Outsourcing security: What small businesses need to know - OUTSOURCING-TODAY.RO
Latest News  

Outsourcing security: What small businesses need to know

Forecasters predict that the booming managed security service provider (MSSP) industry will grow from $8 billion in 2015 to $30 billion by 2020.

2015-11-09 16:50:07

One question that small businesses often grapple with, especially in the early days of their development, is whether or not to outsource at least some aspect of their security, writes Ryan Berg in smallbusinesscomputing.com.

There are many instances when outsourcing computer, data, and network security makes sense:
• You may lack the appropriate in-house skills and resources
• You may not be in a position to make a full-time hire, let alone multiple hires
• You can't find the right person to fill a full-time role (Forbes expects our current cybersecurity workforce shortage to reach 1.5 million unfilled positions by 2019).
So does outside security help make sense for you? Possibly. But before you even think about outsourcing, you need to develop your own clear idea of what it is you actually need help with in the first place.

Outsourcing Cybersecurity 101

The simple truth is that you're not ready to outsource your small business security if any of these three points apply to your company.
• You can't clearly articulate your problem or goal
• You don't know where your assets reside or what data or systems you're trying to secure
• You don't have someone on board to actively own and manage the outsourced relationship

Small business owners must carefully avoid giving managed-security service providers the impression that they don't know what they need. The reality is many security vendors will see nothing but dollar signs; they may guide you to toward solutions that are easiest for them to implement instead of the solutions that best fit your needs.

Think of it this way: if you go to a brake shop because you think your car has a brake problem, you're more than likely going to cough up the cash for new brakes. Meanwhile, you may actually have a bigger issue with the car that remains unaddressed. Your shiny new brakes may work like a charm, but you can still get into an accident if the steering's off. And if you go back to the brake shop angry, they'll simply shrug and say of course they didn't protect you for that.

Advanced thought and planning is the best approach to outsourcing small business security. The worst thing you can say to a managed security service provider is, "I don't know where to start.

Outsourcing small business security works well only when you achieve these states:
• You have a clearly-defined problem to solve or goal to achieve.
• You find a vendor you work well with and can trust to deliver on your specific needs

There's no lack of outsourced security vendors from which to choose. But if you have a specific security goal that lends itself to outsourcing, you can whittle down the list to providers that specialize in that area. Then discuss these 10 essential topics with the managed-security service providers on your short list before you sign an agreement.

What to Ask Prospective Managed Security Service Providers

• Find out whether they've worked with small companies that are similar to yours in size, stage, and industry
• Get references
• Review their standards, policies, and procedures carefully
• Make sure all requirements and responsibilities will be documented in service level agreements (SLA) and/or statements of work
• Determine who on their side will manage your account and discuss your expected level of interaction (you don't want to enter a partnership expecting access to the Principal only to find out later that's not the case)
• Ask about reporting (what metrics do they measure, and how often do they report)
• Go over the game plan for incident response and recovery
• Ask about systems compatibility
• Make sure they can scale their protection as your company grows
• Have an exit strategy should the time come when you want to stop using their services

Small Business Security Caution

Remember, no one outside of your business values your business as much as you do. When you outsource aspects of your company's security you place your safety and success in their hands. You may pay for a level of professionalism, but when it comes down to it, an MSSP will act with its best interests in mind. Outsourcing isn't something you jump into quickly. Success requires a considerable amount of planning, discussion, and trust-building.

Ryan Berg is chief scientist at Barkly. A speaker, instructor, and author in the fields of security, risk management, and secure application development, Berg holds multiple patents. Prior to joining Barkly, he was chief security officer at Sonatype and chief scientist and cofounder of Ounce Labs.


0 COMMENTS ^ Go back to Top
WRITE A COMMENT ^ Go back to Top
 
Your email address will not be published.
Nickname
Email
Comment
Validation Code
   
 
 
NEWS
Ness Digital Development center in Iasi expands activity, creates new jobs

Ness Digital Engineering, one of the leading global providers of IT services, is consolidating the activities of its center based in Palas Iași, adding two major companies in the field of telecom, media & ente

 Read Full article »
BearingPoint expands its Security Advisory Center of Excellence in Romania

Technology consultancy company BearingPoint announced that it is expanding its Security Advisory Center of Excellence (CoE) in Romania.

