Latest News  

Outsourcing security: What small businesses need to know

Forecasters predict that the booming managed security service provider (MSSP) industry will grow from $8 billion in 2015 to $30 billion by 2020.

2015-11-09 16:50:07

One question that small businesses often grapple with, especially in the early days of their development, is whether or not to outsource at least some aspect of their security, writes Ryan Berg in smallbusinesscomputing.com.

There are many instances when outsourcing computer, data, and network security makes sense:
• You may lack the appropriate in-house skills and resources
• You may not be in a position to make a full-time hire, let alone multiple hires
• You can't find the right person to fill a full-time role (Forbes expects our current cybersecurity workforce shortage to reach 1.5 million unfilled positions by 2019).
So does outside security help make sense for you? Possibly. But before you even think about outsourcing, you need to develop your own clear idea of what it is you actually need help with in the first place.

Outsourcing Cybersecurity 101

The simple truth is that you're not ready to outsource your small business security if any of these three points apply to your company.
• You can't clearly articulate your problem or goal
• You don't know where your assets reside or what data or systems you're trying to secure
• You don't have someone on board to actively own and manage the outsourced relationship

Small business owners must carefully avoid giving managed-security service providers the impression that they don't know what they need. The reality is many security vendors will see nothing but dollar signs; they may guide you to toward solutions that are easiest for them to implement instead of the solutions that best fit your needs.

Think of it this way: if you go to a brake shop because you think your car has a brake problem, you're more than likely going to cough up the cash for new brakes. Meanwhile, you may actually have a bigger issue with the car that remains unaddressed. Your shiny new brakes may work like a charm, but you can still get into an accident if the steering's off. And if you go back to the brake shop angry, they'll simply shrug and say of course they didn't protect you for that.

Advanced thought and planning is the best approach to outsourcing small business security. The worst thing you can say to a managed security service provider is, "I don't know where to start.

Outsourcing small business security works well only when you achieve these states:
• You have a clearly-defined problem to solve or goal to achieve.
• You find a vendor you work well with and can trust to deliver on your specific needs

There's no lack of outsourced security vendors from which to choose. But if you have a specific security goal that lends itself to outsourcing, you can whittle down the list to providers that specialize in that area. Then discuss these 10 essential topics with the managed-security service providers on your short list before you sign an agreement.

What to Ask Prospective Managed Security Service Providers

• Find out whether they've worked with small companies that are similar to yours in size, stage, and industry
• Get references
• Review their standards, policies, and procedures carefully
• Make sure all requirements and responsibilities will be documented in service level agreements (SLA) and/or statements of work
• Determine who on their side will manage your account and discuss your expected level of interaction (you don't want to enter a partnership expecting access to the Principal only to find out later that's not the case)
• Ask about reporting (what metrics do they measure, and how often do they report)
• Go over the game plan for incident response and recovery
• Ask about systems compatibility
• Make sure they can scale their protection as your company grows
• Have an exit strategy should the time come when you want to stop using their services

Small Business Security Caution

Remember, no one outside of your business values your business as much as you do. When you outsource aspects of your company's security you place your safety and success in their hands. You may pay for a level of professionalism, but when it comes down to it, an MSSP will act with its best interests in mind. Outsourcing isn't something you jump into quickly. Success requires a considerable amount of planning, discussion, and trust-building.

Ryan Berg is chief scientist at Barkly. A speaker, instructor, and author in the fields of security, risk management, and secure application development, Berg holds multiple patents. Prior to joining Barkly, he was chief security officer at Sonatype and chief scientist and cofounder of Ounce Labs.


0 COMMENTS ^ Go back to Top
WRITE A COMMENT ^ Go back to Top
 
Your email address will not be published.
Nickname
Email
Comment
Validation Code
   
 
 
NEWS
Stefanini officially launches the office at Chisinau

IT solutions provider Stefanini announced it officially launched its office at Chisinau, in the presence of local representatives such as Sabin Gîrlea, Operations Director for Application Development division

 Read Full article »
Computaris Romania hiring over 30 engineers for Bucharest site

Computaris Romania has achieved its Q1 2017 plans to hire more than 30 software engineers, exceeding 100 people at its Bucharest site.

