As an outsource security partner BAI provides managed security, managed firewall, managed ids, content filtering, internet security, network security, penetration testing, and vulnerability testing.

Q: I keep hearing about Managed Security Services, but I'm not sure why I would need them. Can you explain more about the benefits and why I should considering outsourcing?

A: Securing information security assets should be a primary concern for companies of all sizes. The impact to business continuance during and after a Denial-of-Service attack or WORM outbreak is significant. Not to mention the legal and operational implications of unauthorized access to confidential data. New disclosure laws that force companies to report such activity can literally break a company.

It's been mentioned before that virus software, firewalls and security policies are a must, but they are certainly not the silver-bullet for information security. Even assuming that your data network is state-of-the-art, IT WILL NOT PROTECT THE ENVIRONMENT ON ITS OWN. It is vital that security protection devices be monitored, events correlated, risks assessed, and responsive actions be immediately taken in real-time on a 24x7x365 manner. Here’s why…

Many attacks on corporate networks happen today in a matter of seconds or minutes in the form of random rapid-fire Denial-of-Service attacks or WORM injection type threats. In addition, there are certainly still attempts to circumvent protection systems that take days, weeks, or longer. The key factors in protecting systems and data from all of these threats can be summarized in the following key tasks:

1) Keeping up on what threats exist
2) Monitoring for lead indicators to an attack
3) Monitoring for specific attack events
4) Monitoring for generic attack methods
5) Correlating events from multiple devices/access points
6) Determining risk-level and responsive action(s)
7) Effectively blocking/shunning source of attack(s) in real-time

You can see from this basic task list that truly securing an environment from real-world security risks is far more than implementing a firewall and possibly a basic Intrusion Detection System (IDS). Securing the environment has less to do with the equipment and more to do with vigilant monitoring, assessment, and reaction to daily security events. Only with constant monitoring by expert systems and personnel that are trained in security event correlation and response could your environment really be considered “well protected”. This concept is an educational process that companies are learning the hard way every day.

The reason that Managed Security Services is rapidly growing in popularity is that it is unreasonable for most companies to implement the equipment, systems, and personnel to achieve an effective level of protection. Download the following whitepaper for a more detailed analysis of what your IT group should be doing in terms of security activities, as well as the ROI advantages of Managed Security Services.

Those companies that are not seeking out Managed Security Service providers are usually either very large companies that already have the staff in-house, those that don’t realize the requirements to protect their environment, or those who live with the risk because they think there are no other cost-effective options. The fact of the matter is that all but the very largest companies would benefit from either improved protection (reduced risk) or reduced costs by outsourcing these security responsibilities to Managed Security Service Providers (MSSPs). Many companies may even significantly benefit in both areas.

It’s no surprise that industry experts predict that the market for Managed Security Services will experience rapid growth, tripling in size between now and late 2005. Companies of all sizes are realizing the tremendous amount of resources, time and effort necessary to keep pace with and resolve vulnerabilities specific to their information networks. Managed Security Services help reduce the risk of vulnerabilities being exploited and also enables IT managers to focus on their core business and core deliverables to the business.

Those responsible for information security are also realizing that vulnerability assessment alone is also no longer considered adequate in securing the environment. Companies that conduct frequent testing for vulnerabilities need to realize that testing is not a one-time activity or even a periodic event. Today, the time between vulnerability discovery and Internet-wide exploitation can be counted in days and sometimes even hours. As a result, companies need a continuous protection program to remain secure.

In summary, here are some of the benefits provided by Managed Security Services:

Cost-effectiveness: Good Managed Security Services Providers provide the best protection in the most cost-effective manner by leveraging top security personnel, equipment, smart-systems, and methodologies across a larger number of security points than most companies could do on their own.
Senior Experts Mean Better Protection: Typically, companies can not justify the cost of dedicated “senior” security professionals because of the small number of security points these highly-paid professionals would be responsible to manage. Managed Security Service Providers can justify the most senior staff due to their much larger and more complex collection of client security points.
24/7 Management, Monitoring and Support: Not enough can be said regarding the benefits on constant monitoring, assessment, and response. A good Managed Security Service Provider utilizes smart-systems and personnel on a 24x7x365 schedule to ensure real-time responses to security threats.
Guaranteed Responsiveness: Good Managed Security Service Providers provide a Service Level Agreement (SLA) that states exactly how much time it takes to perform notification, blocking activities, responses to support issues, and even the delivery of Management Reports.

The number of companies that offer Managed Security Service Providers (MSSPs) are growing. Many companies that have always offered traditional IT consulting services are adding security options to their suite of common services. The criteria for selecting a MSSP is an entire article on it own. With that said, be sure to research your potential vendors, check references, closely compare Service Level Agreements (SLAs), ensure they “actively block suspected intruders” as a normal part of their process, and talk with those people who will be responsible for protecting your environment. You should have direct access to those individuals who will become an extension of your IT team.

Contact us at BAI Security with any questions or for additional details.