Latest News  

Outsourcing security: What small businesses need to know

Forecasters predict that the booming managed security service provider (MSSP) industry will grow from $8 billion in 2015 to $30 billion by 2020.

2015-11-09 16:50:07

One question that small businesses often grapple with, especially in the early days of their development, is whether or not to outsource at least some aspect of their security, writes Ryan Berg in smallbusinesscomputing.com.

There are many instances when outsourcing computer, data, and network security makes sense:
• You may lack the appropriate in-house skills and resources
• You may not be in a position to make a full-time hire, let alone multiple hires
• You can't find the right person to fill a full-time role (Forbes expects our current cybersecurity workforce shortage to reach 1.5 million unfilled positions by 2019).
So does outside security help make sense for you? Possibly. But before you even think about outsourcing, you need to develop your own clear idea of what it is you actually need help with in the first place.

Outsourcing Cybersecurity 101

The simple truth is that you're not ready to outsource your small business security if any of these three points apply to your company.
• You can't clearly articulate your problem or goal
• You don't know where your assets reside or what data or systems you're trying to secure
• You don't have someone on board to actively own and manage the outsourced relationship

Small business owners must carefully avoid giving managed-security service providers the impression that they don't know what they need. The reality is many security vendors will see nothing but dollar signs; they may guide you to toward solutions that are easiest for them to implement instead of the solutions that best fit your needs.

Think of it this way: if you go to a brake shop because you think your car has a brake problem, you're more than likely going to cough up the cash for new brakes. Meanwhile, you may actually have a bigger issue with the car that remains unaddressed. Your shiny new brakes may work like a charm, but you can still get into an accident if the steering's off. And if you go back to the brake shop angry, they'll simply shrug and say of course they didn't protect you for that.

Advanced thought and planning is the best approach to outsourcing small business security. The worst thing you can say to a managed security service provider is, "I don't know where to start.

Outsourcing small business security works well only when you achieve these states:
• You have a clearly-defined problem to solve or goal to achieve.
• You find a vendor you work well with and can trust to deliver on your specific needs

There's no lack of outsourced security vendors from which to choose. But if you have a specific security goal that lends itself to outsourcing, you can whittle down the list to providers that specialize in that area. Then discuss these 10 essential topics with the managed-security service providers on your short list before you sign an agreement.

What to Ask Prospective Managed Security Service Providers

• Find out whether they've worked with small companies that are similar to yours in size, stage, and industry
• Get references
• Review their standards, policies, and procedures carefully
• Make sure all requirements and responsibilities will be documented in service level agreements (SLA) and/or statements of work
• Determine who on their side will manage your account and discuss your expected level of interaction (you don't want to enter a partnership expecting access to the Principal only to find out later that's not the case)
• Ask about reporting (what metrics do they measure, and how often do they report)
• Go over the game plan for incident response and recovery
• Ask about systems compatibility
• Make sure they can scale their protection as your company grows
• Have an exit strategy should the time come when you want to stop using their services

Small Business Security Caution

Remember, no one outside of your business values your business as much as you do. When you outsource aspects of your company's security you place your safety and success in their hands. You may pay for a level of professionalism, but when it comes down to it, an MSSP will act with its best interests in mind. Outsourcing isn't something you jump into quickly. Success requires a considerable amount of planning, discussion, and trust-building.

Ryan Berg is chief scientist at Barkly. A speaker, instructor, and author in the fields of security, risk management, and secure application development, Berg holds multiple patents. Prior to joining Barkly, he was chief security officer at Sonatype and chief scientist and cofounder of Ounce Labs.


0 COMMENTS ^ Go back to Top
WRITE A COMMENT ^ Go back to Top
 
Your email address will not be published.
Nickname
Email
Comment
Validation Code
   
 
 
NEWS
Cushman & Wakefield Echinox: StreamWIDE joins the new IT hub created in the Timpuri Noi Square project

StreamWIDE, a company specialized in the software and telecommunications industry, realocates its office in Bucharest in the Timpuri Noi Square project, joining the new IT hub created in the business park devel

 Read Full article »
CBRE: Office deliveries expected to bring new stock of 635.00 sqm, Bucharest to reach 3.9 mln sqm modern office spaces

