Access your Pro+ Content below.
Outsourcing security services in the enterprise: Where to begin
This article is part of the March 2013/ Volume 15 / No. 2 issue of Information Security magazine
Enterprises across a wide variety of industries are turning to cloud computing to reduce the burden on their IT support staff, decrease costs and provide services that would otherwise be out of reach. As organizations evaluate the best options for cloudsourcing, attention is naturally turning to information security services because of the high cost of maintaining the hardware, software and staff required to provide these services on-site. However, the options for outsourcing security services are numerous, and not without risk. Fortunately, not every organization’s solution to security outsourcing has to be found in the public cloud. In this article, we look at the managed security service provider (MSSP) landscape and discuss the use of MSSPs for vulnerability management, security incident and event management (SIEM), intrusion detection, virtual private networking (VPN) and more. We also offer advice on how to manage an MSSP relationship to reduce risk. The Benefits and Risks of Outsourcing Security Services The adoption of ...
Features in this issue
Outsourcing security services doesn’t have to mean moving to the cloud. Enterprises have many options for outsourcing security services, including managed and hosted services.
In the wake of the New York Times attack, a look at antivirus evasion techniques show how easy it is to avoid antivirus detection and why new defenses are needed.
The growing use of big data analytics has created big data privacy concerns, yet viable tactics exist for proactive enterprises to help enterprises get smarter while keeping consumers happy.
Columns in this issue
Security in the cloud has come a long way and it’s now possible to control the quality of security you get in Web deployments, and to monitor what’s going on in your slice of the cloud.
A security-savvy IT staff can help reduce risk. Learn about information security training and education options for IT professionals.
Marcus Ranum, security expert and Information Security magazine columnist, goes one-on-one with Randy Sabett, counsel at ZwillGen PLLC and formerly with the National Security Agency to discuss cloud SLAs.