compliance initiatives.”
While MSS providers are most adept at monitoring and analyzing client security on an individual, customized basis, they have also been able to formulate a working list of some of the most common security shortcomings that companies often neglect. They also track against known and zero-day vulnerabilities to identify any malicious activity that looks as though it is intended to take advantage of those vulnerabilities. In turn, they can alert their clients and instruct them on the necessary steps so as to best protect themselves.
“While no security solution is impregnable, there certainly are a common set of best practices that should be followed,” said Kerry. “For example, home users need operating systems and application software updated with the latest patches, firewall and IDS systems should be deployed, e-mails with attachments from unknown senders should not be opened, do not follow blind links, and always exercise common sense and caution while online. Enterprises should implement a defense-in-depth strategy that includes multilayered security strategies and an awareness training program that is mandatory for all employees.”
With managed services providers growing in popularity as companies
look to downsize and simplify their IT infrastructures, and with
an increasing need for knowledgeable IT professionals who can
traverse the tricky dual landscape of regulatory compliance and
security risk mitigation, managed security service providers
will continue to be a necessary and valuable component to the
rapidly evolving and adapting IT marketplace.
Email
Print
Mobile