During 2020–2021 to approx. 635,000 sqm of modern office space are expected to be delivered on market, increasing the Bucharest modern stock at approx. 3.9 million sq m, a step closer to a new a threshold and

 Read Full article »
Uber opens at Bucharest the largest support center to drivers and business partners in CEE

Uber company launched this week in Bucharest the largest center in Central and Eastern Europe that offers assistance to drivers and business partners in Romania, a center where they can contact directly Uber re

 Read Full article »
Samsung and Orange Romania activated the 5G VR Live streaming at Untold Music Festival in Romania

Samsung Electronics and Orange Romania have successfully deployed a 5G New Radio (NR) network to demonstrate a series of 5G use cases at Untold Festival 2019, the largest annual dance music festival in Romania,

 Read Full article »
MVP Lab in Sibiu named as one of Europe's best in the "Ones to Watch" list at European Business Awards

Ropardo MVP Lab has been named as ‘One to Watch' in Europe in a list of business excellence published by the European Business Awards, one of world's largest and longest running business competitions.

 Read Full article »
Endava marks one year since IPO

Endava, one of the most important software companies, present on the local market with 7 delivery centers, reaches an almost double capitalization, 2.07 billion USD, on July 26, 2019, one year after listing. Th

 Read Full article »
Infosys opens cyber defence centre in Bucharest

Infosys, a global leader in next-generation digital services and consulting, announced the launch of its Cyber Defence Centre in Bucharest, Romania. The Defence Centre is an expansion of services delivered thro

 Read Full article »
QuEST Global completes integration of IT Six Global Services

QuEST Global, a global product engineering and lifecycle services company, has successfully completed the integration of IT Six Global Services SRL. QuEST Global acquired IT Six, a software engineering services

 Read Full article »
RE MAX Romania opens three more offices

RE/MAX Romania has expanded its network, adding three new offices – RE/MAX Partners in Cluj, RE/MAX Quality in Sibiu and RE/MAX Prestige in Targu Mures.

 Read Full article »
Microsoft and OpenAI form exclusive computing partnership to build new Azure AI supercomputing technologies

Microsoft Corp. and OpenAI have partnered to further extend Microsoft Azure's capabilities in large-scale AI systems, according to a release of Microsoft.

 Read Full article »
 
 
 
MOST READ ARTICLES
» The Outsourcing industry announces its...
» Meet the winners of ROMANIAN BUSINESS ...
» Capgemini to open new office at Suceav...
» Genpact's COO: Staying ahead of the cu...
» Deloitte: Four in ten Romanian millenn...
» Elena Calin, CEO UP! Your Service Roma...
» The Diplomat-Bucharest launched Outsou...
» GRS has one of the fastest growths and
» TELUS International Europe: How fast-g...
» People Empowering Business Forum 2019 ...
 
EDITOR CHOICE
Workplace of the Future conference to take place on November 20th at Bucharest

The Diplomat-Bucharest together with Outsourcing Today organize the 3rd Edition of WORKPLACE OF THE FUTURE, on 20th of November 2019, in Bucharest, at Capital Plaza Hotel.

 Read Full article »
Strategic Talent Acquisition at People Empowering Business Forum on October 30 in Bucharest

Latest trends like demographic upheaval, globalization, digital technology, and changing social values and worker expectations, are disrupting business models and radically changing the workplace. These are req

 Read Full article »
Informal IT School and UiPath launch an educational program for RPA development to start in October

Informal IT School announced a partnership with UiPath to launch an RPA development educational program of five months, 100 hours of courses, five days a week. The program will run in Cluj-Napoca.

 Read Full article »
Impact Hub Bucharest joins 3house to manage three coworking spaces in the city

Impact Hub Bucharest, a coworking spaces manager and developer of accelerator programs and events merged with 3house, a new concept of workplace launched in 2018. By this, Impact Hub reaches 3 locations and 6.7

 Read Full article »
JLL: Total office space in Bucharest to reach 3 million sqm

The second quarter of 2019 reconfirmed the increased interest for the office market in Romania. Over 115,000 square meters of office space were leased over this period at the national level, a value similar wit

 Read Full article »
Latest News  
 
about us | newsletter | contact | members area | GDPR policy
Copyright © 2015 by Diplomat Media Events Design by Diplomat Media Events