Managed Security Services
Threats to enterprise networks have increased today. Viruses and worms spread between networks in a few hours, giving network administrators organizations very little time to set up defenses. Network operating systems and applications aren't perfect; hackers soon exploit weaknesses or loopholes in software to gain entry into corporate systems. Patches and fixes aren't available fast enough. Even if they are, many forget to update their software. Remember the recent Slammer worm incident?
Today's measures don't measure up The 2003 CSI/FBI Computer Crime and Security Survey found that firewalls, anti-virus solution, software and physical access controls form the basic security framework for majority of the organizations. Inspite of deploying these controls the survey found:
- Theft of proprietary information causes the greatest financial loss
- Second most wide spread and costly computer crime is Denial of Service.
- Virus incidents and insider abuse of network access are the most cited forms of attack.
To put the above finding in perspective, we need to understand that the scope of work that needs to be performed to manage security infrastructure is vast. It requires a wide range of skill sets to manage the security framework. In order to be able to perform the various tasks that are relevant to managing your security infrastructure effectively and efficiently, there is requirement of a seasoned well-trained security staff. More often than not, this is not the case, leading to security breaches.
Managed Security: A more effective option
Global trends suggest that managing network security is best outsourced to a service provider with the right skills, expertise and tools. Taking the Managed Security Services (MSS) route can potentially reduce operational and infrastructure costs significantly. As per a survey by Network Magazine (June 2003), 45% of Indian companies have already invested in some sort of outsourcing or are planning to invest in it. According to IDC, Managed Security Services Market Forecast, 2001-2006 for India is 6.5 US$ Million.
With MSS, you outsource the task of maintaining your security software and systems - so that it is always up-to-date and ready to counter the next threat. MSS relieves you from the task of strengthening your network defenses - so that you can concentrate on your core business processes. For example, an anti-virus software vendor can regularly 'push' the latest virus definitions and software updates to your server via the Web. another case, a service provider can monitor your network for intrusions a 24 x 7 basis from his network operations center. He can also provide 'managed' VPN and Firewall services.
MSS: Need based solutions
So what are the types of security services that can be outsourced? Several really. It only takes a bit of digging to identify the MSS to fit the criteria your company. Are you just looking for a monitoring solution? Or do you want complete outsourcing, which would include designing, procuring, implementation and maintenance? Or would you like periodic audits and assessments?
Types of the MSS available in the market today are:
- Managed Total Protection Services
- Managed Firewall Services
- Managed Gateway Services
- Managed Intrusion Detection Services
To get a deeper insight into managed security services, please mail us esbmarketing@sifycorp.com for a whitepaper on Managed Security Services
– Montu C Mantha, Associate Consultant Enterprise Security Services
|
