Latest News  

Outsourcing security: What small businesses need to know

Forecasters predict that the booming managed security service provider (MSSP) industry will grow from $8 billion in 2015 to $30 billion by 2020.

2015-11-09 16:50:07

One question that small businesses often grapple with, especially in the early days of their development, is whether or not to outsource at least some aspect of their security, writes Ryan Berg in smallbusinesscomputing.com.

There are many instances when outsourcing computer, data, and network security makes sense:
• You may lack the appropriate in-house skills and resources
• You may not be in a position to make a full-time hire, let alone multiple hires
• You can't find the right person to fill a full-time role (Forbes expects our current cybersecurity workforce shortage to reach 1.5 million unfilled positions by 2019).
So does outside security help make sense for you? Possibly. But before you even think about outsourcing, you need to develop your own clear idea of what it is you actually need help with in the first place.

Outsourcing Cybersecurity 101

The simple truth is that you're not ready to outsource your small business security if any of these three points apply to your company.
• You can't clearly articulate your problem or goal
• You don't know where your assets reside or what data or systems you're trying to secure
• You don't have someone on board to actively own and manage the outsourced relationship

Small business owners must carefully avoid giving managed-security service providers the impression that they don't know what they need. The reality is many security vendors will see nothing but dollar signs; they may guide you to toward solutions that are easiest for them to implement instead of the solutions that best fit your needs.

Think of it this way: if you go to a brake shop because you think your car has a brake problem, you're more than likely going to cough up the cash for new brakes. Meanwhile, you may actually have a bigger issue with the car that remains unaddressed. Your shiny new brakes may work like a charm, but you can still get into an accident if the steering's off. And if you go back to the brake shop angry, they'll simply shrug and say of course they didn't protect you for that.

Advanced thought and planning is the best approach to outsourcing small business security. The worst thing you can say to a managed security service provider is, "I don't know where to start.

Outsourcing small business security works well only when you achieve these states:
• You have a clearly-defined problem to solve or goal to achieve.
• You find a vendor you work well with and can trust to deliver on your specific needs

There's no lack of outsourced security vendors from which to choose. But if you have a specific security goal that lends itself to outsourcing, you can whittle down the list to providers that specialize in that area. Then discuss these 10 essential topics with the managed-security service providers on your short list before you sign an agreement.

What to Ask Prospective Managed Security Service Providers

• Find out whether they've worked with small companies that are similar to yours in size, stage, and industry
• Get references
• Review their standards, policies, and procedures carefully
• Make sure all requirements and responsibilities will be documented in service level agreements (SLA) and/or statements of work
• Determine who on their side will manage your account and discuss your expected level of interaction (you don't want to enter a partnership expecting access to the Principal only to find out later that's not the case)
• Ask about reporting (what metrics do they measure, and how often do they report)
• Go over the game plan for incident response and recovery
• Ask about systems compatibility
• Make sure they can scale their protection as your company grows
• Have an exit strategy should the time come when you want to stop using their services

Small Business Security Caution

Remember, no one outside of your business values your business as much as you do. When you outsource aspects of your company's security you place your safety and success in their hands. You may pay for a level of professionalism, but when it comes down to it, an MSSP will act with its best interests in mind. Outsourcing isn't something you jump into quickly. Success requires a considerable amount of planning, discussion, and trust-building.

Ryan Berg is chief scientist at Barkly. A speaker, instructor, and author in the fields of security, risk management, and secure application development, Berg holds multiple patents. Prior to joining Barkly, he was chief security officer at Sonatype and chief scientist and cofounder of Ounce Labs.


0 COMMENTS ^ Go back to Top
WRITE A COMMENT ^ Go back to Top
 
Your email address will not be published.
Nickname
Email
Comment
Validation Code
   
 
 
NEWS
Logicom launched Cloud Marketplace platform in Romania

Logicom, one of the leading distributors of IT solutions and services and Microsoft Cloud Solution provider, announced the launch of Cloud Marketplace platform in Romania.

