Service guarantees
And these services should all be set out in the service level agreement. (SLA). When it comes to the SLAs however, things tend to get tricky. Be aware that outsourcing security management does not mean that your company is now guaranteed 100 percent safety. Further, if a breach occurs and it costs your company millions, don't expect the provider to be responsible for that.A security service provider cannot guarantee you will not be attacked, but it can guarantee certain service levels, for example, how long it should take to respond to an attack, how quickly the problem is resolved, how quickly to warn you of a breach or vulnerability, and various reporting levels.
Stocker can tell you all about contract woes; his road to outsourcing security has not been without difficulty. Firstly, when discussing the service with Zento, it ended up being too expensive. So it took some renegotiation of the service, and Stocker decided that Parmalat would actually own the CheckPoint firewall which brought the price down.
He was ready to sign the contract, but it first had to be checked with Parmalat's lawyers, due to company policy. Then the trouble started. The lawyers came back and said Parmalat's insurance company would not be happy with the contract, because it would mean handing company risk over to Zento who would not actually be liable. If a security breach occured and Parmalat incurred financial losses, Parmalat would be turning to its insurer. The insurer would then be turning to the security service provider, Zento, who under contract wasn't liable for the damage.
The contract was discussed with Parmalat's lawyers and Zento's lawyers for three months, trying to find agreement. According to Stocker, eventually Zento said it could move no further because it would be putting itself at risk, so Stocker and Zento had to come up with another plan.
"We sold him a CheckPoint firewall in high-availability mode and at the time we were talking managed security, but the company policy would not let a third party manage it, so Guy bought the technology and we created a derivative of our services," says Argyropoulos.
"So he manages the firewall and manages the risk, and we provide the monitoring 24x7, a secure Web portal, monthly reports, the alert and escalation procedures, and the technical expertise. He manages the updates to the firewall, the maintenance, and he puts in the policy in the firewall."
It means that Stocker no longer has to keep up to date with the latest patches, and he doesn't have to spend his time trying to be up with the latest technology, but if anything needs to be changed, the decision has to go through Stocker first.
"We've gone to a halfway arrangement... I get them to do the updates, I get them to do the patch updates, but I do that on a per hour basis, so if there is a new service pack to go in or a new upgrade, I employ their services to do that," explains Stocker. "They can't make changes to the firewall infrastructure; they can't make changes to the rule, and they can't do policy updates."
For Zento, its deal with Parmalat was a first; no other customer had broken down the service like that before. Argyropoulos says Zento saw the opportunity for that type of service and now offers a suite of managed services. He sees the managed security service growing faster than the outsourcing environment, and is now providing a service like the one provided for Parmalat, for three other companies
As for Stocker, he is very happy with the service he receives from Zento, but he says his preferred option is still to fully outsource.
"If I didn't have the legal obligations of the contract I would do it tomorrow," he says.
Who's out there
Following are some managed security service providers we came across when researching for this article. There are so many that we couldn't include them all, but this list should get you started.
AT&T
AT&T offers a range of security services, including managed premise-based firewall services (Nokia, Checkpoint); Security consulting; network scanning services (vulnerability and virus); and managed intrusion detection.
Bulletproof Networks
Bulletproof Networks specialises in providing Internet security including gateway and router management, managed, shared and dedicated hosting, monitoring and reporting services.
Dimension Data
Dimension Data's motto for its security services is protect, detect, respond. Services include planning of policy and procedures, framework production, architecture design and implementation, identity management, remote access, VPN, training courses, managed services, operational services, and vulnerability, threat, and risk assessment.
Equant
Equant works with customers to examine security policies, define the requirements, then tailor the gateway. Equant configures all hardware and software gateway appliances, provides ongoing monitoring and maintenance, and monitors every aspect of the gateway to ensure optimal performance. It offers real-time analysis of firewall log files and monthly traffic analysis reports, and security policy support.
LogicaCMG
LogicaCMG designs, builds and operates security solutions for Australian companies. LogicaCMG offers a broad range of security solutions. Services include Internet gateway hosting, penetration testing network and applications, vulnerability assessments, threat and risk assessments, and business continuity planning.
Logical
Logical offers round-the-clock network security management. Linked with its WAN/LAN and server management, Logical offers full infrastructure protection including security review, vulnerability assessments, monitoring and management of systems, incidents, configurations, software, documentation, and restoration, teamed with the ability to link content filtering, intrusion protection, and virus management.
Macquarie Corporate Telecommunications
Macquarie Corporate offers a comprehensive range of managed security solutions designed to meet the needs of corporate and government organisations. Services include DSD Accredited Gateway Solutions, antivirus, spam/URL/content filtering, and independent professional services including audits, vulnerability assessments, risk and threat assessments, and health checks.
MailGuard
MailGuard is a managed anti-virus and content filtering email management service. MailGuard utilises and supported by Sophos Anti-Virus, Norton Anti-Virus (Symantec) & McAfee (NAI) on a 24x7 basis. Services include: anti-virus and content filtering, spam management, alert and control, with statistics and information accessible from an Internet browser.
TPI
TPI is a global outsourcing advisory firm that manages virtually 100 percent of the large outsourcing deals in Australia. It provides outsourcing strategy, in addition to managing the transaction and the post deal relationship management.
TruSecure
TruSecure offers fully integrated, enterprise risk management services providing proactive risk reduction with real-time security management, monitoring, and response.
Zento
Zento manages firewalls, intrusion detection and prevention systems, and anti-virus solutions from a single platform. False positives are removed and real alerts are managed within SLA parameters. Zento's technical staff have accreditations in the technologies the company supports, including CheckPoint, NetScreen, Cisco, Trend Micro, and Computer Associates.
90East
90East is a leading supplier of managed security services operating secure perimeters, secure hosting and VPN's connecting all tiers of government and any commercial entities transacting with government. 90East operates certified security solutions, combining best of breed products, hardware and software, from its ASIO and Defence Signals Directorate certified Secure Operations Centres. The result is a solution suite enabling organisations and individuals to communicate and conduct business over the Internet.
Subscribe now to Australian Technology & Business magazine.
6%
1%
