Latest News  

Outsourcing security: What small businesses need to know

Forecasters predict that the booming managed security service provider (MSSP) industry will grow from $8 billion in 2015 to $30 billion by 2020.

2015-11-09 16:50:07

One question that small businesses often grapple with, especially in the early days of their development, is whether or not to outsource at least some aspect of their security, writes Ryan Berg in smallbusinesscomputing.com.

There are many instances when outsourcing computer, data, and network security makes sense:
• You may lack the appropriate in-house skills and resources
• You may not be in a position to make a full-time hire, let alone multiple hires
• You can't find the right person to fill a full-time role (Forbes expects our current cybersecurity workforce shortage to reach 1.5 million unfilled positions by 2019).
So does outside security help make sense for you? Possibly. But before you even think about outsourcing, you need to develop your own clear idea of what it is you actually need help with in the first place.

Outsourcing Cybersecurity 101

The simple truth is that you're not ready to outsource your small business security if any of these three points apply to your company.
• You can't clearly articulate your problem or goal
• You don't know where your assets reside or what data or systems you're trying to secure
• You don't have someone on board to actively own and manage the outsourced relationship

Small business owners must carefully avoid giving managed-security service providers the impression that they don't know what they need. The reality is many security vendors will see nothing but dollar signs; they may guide you to toward solutions that are easiest for them to implement instead of the solutions that best fit your needs.

Think of it this way: if you go to a brake shop because you think your car has a brake problem, you're more than likely going to cough up the cash for new brakes. Meanwhile, you may actually have a bigger issue with the car that remains unaddressed. Your shiny new brakes may work like a charm, but you can still get into an accident if the steering's off. And if you go back to the brake shop angry, they'll simply shrug and say of course they didn't protect you for that.

Advanced thought and planning is the best approach to outsourcing small business security. The worst thing you can say to a managed security service provider is, "I don't know where to start.

Outsourcing small business security works well only when you achieve these states:
• You have a clearly-defined problem to solve or goal to achieve.
• You find a vendor you work well with and can trust to deliver on your specific needs

There's no lack of outsourced security vendors from which to choose. But if you have a specific security goal that lends itself to outsourcing, you can whittle down the list to providers that specialize in that area. Then discuss these 10 essential topics with the managed-security service providers on your short list before you sign an agreement.

What to Ask Prospective Managed Security Service Providers

• Find out whether they've worked with small companies that are similar to yours in size, stage, and industry
• Get references
• Review their standards, policies, and procedures carefully
• Make sure all requirements and responsibilities will be documented in service level agreements (SLA) and/or statements of work
• Determine who on their side will manage your account and discuss your expected level of interaction (you don't want to enter a partnership expecting access to the Principal only to find out later that's not the case)
• Ask about reporting (what metrics do they measure, and how often do they report)
• Go over the game plan for incident response and recovery
• Ask about systems compatibility
• Make sure they can scale their protection as your company grows
• Have an exit strategy should the time come when you want to stop using their services

Small Business Security Caution

Remember, no one outside of your business values your business as much as you do. When you outsource aspects of your company's security you place your safety and success in their hands. You may pay for a level of professionalism, but when it comes down to it, an MSSP will act with its best interests in mind. Outsourcing isn't something you jump into quickly. Success requires a considerable amount of planning, discussion, and trust-building.

Ryan Berg is chief scientist at Barkly. A speaker, instructor, and author in the fields of security, risk management, and secure application development, Berg holds multiple patents. Prior to joining Barkly, he was chief security officer at Sonatype and chief scientist and cofounder of Ounce Labs.


0 COMMENTS ^ Go back to Top
WRITE A COMMENT ^ Go back to Top
 
Your email address will not be published.
Nickname
Email
Comment
Validation Code
   
 
 
NEWS
Recruitment, retention and professional development of employees in the context of major changes in outsourcing

The Business Service Leaders Association (ABSL) organizes on May 24, 2018, at Ramada Hotel in Iasi, the conference "How HR Practices evolve in a period of major changes in outsourcing Industry". The third editi

 Read Full article »
Comdata acquires CCA International, deal should be finalized in June

After the acquisition, mid-2017, and the successful integration of B2S (now Comdata France), the Comdata group signed, yesterday, an agreement on the acquisition of CCA International, the company says.