 Read Full article »
Excelian Luxoft Financial Services strengthens Its APAC presence with the acquisition of derivIT

Luxoft Holding, leading provider of software development services and innovative IT solutions to a global client base, announced that it has entered into a Share Purchase Agreement to acquire derivIT, a Singapo

 Read Full article »
SAP: Only four percent of companies offer customer experience based on contextual data to clients

According to latest findings of business and technology software solutions provider SAP conducted together with CMO Council, only four percent of companies offer real time customer experience based on contextua

 Read Full article »
Manpower: One out of three Romanian companies will hire people in second quarter, 2017

About a third of employers in Romania anticipate an increase of the number of employees in the second quarter of 2017, while only 7 per cent of company representatives foresee a drop of personnel, according to

 Read Full article »
Luxoft depicts top five global trends in software in 2017

According to the latest findings of software and It solutions provider Luxoft, transforming industries and business models within the context of accelerated innovation and strengthened disruptive technologies p

 Read Full article »
Oracle surpasses 9 billion US dollars worth revenues globally

Oracle Corporation announced fiscal 2017 Q3 results with total revenues up to 9.2 billion US dollars, a 2 per cent increase in US dollars and up 3 per cent increase in constant currency, the financial report st

 Read Full article »
Accenture Research: Three critical accelerators to closing the gender pay gap for class of 2020

Women graduating from university in developed markets in 2020 could be the first generation to close the gender pay gap in their professional lifetimes, according to new research from Accenture

 Read Full article »
CA Technologies positioned a leader for identity governance and administration

CA Technologies (NASDAQ:CA) has been positioned by Gartner, Inc., in the Leaders quadrant of the 2017 Gartner Magic Quadrant for Identity Governance and Administration (IGA).

 Read Full article »
SAP and Google announce co-innovation strategic partnership for global enterprises

During the Google Cloud Next '17 conference in San Francisco, the two companies announced the signing of a strategic co-innovation partnership between our two companies to help global enterprises run their busi

 Read Full article »
Voxpro opens office in Bucharest and hires 150 people

Multilingual business process outsourcing services provider Voxpro based in Cork, Ireland announced it would expand operations with a new office located in Bucharest where it plans to hire 150 people.

 Read Full article »
 
MOST RECENT VIDEO
 
 
MOST READ ARTICLES
» ROMANIAN OUTSOURCING AWARDS FOR EXCELL...
» Luxoft surged 40 per cent in 2015 – ...
» Exclusive OT print issue: Genpact may ...
» Manpower:Romania has world's third hig...
» SocGen's EBS division to grow 60%, exp...
» Bombardier: from Bucharest subway to t...
» People in Shared Services and Outsourc...
» Omnichannel: 4 pillars of a purposeful...
» Companies such as Endava and Fortech d...
» DB Global Technology: 40 per cent of t...
 
EDITOR CHOICE
TELUS International Europe: More proactive, personalized customer experience, thanks to the Internet of Things (IoT)

Industry research is apt to say we're on the cusp of a future full of "smart" devices — that is, billions of everyday items embedded with wireless internet connectivity

 Read Full article »
Romanian Outsourcing Summit: Focus on the added-value of business shared services in Romania

This year's edition of Romanian Outsourcing Summit joined representatives of the government and top representatives of leading companies operating in the sector of business shared services and related industrie

 Read Full article »
Romanian Outsourcing Summit reaches its third edition

OUTSOURCING TODAY, the integrated communication platform of the business services sector, powered by The Diplomat Bucharest, presents the Third Edition of the ROMANIAN OUTSOURCING SUMMIT on March 23rd 2017, at

 Read Full article »
The most critical Key Performance Indicator (KPI) in social media customer service

Measuring the impact that your social media interactions are having on your business — and your bottom line — can be a tricky endeavor. How can you really identify and quantify whether a particular social m

 Read Full article »
SAP employees to teach programming to scholars in Cluj-Napoca

Ten volunteers working for SAP company together with Cartea Daliei association will organize a Scratch programming teaching club to function at Emil Isac school based in Cluj-Napoca, the company announced.

 Read Full article »
Latest News  
 
about us | newsletter | contact | members area
Copyright © 2015 by Diplomat Media Events Design by Diplomat Media Events