 Read Full article »
Connections signs partnership with UiPath, aims 5 mln Euro from robots in 2019

Digital transformation company Connections, operating in Romania, Bulgaria and Serbia, has signed a partnership with UiPath, the Enterprise Robotic Process Automation (RPA) platform with the fastest acquisitio

 Read Full article »
Endava marks IPO and first day of trading on New York Stock Exchange

Endava opened for trading on the New York Stock Exchange (NYSE) under the ticker symbol "DAVA" following its initial public offering.

 Read Full article »
Colliers: Co-working changes Romanian office leasing data

The end of the first semester has brought into light great achievements from regional cities in all real estate segments. Bucharest has also performed well and, according to the real estate consultancy company

 Read Full article »
Atos, closer to acquire Syntel

Atos and Syntel have entered into a definitive merger agreement under which Atos will acquire Syntel for cash consideration of c. 3.4 billion US dollars, 41.0 Us dollars per share, representing apx. 14 per cent

 Read Full article »
Turkey's TotalSoft completes acquisition of Romania's Architected Business Solutions

Turkish-owned software company TotalSoft said on Monday it has completed the acquisition and merger of Romanian business management consultancy group Architected Business Solutions (ABS). The deal was announced

 Read Full article »
SAP and Lufthansa launch world's first "Aviation Blockchain Challenge"

The Lufthansa Innovation Hub and the SAP.iO Foundries program in Berlin launched the "Aviation Blockchain Challenge" to draw attention to the potential of blockchain technology in the aviation industry, uncover

 Read Full article »
Endava specialists put 3-month work in Via Transilvanica platform

The Via Transilvanica online platform, a concept initiated by the Tăşuleasa Social Association, was developed pro-bono by an Endava team in three months. A smartphone application, interactivity and tagging fu

 Read Full article »
ABSL Romania: school as abroad – the enrollments begin at the ABSL Master Program

Association of Business Service Leaders in Romania (ABSL) gives the start of enrollments to the Business Services (MBS) Master Program, one of the few in Romania that is designed on the model of successful inte

 Read Full article »
 
 
MOST READ ARTICLES
» ROMANIAN OUTSOURCING AWARDS FOR EXCELL...
» The Outsourcing industry announces its...
» Committed to growth
» Genpact's COO: Staying ahead of the cu...
» PwC: The competitive advantages of Rom...
» Luxoft expands Asia Pacific presence w...
» Olga Botusan, Stefanini: There is a hu...
» Zitec's digital marketing division reg...
» EXCLUSIVE: ABSL Timisoara - BPO and SS...
» How does leadership look today?
 
EDITOR CHOICE
Synergy of skills

There are over 250.000 employees only in the class A and B office buildings in Bucharest and around one million employees spread around the city. How does the office market cope with the need of companies to ac

 Read Full article »
Risk management in industry 4.0. The risks are new, how is the management?

The ink is not yet dry in terms of GDPR's EU compliance regulations and the last few months have been a very useful exercise for everybody, either vendor, producer or consumer to understand that rigid concepts

 Read Full article »
In the search of the best next available resource, human or not

With the work demand expressed for the "traditional" job openings in ITO, HRO, BPO or SSC, the question formulated by the industry stakeholders points to some concerns regarding the future availability of the s

 Read Full article »
Competing in outsourcing: racing of endurance and skills

As Romania's outsourcing sector is currently estimated to employ more than 100,000 people, a constant evolution in the past years (with 15.000 employees registered in 2007), the local market is a popular nearsh

 Read Full article »
How to become people savvy?

The discussions in the panel of this summer's OT Learning and Development's roundtable underlined the necessity of providing the learning and the knowledge transfer when the necessity occurs, customized and app

 Read Full article »
Latest News  
 
about us | newsletter | contact | members area | GDPR policy
Copyright © 2015 by Diplomat Media Events Design by Diplomat Media Events