Symantec United States
global sites
products and services
purchase
support
security response
downloads
about symantec
search
feedback


© 1995-2007 Symantec Corporation.
All rights reserved.
Legal Notices
Privacy Policy
Outsourcing Security

As this summer’s virus attacks vividly demonstrated, companies large and small are struggling to maintain around-the-clock network security. Occurring nearly simultaneously, the Blaster, Welchia, and Sobig.F worms ripped through hundreds of thousands of corporate computers, resulting in untold damages and lost productivity. In such an atmosphere, how can small businesses maximize their IT investments and successfully manage security? They can tackle the job with in-house staff, or they can outsource the task to a managed security services provider, or MSSP.

Handling security in-house
Small businesses are in a unique – and extremely challenging – position when it comes to combating security threats. Lacking the IT staff commonly found in enterprise operations, they must nevertheless protect their network from attack. This normally entails formulating a security policy and implementing firewall, intrusion detection, virus detection, and other security technologies. But even after taking these steps, the challenge remains of how to manage the security effort. Security, after all, is not static, and small businesses – like any other operation -- must be prepared to proactively monitor, maintain, and upgrade their network protection.

According to market researcher Gartner, at most companies, the staff responsible for these security functions is also responsible for other activities and spends most of its time on non-security projects. For resource-constrained small businesses, Gartner added, such added responsibility is often too taxing. Gartner concluded that in-house teams struggle to understand and defend against the latest security threats because this requires constant system monitoring – something that few small businesses can afford. The bottom line: maintaining the necessary vigilance in these days of “zero-day” attacks requires significant investments in staff, IT systems, and training.

Outsourcing the security operation
The alternative is for small businesses to outsource the management and monitoring of their network security to an MSSP. An MSSP can combine advanced technology with expert human analysis, enabling a small business to cost-effectively strengthen its security posture. An MSSP can also provide a level of technology and expertise that ensures rapid response to real threats.

Specifically, a top-flight MSSP employs advanced data mining and security event correlation capabilities to enable it to accurately correlate, analyze, and interpret large volumes of network security data in real time.

In general, an MSSP’s services include timely phone and email access to security monitoring staff and Web access to reports on such things as device status, change requests, and service level performance. Most importantly, by effectively solving security problems, these services enable small businesses to focus on their core, everyday business issues.

So how does a small business go about choosing an MSSP? The following set of criteria should be considered.

  • Longevity. Entrusting your sensitive data to a third party is not a decision to be taken lightly. When you partner with an MSSP, you need to invest time and resources to ensure that the service is addressing your organization’s most critical needs. As a result, you’ll want a partner that has a proven track record of delivering quality security services to a broad range of customers over a long period of time.

  • Annual revenues. What is the prospective MSSP’s financial status? For publicly traded companies, Gartner estimates that annual run rates of more than $10 million per year in managed security services contracts indicate a sufficient base of revenue to support growth and enhancement of services.

  • Breadth of channel partners. This criterion provides an indication of an MSSP’s ability to increase its customer base without having to expand a costly direct sales channel, thus enabling it to direct more funds to research and development. Such partnerships also allow an MSSP to serve customers in different industries, geographic regions, and sectors of the security services and product markets.

  • Management experience. For leading MSSPs, management experience will include backgrounds in military, government, and industrial sectors.

  • Breadth of services. This key consideration indicates an MSSP’s ability to meet the security management needs of a wide variety of companies. According to Gartner, these should include managed firewall, intrusion detection, antivirus, vulnerability assessment, and consulting services.

  • Security management processes. An MSSP should be able to provide documented standards and policies for handling typical and atypical operations and threats. An MSSP should offer a variety of attack alert notification methods to allow customers’ staff the ability to mitigate risk in real time.

  • Vendor neutrality. Make sure the MSSP you select employs security specialists with certified expertise across a broad range of security products from a variety of security providers. This allows you the freedom to select best-of-breed solutions.

  • Auditing. While trust is one of the most important factors in selecting an MSSP, be sure the vendor you select has facilities, processes, and procedures that are validated and certified by a third-party auditor.

  • Reporting. Reports provided by MSSPs should be detailed enough to support decisions to enhance your security efforts and to determine the cost-effectiveness of the managed services. Thorough reports will include information gleaned from the managed devices, recommended responses, any changes the MSSP made to the devices, and information about the latest threats.

  • Security operations centers. You should choose an MSSP that operates multiple security operations centers, or SOCs. Having two or more SOCs allows for cross-monitoring, ensuring constant compliance with security standards. They can also provide backup in times of disaster.

All organizations, not just small businesses, can benefit from the continuous management and monitoring of their security operations. In this regard, an MSSP can help you develop a company-wide security policy that sets appropriate access control rules governing all employees. This is important because it recognizes that many security breaches come from within. (Most MSSP contracts include monitoring of all security-related activities on the internal network.) Before you sign on with an MSSP, make sure all employees are aware of your company’s security policy and what the MSSP is contracted to do.

Conclusion
Managed security services can remove the volatility associated with staffing and responding to unpredictable network threats, allowing you to better manage your day-to-day business requirements, resources, and costs. With an MSSP providing flexible, customized services, that’s a solution that makes practical business sense.


home find a solution library tech resources