 Read Full article »
Zitec expands at Brasov and plans to hire 20 IT professionals by the end of this year

Romanian software company Zitec recently announced it has opened an office in the central city of Brasov, where it plans to hire 20 by the end of this year.

 Read Full article »
Ericsson and Skanska trial IoT for Smart Buildings

Skanska, the world leading project development and construction group, has initiated an Internet of Things (IoT) trial with Ericsson for Skanska Commercial Development Nordics.

 Read Full article »
Skanska started the workings at Campus 6, its newest project locally

The official ceremony joined local officials, such as Gabriel Mutu, mayor of bucharest's sixth district, Aurelia Luca, Country Manager Skanska Property România, Katarzyna Zawodna, Business Unit President Skans

 Read Full article »
Deloitte Romania: learning and career development, high up on the business and HR agenda

Driven by the frequent change of the professional competencies required to perform at work, lack of experienced candidates and employee's desire to develop professionally continuously, learning and career devel

 Read Full article »
Softelligence to hire 100 by end-2018

Romanian business software company Softelligence recently announced it plans to hire 100 developers by the end of next year in its software engineering office in Craiova.

 Read Full article »
Cosmin Pătlăgeanu, Marketing Manager, Luxoft România is the new president of ABSL

The Association of Business Service Leaders in Romania (ABSL) announces the naming of Cosmin Pătlăgeanu, Marketing Manager, Luxoft România as the organization's new president.

 Read Full article »
PIN MAP IASI: The first business map of Iasi is launched

After a team effort of over half a hear, the team of The PIN Map project announced it is launching the first map of the offices in Iasi - PIN Map Iasi (www.pinmapiasi.ro), within a press conference hosted by Ia

 Read Full article »
UiPath Automation Academy RPA-certified 500 users in April

One year ago, UiPath offered RPA free for individual users, education projects and small to medium businesses. UiPath Community Edition has been a great success, and their Community Forum now hosts a growing nu

 Read Full article »
 
MOST RECENT VIDEO
 
 
MOST READ ARTICLES
» PIN MAP IASI: The first business map o...
» Softelligence to hire 100 by end-2018
» Cosmin Pătlăgeanu, Marketing Manager...
» A look ahead: How artificial intellige...
» Deloitte Romania: learning and career ...
» UiPath Automation Academy RPA-certifie...
» SoftOne Romania becomes operational hu...
» Romanian Outsourcing Awards for Excell...
» Romanian Outsourcing Awards for Excell...
» Alten opens a delivery center in Iasi
 
EDITOR CHOICE
TELUS International Europe: Three ways travel and hospitality contact centers can localize the customer experience

Flight delays. Booking or check-in problems. Regional, cultural and linguistic differences. The travel and hospitality business can be a perfect storm for contact centers offering both added challenges and uniq

 Read Full article »
Romanian Outsourcing Awards for Excellence 2017 applauds its Winners!

Outsourcing Today, the integrated communication platform of the business services sector and The Diplomat – Bucharest is honored to praise its winners awarded at The Third Edition of Romanian Outsourcing Awar

 Read Full article »
Romanian Outsourcing Awards for Excellence 2017 - Finalists Announcement

Outsourcing Today, the integrated communication platform of the business services sector and The Diplomat – Bucharest, present the Third Edition of Romanian Outsourcing Awards for Excellence, on May 11, 2017

 Read Full article »
TELUS International Europe: Turning a satisfied customer into a loyal customer – Q&A with a hospitality expert

Leonardo Inghilleri literally wrote the book on customer service in the hospitality industry - and an international bestseller at that.

 Read Full article »
Romanian Outsourcing Awards for Excellence designates the industry winners on May 11

Outsourcing Today, the integrated communication platform of the business services sector, presents the Third Edition of the annual Romanian

 Read Full article »
Latest News  
 
about us | newsletter | contact | members area
Copyright © 2015 by Diplomat Media Events Design by Diplomat Media Events