Who can you trust?
Although the number of MSSPs in Australia is relatively small, there are still a variety of different options available.
Choosing a provider is first and foremost about matching your requirements to the provider's expertise. Beyond this, there are some criteria you should view as essential.
Damian Thompson, general manager of MSSP Zento says that a reliable provider must have:
- At least 18 month's working capital to support operations
- Dedicated 24 x 7 x 365 Security Operations Centre (SOC)
- Technologically advanced and secure data centre infrastructure
- Industry accredited and experienced IT security staff
- Multi-vendor support
- Service Level Agreements guaranteeing the delivery of managed services
"With the marketplace the way it is, this is not the time to have financial concerns about the company you're outsourcing your security to," he says.
McAfee's Ray McIntyre agrees. "You need your partners to be sound because you're in it for the long haul."
Having relationships with more than one vendor allows an MSSP to give customers a choice of services depending on their budget and requirements. "A lot of companies hitch their horse to one wagon," he says.
"Having multiple relationships, you're delivering much better value to the client because you're much more aware of what's going on in the marketplace," says Thompson.
"Some of the vendors such as Cisco and Nokia have very good software, but just relying on a single vendor's suite of software is a risk factor," adds Getronics' Peter King.
eSec's Jeff Paine says a good cue that an MSSP's staff are knowledgeable is if they are active contributors to security forums and symposiums.
"There are plenty of other considerations--the nutshell summary is that an organisation looking for an MSSP should try and compare the providers on a level playing field, and never assume anything about the service being provided," he adds.
"Ask the hard questions, and make sure the provider is capable and experienced. Organisations should be completely comfortable trusting the MSSP with their security before retaining their services."
Paine lists three more criteria:
- Scalability: the managed service should be adaptable to a changing network without sacrificing security.
- Seamless operation: it should not be intrusive on daily operations.
- Simplicity: increased complexity is counterproductive, managed services should not increase complexity.
McIntyre agrees that MSSPs should be seen and not heard. "You need to make sure they're deploying the correct technology, they need to be able to push out emergency patches and the like over the Internet from their SOC. You don't want someone constantly in your office tinkering with your systems."
Reporting is also an important issue, according to King. "You need an MSP who's able to prove to you how they're looking after you. We place a big emphasis on reporting. We want to show them where they have flaws so they can go and repair them."
