Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.
Mail and Web Security Blog

Have mergers, acquisitions and changes in vendors’ strategies benefited cloud email and web security customers?

Created: 27 May 2013 • Updated: 27 May 2013 • 1 comment
Duncan Mills's picture
0 0 Votes
Login to vote

Part 3 – what you should look for when choosing a cloud security provider.

In the first two parts of this 3-part blog we highlighted the importance of choosing a financially secure and stable organisation; one that you can trust with your data and the protection of your people and information from a constantly changing threat landscape. Here are some of the other important things to look for when choosing your security services provider.

Service level agreements are extremely important. Someone else is processing your emails and web traffic, both of which are business critical, so look for SLAs around all aspects of the service. Read past the headline SLAs to ensure that they are backed by meaningful, financial remedies. The provider should be transparent and publish their performance against the SLAs. This is how you can be sure that they are confident in their own ability to execute.  

It’s all about security so makes sure that your provider understands the threat landscape and how to build protection technologies to combat the ever changing threats. Many just use third party anti-virus engines, which you could do yourself. One of the reasons for choosing cloud security is that it should offer superior protection because of the intelligence available to the provider. Look for SLAs around virus protection.

The provider should have security controls in place and certifications like ISO 27001. Your data is being processed by a third party so make sure you assess their security posture. They should be able to provide documentation outlining what measures they take.

The service must be highly available so that continuity of email and web access is assured.  One of the key benefits of using a service is that you don’t have to purchase your own highly available, redundant infrastructure. Your provider should have a global infrastructure, process your email and web traffic across multiple data centres in different geographies and fail over seamlessly in the event of an outage. Ensure you get a 100% availability SLA.

The service must not introduce excessive latency that delays email receipt or, more importantly, adversely impact users’ surfing experience and productivity. The provider should be managing their infrastructure capacity to ensure minimal latency of email and web traffic. Look for an SLA around latency.

You need to realise a low total cost of ownership so your security services provider must understand how to deliver the service to you in a cost effective manner. Putting enterprise-class appliances into a data centre will not work in the long term. The provider should have built a true multi-tenant infrastructure that cost-effectively scales to meet the needs of all of their customers.

These are some of the more important considerations. For further information and resources to help you choose the right security services provider for your needs see the Symantec email and web security product pages:

Read part 1 of this blog:

Read part 2 of this blog:

Comments 1 CommentJump to latest comment

DDoS Protection's picture

Even large corporation like Box and Skype were caught off guard recently. I believe your security needs grows with your business has you may become a more appealing target to hackers.

I completely agree with your 5th point, the service must not slow down your work. Security should not affect the productivity of your group in any way.

ZEN Network Technologies relies on the most advanced DDoS protection technology available today, and is constantly setting the pace whenever new threats surface.

Login to vote