Managed security refers to outsourcing the function of monitoring and management of security devices and systems to a third-party provider. Common services that are managed include firewalls, intrusion and detection processes and systems, virtual private networks, scanning for systems vulnerabilities and providing anti-virus services.
Managed security service providers use high-availability security operation centers, either from their own facilities or those from other specialized data center providers, to provide 24/7 services. The main advantage of outsourcing the security function for organizations is that it reduces the number of security personnel an enterprise needs to hire, train and retain to maintain an acceptable security posture. This is because such professionals are difficult to find and the security risk environment is changing constantly.
According to recent research, while most organizations maintain an in-house security team, over 80% of IT professionals said that they had either already or planned to partner with outside managed security providers. This is because organization’s face daily threats to information security from a wide range of sources including data destruction or corruption, malware, intellectual property theft and ransomware attacks. The continuing skills shortages in this area and their own resource constraints make managed security service providers a necessary asset in their security planning and execution.
This is because managed security service providers take a systematic and holistic approach to information system security. Aside from the 24/7 monitoring of production systems against attack they also oversee the installation of security patches for software, perform on-going vulnerability assessments, security audits and are immediately available to respond to a high-level attack. They also use advanced software tools for security management that automate the filtering and assessment of multiple events that may be a potential security risk since performing these tasks by an organization’s administrators manually, particularly for large networked systems, is an almost impossible task.
Following are some of the types of security providers that operate in the managed security space:
• On-site Consulting – offer assistance to a business in assessing business risks and requirements related to security and help develop policies and procedures to mitigate them.
• Perimeter Management – these services manage the security risks that occur when an organization’s internal network connects to outside networks (such as the cloud or internet).
• Managed Monitoring – this involves the day-to-day detection and assessment of events that may pose potential security risks such as unauthorized access, malicious hacking and usage anomalies.
• Penetration Testing – specialized teams are engaged to attack an organization’s systems to find vulnerabilities both logical and physical.
