Latest News  

Outsourcing security: What small businesses need to know

Forecasters predict that the booming managed security service provider (MSSP) industry will grow from $8 billion in 2015 to $30 billion by 2020.

2015-11-09 16:50:07

One question that small businesses often grapple with, especially in the early days of their development, is whether or not to outsource at least some aspect of their security, writes Ryan Berg in smallbusinesscomputing.com.

There are many instances when outsourcing computer, data, and network security makes sense:
• You may lack the appropriate in-house skills and resources
• You may not be in a position to make a full-time hire, let alone multiple hires
• You can't find the right person to fill a full-time role (Forbes expects our current cybersecurity workforce shortage to reach 1.5 million unfilled positions by 2019).
So does outside security help make sense for you? Possibly. But before you even think about outsourcing, you need to develop your own clear idea of what it is you actually need help with in the first place.

Outsourcing Cybersecurity 101

The simple truth is that you're not ready to outsource your small business security if any of these three points apply to your company.
• You can't clearly articulate your problem or goal
• You don't know where your assets reside or what data or systems you're trying to secure
• You don't have someone on board to actively own and manage the outsourced relationship

Small business owners must carefully avoid giving managed-security service providers the impression that they don't know what they need. The reality is many security vendors will see nothing but dollar signs; they may guide you to toward solutions that are easiest for them to implement instead of the solutions that best fit your needs.

Think of it this way: if you go to a brake shop because you think your car has a brake problem, you're more than likely going to cough up the cash for new brakes. Meanwhile, you may actually have a bigger issue with the car that remains unaddressed. Your shiny new brakes may work like a charm, but you can still get into an accident if the steering's off. And if you go back to the brake shop angry, they'll simply shrug and say of course they didn't protect you for that.

Advanced thought and planning is the best approach to outsourcing small business security. The worst thing you can say to a managed security service provider is, "I don't know where to start.

Outsourcing small business security works well only when you achieve these states:
• You have a clearly-defined problem to solve or goal to achieve.
• You find a vendor you work well with and can trust to deliver on your specific needs

There's no lack of outsourced security vendors from which to choose. But if you have a specific security goal that lends itself to outsourcing, you can whittle down the list to providers that specialize in that area. Then discuss these 10 essential topics with the managed-security service providers on your short list before you sign an agreement.

What to Ask Prospective Managed Security Service Providers

• Find out whether they've worked with small companies that are similar to yours in size, stage, and industry
• Get references
• Review their standards, policies, and procedures carefully
• Make sure all requirements and responsibilities will be documented in service level agreements (SLA) and/or statements of work
• Determine who on their side will manage your account and discuss your expected level of interaction (you don't want to enter a partnership expecting access to the Principal only to find out later that's not the case)
• Ask about reporting (what metrics do they measure, and how often do they report)
• Go over the game plan for incident response and recovery
• Ask about systems compatibility
• Make sure they can scale their protection as your company grows
• Have an exit strategy should the time come when you want to stop using their services

Small Business Security Caution

Remember, no one outside of your business values your business as much as you do. When you outsource aspects of your company's security you place your safety and success in their hands. You may pay for a level of professionalism, but when it comes down to it, an MSSP will act with its best interests in mind. Outsourcing isn't something you jump into quickly. Success requires a considerable amount of planning, discussion, and trust-building.

Ryan Berg is chief scientist at Barkly. A speaker, instructor, and author in the fields of security, risk management, and secure application development, Berg holds multiple patents. Prior to joining Barkly, he was chief security officer at Sonatype and chief scientist and cofounder of Ounce Labs.


0 COMMENTS ^ Go back to Top
WRITE A COMMENT ^ Go back to Top
 
Your email address will not be published.
Nickname
Email
Comment
Validation Code
   
 
 
NEWS
Smartree: Software development field interests Romanians living abroad

Romanians abroad wishing to return to the country could be attracted by the IT domain, and more precisely the software development branch, according to a study conducted by Smartree.

