Latest News  

Outsourcing security: What small businesses need to know

Forecasters predict that the booming managed security service provider (MSSP) industry will grow from $8 billion in 2015 to $30 billion by 2020.

2015-11-09 16:50:07

One question that small businesses often grapple with, especially in the early days of their development, is whether or not to outsource at least some aspect of their security, writes Ryan Berg in smallbusinesscomputing.com.

There are many instances when outsourcing computer, data, and network security makes sense:
• You may lack the appropriate in-house skills and resources
• You may not be in a position to make a full-time hire, let alone multiple hires
• You can't find the right person to fill a full-time role (Forbes expects our current cybersecurity workforce shortage to reach 1.5 million unfilled positions by 2019).
So does outside security help make sense for you? Possibly. But before you even think about outsourcing, you need to develop your own clear idea of what it is you actually need help with in the first place.

Outsourcing Cybersecurity 101

The simple truth is that you're not ready to outsource your small business security if any of these three points apply to your company.
• You can't clearly articulate your problem or goal
• You don't know where your assets reside or what data or systems you're trying to secure
• You don't have someone on board to actively own and manage the outsourced relationship

Small business owners must carefully avoid giving managed-security service providers the impression that they don't know what they need. The reality is many security vendors will see nothing but dollar signs; they may guide you to toward solutions that are easiest for them to implement instead of the solutions that best fit your needs.

Think of it this way: if you go to a brake shop because you think your car has a brake problem, you're more than likely going to cough up the cash for new brakes. Meanwhile, you may actually have a bigger issue with the car that remains unaddressed. Your shiny new brakes may work like a charm, but you can still get into an accident if the steering's off. And if you go back to the brake shop angry, they'll simply shrug and say of course they didn't protect you for that.

Advanced thought and planning is the best approach to outsourcing small business security. The worst thing you can say to a managed security service provider is, "I don't know where to start.

Outsourcing small business security works well only when you achieve these states:
• You have a clearly-defined problem to solve or goal to achieve.
• You find a vendor you work well with and can trust to deliver on your specific needs

There's no lack of outsourced security vendors from which to choose. But if you have a specific security goal that lends itself to outsourcing, you can whittle down the list to providers that specialize in that area. Then discuss these 10 essential topics with the managed-security service providers on your short list before you sign an agreement.

What to Ask Prospective Managed Security Service Providers

• Find out whether they've worked with small companies that are similar to yours in size, stage, and industry
• Get references
• Review their standards, policies, and procedures carefully
• Make sure all requirements and responsibilities will be documented in service level agreements (SLA) and/or statements of work
• Determine who on their side will manage your account and discuss your expected level of interaction (you don't want to enter a partnership expecting access to the Principal only to find out later that's not the case)
• Ask about reporting (what metrics do they measure, and how often do they report)
• Go over the game plan for incident response and recovery
• Ask about systems compatibility
• Make sure they can scale their protection as your company grows
• Have an exit strategy should the time come when you want to stop using their services

Small Business Security Caution

Remember, no one outside of your business values your business as much as you do. When you outsource aspects of your company's security you place your safety and success in their hands. You may pay for a level of professionalism, but when it comes down to it, an MSSP will act with its best interests in mind. Outsourcing isn't something you jump into quickly. Success requires a considerable amount of planning, discussion, and trust-building.

Ryan Berg is chief scientist at Barkly. A speaker, instructor, and author in the fields of security, risk management, and secure application development, Berg holds multiple patents. Prior to joining Barkly, he was chief security officer at Sonatype and chief scientist and cofounder of Ounce Labs.


0 COMMENTS ^ Go back to Top
WRITE A COMMENT ^ Go back to Top
 
Your email address will not be published.
Nickname
Email
Comment
Validation Code
   
 
 
NEWS
Saxo Bank analysis: Romania, the ideal place for a fintech revolution

Fintech will produce a revolution and is leaving the door open to real challenges, but also with opportunities for those who embrace it, Laurentiu Nedelcu, CEE manager at Saxo Bank said in a recent analysis.