 Read Full article »
ABSL Romania is offering 30 scholarships every year for postgraduate studies

Business Service Leaders Association Romania (ABSL) annually offers 30 scholarships in the Business Services Master program for young people wishing to pursue a career in the outsourcing industry. As a result o

 Read Full article »
Portland Trust and Ares Management LP have sold the suburban office park, Oregon Park, to Lion's Head Investments

Lion's Head Investments makes its first steps into the Romanian real-estate market and announces the acquisition of Portland Trust's and Ares Management's Oregon Park project, which consists of three class A Of

 Read Full article »
Amazon creates more than 650 new permanent jobs in Bucharest

Amazon and Amazon Web Services (AWS) today officially opened a new Corporate Office and Technology Development Centre in Bucharest and announced the creation of more than 650 permanent, technology-focused and c

 Read Full article »
Portland Trust's Oregon Park in Bucharest wins CEEQA's "Overall Building of the Year SEE"

Portland Trust, a commercial real estate developer and asset manager headquartered in Prague, announcesd that Building B at its Oregon Park office complex in the Romanian capital of Bucharest won the 2018 CEEQA

 Read Full article »
US Kellogg's opens new division at Bucharest

The US-based multinational food producer company, Kellogg's announced that it will create 50 jobs at its Bucharest centre by the end of 2018, by opening a new division at the Bucharest centre. The new positions

 Read Full article »
Techsylvania 2018 lines up powerful tech specialists at Cluj-Napoca between June 9-12

Techsylvania is the leading technology event in Eastern Europe, built to revitalize the local tech community through high-quality information delivered by worldwide experts in the IT&C industry. Engineers, deve

 Read Full article »
Accenture names Gianrodolfo Tonielli in the position of Country Managing Director in Romania

Starting May 2018, Gianrodolfo Tonielli takes over the position Country Managing Director of Accenture Romania, the company announced.

 Read Full article »
Atos and Google Cloud form a global partnership to deliver secure hybrid Cloud, machine learning and collaboration solutions to the enterprise

Atos, a global leader in digital transformation, has entered into a global agreement with Google Cloud to address the digital transformation needs of enterprise customers. This agreement will see the creation o

 Read Full article »
 
 
MOST READ ARTICLES
» The most appreciated companies from th...
» ROMANIAN OUTSOURCING AWARDS FOR EXCELL...
» DTZ: Office demand outside Bucharest t...
» Capgemini to open new office at Suceav...
» Molson Coors started to grow its busin...
» Romania, Europe's third and world's 13...
» Committed to growth
» Romanian software group expands to Bul...
» EXCLUSIVE: ABSL Timisoara - BPO and SS...
» Genpact's COO: Staying ahead of the cu...
 
EDITOR CHOICE
We meet again at OT Learning & Development on June 7th

The Second Edition of OT Learning & Development roundtable will be held on June 7, 2018 at InterContinental Hotel Bucharest. The event brings together the business services professionals to discuss and discover

 Read Full article »
The Outsourcing industry announces its winners at Romanian Outsourcing and Shared Services Awards, 2018 edition

Last night, Outsourcing Today and the Diplomat-Bucharest awarded the performance and excellence in business at the 4th edition of Romanian Outsourcing and Shared Services Awards ceremony, organized at Radisson

 Read Full article »
Ciprian Dan, Wipro BPS: The industry needs to take a more sophisticated turn

According to Ciprian Dan, Location Head at Wipro BPS, the language skills have not ceased to remain one of the competitive advantages for our market but to relate to this advantage as the sole plus is risky on

 Read Full article »
Olga Botusan, Stefanini: There is a huge need to develop particular skills for specific areas

Stefanini is a company strongly involved in the business shared industry not only for creating the demand for workforce and hiring but also for the programs developed in order to specialize the needed professio

 Read Full article »
Romanian Outsourcing & Shared Services Summit: In the search of the best strategy to stay relevant

Currently, according to companies operating in outsourcing and business shared services in Romania, there is an intense discussion regarding the availability of prepared workforce in the industry. Even if the c

 Read Full article »
Latest News  
 
about us | newsletter | contact | members area
Copyright © 2015 by Diplomat Media Events Design by Diplomat Media Events