 Read Full article »
Norwegian software developer leases 4.200 sqm in Iulius' Unites Business Center 3

Iulius Company and Visma Software, a Norwegian developer of business management software solutions, have signed a lease agreement for office premises within the United Business Center 3 (UBC 3) office building

 Read Full article »
Oracle hires 1000 sales representatives to boost cloud services in EMEA

Oracle announced 1000 new jobs in Europe, Middle East and Africa. Under the Change Happens Here banner, the company is hunting for the next generation of ambitious, driven, digitally savvy Sales Representative

 Read Full article »
Academy Plus programming school opens at Bucharest with 120 available places

ACADEMY+PLUS, the free of charge programming school launched three years ago at Cluj in partnership with École 42 in Paris, opens also at Bucharest with 120 available places to those who want to learn programm

 Read Full article »
AI to drive GDP gains of 15.7 trillion dollars with productivity, personalisation improvements

Global GDP will be 14% higher in 2030 as a result of AI – the equivalent of an additional 15.7 trillion US dollars, a recent research report of PwC states. This makes it the biggest commercial opportunity in

 Read Full article »
TotalSoft appoints Adina Gurgu as Chief Technology Officer

TotalSoft, one of the leading ERP and financial solutions providers internationally, announces the appointment of Adina Gurgu as Chief Technology Officer (CTO), who will be starting August responsible with spea

 Read Full article »
Czech ALEF Group acquires local company and enters Romanian market

Czech IT systems and equipment supplier ALEF Group announced it had acquired Romanian peer company Likeit Solution for an undisclosed sum.

 Read Full article »
3Pillar Global expands with third development center in Romania

US-based IT services provider 3Pillar Global will open the third development center in Romania this August, in Iasi, to be locatedin Moldova Business Center.

 Read Full article »
DB Global Technology reaches 800 people, 150 people joined this year

B Global Technology, Deutsche Bank's technology center in Bucharest, has reached the 800 staff milestone, with over 150 people joining the team in 2017.

 Read Full article »
Regional operations centers give Romania's real estate market a boost

With a 4.8 per cent GDP growth in 2016 and the highest estimated growth rate in 2017 among EU member states, Romania has become an increasingly attractive destination for regional operations centers.

 Read Full article »
 
MOST RECENT VIDEO
 
 
MOST READ ARTICLES
» ROMANIAN OUTSOURCING AWARDS FOR EXCELL...
» EY: Work-life balance has become more ...
» Stefanini officially launches the offi...
» Exclusive OT print issue: Genpact may ...
» Bombardier: from Bucharest subway to t...
» Welcome onboard!
» Romania ranks second in Deloitte's CE ...
» Endava and Worldpay to create a center...
» GM to open a call center at Bucharest
» Manpower:Romania has world's third hig...
 
EDITOR CHOICE
EY: Work-life balance has become more difficult to be managed by one third of full-time employees in 8 large countries

EY's global survey of full-time workers in eight countries finds that one-third say managing work-life has become more difficult, with younger generations and parents hit hardest.

 Read Full article »
Welcome onboard!

By 2020, some 200.000 people are expected to work in business shared services in Romania, doubling the current employment portfolio enrolled in more than 120 companies operating BPO, SSC or ITO services. Howeve

 Read Full article »
Thierry Blain, SG EBS: Bringing teams to the next level

The journey of Societe Generale European Business Services began with the need for a strategic location to sustain and transform European operations of Societe Generale Group. The purpose was, from the early da

 Read Full article »
TELUS International Europe: Issue 3 - Customers First magazine! Strategy and innovation in travel and hospitality

The third issue of our Customers First magazine is now available! The latest edition is all about travel and hospitality, featuring insights from industry experts and top brands like JetBlue, Turo, Joie de Vivr

 Read Full article »
The future is now - Review of Romanian Outsourcing Summit, 2017

Romania delivers services in 25 languages with more than 100,000 specialists employed in the outsourcing industry and business services, and based on an estimated growth of 15-20 per cent, it is estimated to re

 Read Full article »
Latest News  
 
about us | newsletter | contact | members area
Copyright © 2015 by Diplomat Media Events Design by Diplomat Media Events