 Read Full article »
Bitdefender signs accord with American router producer Netgear

The software producer Bitdefender signed a technology licence partnership with the American equipment producer for Netgear networks, which will include in its products security solutions for smart devices, deve

 Read Full article »
Laurentiu Lazar, promoted as Managing Partner at Colliers International Romania

Laurentiu Lazar, Senior Partner, Investment and Valuation Services, will take over as the new Managing Partner of the real estate consultancy company Colliers International Romania, effective as of March

 Read Full article »
Upcoming event brings Retrospective in Labor Legislation on February 15th, at Bucharest

Outsourcing Today, together with Fine Law, organize The 2017's Retrospective in Labor Legislation event on February 15, 2018 at Caro Hotel Bucharest, a knowledge sharing event dedicated to the latest significan

 Read Full article »
A.T. Kearney: The widening impact of automation impact the business model of outsourcing

According to a recent article of A.T. Kearney and based on the findings of Global Services Location Index for 2017, the developing nations have long enjoyed the economic benefits of other countries' offshoring.

 Read Full article »
Freelancing – a solution to staff shortages for companies

According to Smartree Romania, a leading provider in Romania of outsourcing payroll services and personnel administration, freelancing has become more present among Romanians lately. Working with freelancers ca

 Read Full article »
Kaspersky Lab: Targeted attacks on radar for industrial organisations

Of the industrial companies that participated in the IT Security Risks Survey , every fourth has faced a variety of cyberattacks. Worryingly, one of the fastest growing types of threat among the multitude targe

 Read Full article »
E-commerce: Romanian companies sell online on their own, above EU average

A share of 16 percent of all enterprises located in the EU and employing at least 10 people received orders via a website or apps (web sales) in 2016, Eurostat reveals. At the same time, more than 8 in 10 enter

 Read Full article »
FAB LAB Iasi nominated at CEE Shared Services and Outsourcing Awards in Warsaw

Iasi city, in Eastern Romania, together with Conduent company and FAB LAB IASI project have been nominated at CEE Shared Services and Outsourcing Awards, to take place at Warsaw at the Hotel Intercontinental o

 Read Full article »
Endava and Velocity Partners announce merger to become truly global IT player

The merger between Velocity Partners, an innovative software development company with a strong presence in Latin America, and Endava, a global technology company with a sustained consistent growth and offices a

 Read Full article »
 
 
MOST READ ARTICLES
» ROMANIAN OUTSOURCING AWARDS FOR EXCELL...
» Romanian Outsourcing Awards for Excell...
» Molson Coors started to grow its busin...
» Romania's IT industry could grow at an...
» TELUS International: How customer serv...
» Capgemini to open new office at Suceav...
» ABB opens the first robotics training ...
» Comdata to buy four subsidiaries of Fr...
» Committed to growth
» Four companies represent Romania in De...
 
EDITOR CHOICE
TELUS International: Chatbots - The pros and cons of automated customer service

Learn what key factors to consider before introducing chatbots to your customer service strategy

 Read Full article »
Why AFI Tech Park is the best value for money office project in Bucharest(P)

Based on the insight that location is a strong criteria employees take into consideration when choosing their workplace, AFI Europe Romania is currently developing AFI Tech Park, the newest office destination i

 Read Full article »
Shifting the workplace perspective towards high-end added value

This month, OUTSOURCING TODAY organized The Workplace of the future in IT and Outsourcing at Caro Hotel Bucharest, a new concept event meant to connect fast-growing corporate tenants from IT and outsourcing ind

 Read Full article »
Andrei Romanescu, Managing Director of Veeam Romania: Outsourcing sector, a decade evolution

Since the early 2000s, this sector has grown at a significant rate (about 20-30% per year). The industry has evolved from focusing on cost and labour arbitrage to adding value – therefore the growth is not so

 Read Full article »
TELUS International Europe: Discover how successful smart-home providers deliver exceptional customer service

Key Takeaways

• Internet of Things (IoT) connected home devices are making the contact center and customer service more important than ever. • A friendly approach and positive attitude are import

 Read Full article »
Latest News  
 
about us | newsletter | contact | members area
Copyright © 2015 by Diplomat Media Events Design by Diplomat Media Events