RECENT research from the Gartner Group predicts that while less than 3% of global IT services spending was outsourced up to 2004, that figure would jump even more in the coming years. Such changes in the way businesses operate have brought about new practices in managing IT services.
In recent years, a booming trend of transformation in information technology management has taken place, from inhouse HR investments to outsourced services that are accessed when and if needed.
Many corporations outsource their IT functions and Network monitoring capabilities onshore or offshore. Where the focus was initially on mainframe management and data processing services, it has evolved to cover a broad range of services ranging from software development to network management and information security.
Over the past decade, multinationals that outsourced their IT functions enjoyed substantial cost savings by taking advantage of the skills and lower labor rates in countries such as China and India.
A recent bench-marking study on outsourcing locations in the Asia Pacific region has placed Kuala Lumpur as a “clear favourite” for locating offshore shared service operations.
The study, by Deloitte Consulting, also described as a “credible challenger” to traditional offshore outsourcing locations such as India, China and the Philippines.
Business transformation outsourcing, however, has not only endowed corporations with greater flexibility in managing projects using internal Software platforms and an improved cost structure in maneuvering internal IT Services, but also exposed outsourced services to risks by involving intermediaries in the processing of information and applications.
As such, baseline controls and measures are heavily used these days to evaluate the performance of the outsourced IT services. In many cases, a service level agreement (SLA) is used to define the type, value and conditions of outsourcing services to be provided.
This brings about an interactive outsourcing practice, which drives providers to develop and enhance vertical solutions to meet the same quality and performance standards as inhouse applications; and at the same time allowing buyers to seek bench-marking services through outsourcing.
While there is a remodeling of the outsourcing process and standards now and then, many prominent international security vendors aim to capture a larger market share and expand their scope of business by offering expertise in outsourcing management services, predominantly to multinational companies.
Throughout the World, security outsourcing like Managed Security Service (MSS) has been adopted chiefly by the financial services sector for the past four years.
The objectives are:
- BNM JPI26 and GPIS-1 compliance;
- Check and balance between the IT/IS team and MSS provider;
- Risk mitigation via proactive intrusion detection and escalation via the MSS provider;
- Proactive countermeasure against any cyberthreats; and
- Risk and trend analysis
Generally speaking, outsourcing helps organisations reduce costs. On the other hand, it gives rise to potential problems that should not be overlooked.
Apart from measures to sustain a certain level of standards in outsourced services, cultural differences and political instability have nonetheless come to the forefront in many offshore outsourcing initiatives.
Emerging Trends in Security Outsourcing
The increasing complexity of Internet security, and the resources required to keep pace with growing vulnerabilities in network operations, make it difficult for organisations to manage an all-encompassing solution that suits their needs.
This is why many organizations have outsourced network security to professional managed security service providers (MSSPs). Experienced MSSPs are able to better manage their requirements with the latest technology, techniques and expertise, and in a more cost-effective manner.
Such services may include:
- Network boundary protection, including Security Devices Management Services for Firewalls, Intrusion Detection Systems (IDS), and virtual private networks (VPN);
- 24×7 security & Network Monitoring for devices like firewall/IDS/IPS/AV/VPN etc;
- Incident management, including emergency response and forensic analysis (may be bundled with 24×7 security monitoring);
- Vulnerability assessment and penetration testing;
- Antivirus and content filtering services;
- Information Security Risk Assessments;
- Data Archiving and Restoration; and
- Onsite support/consultation.
For the most part, businesses have responded to security threats by deploying solutions that include a variety of single-point security products – firewalls, intrusion detection, antivirus, policy monitoring, vulnerability assessment, and authorization and authentication – from a number of different vendors.
However, such initiatives are useless if the IT staff cannot monitor, understand and respond to security breaches in real time.
Compounding this, the industry has also yet to establish interoperability standards, and most of these products do not work well together. Most corporations also lack the human resources to effectively manage these complex heterogeneous systems, which require constant attention and continual maintenance.
Hence, the key questions management should ask in ascertaining whether or not the organization requires 24×7 network surveillance and monitoring are:
- How many of the security events logged per month are significant enough to warrant a response?
- How do you decide which events are critical to your network and require an immediate, real-time response?
- Do you have the necessary resources and 24×7 surveillance capability to respond to online threats and security breaches while they are happening?
- What can you do to make your security posture more proactive rather than reactive in handling information security threats?
Finding a Managed Security Service Provider
Above, we discussed the trend of IT outsourcing and now lets zoom in specifically to the information security aspect.
The increasing complexity of Internet security, and the resources required to keep pace with growing vulnerabilities in network operations, make it difficult for organisations to manage an all-encompassing solution that suits their needs.
This is why many organizations have outsourced network security to professional managed security service providers (MSSPs). Experienced MSSPs are able to better manage their requirements with the latest technology, techniques and expertise, and in a more cost-effective manner.
Such services may include:
- Network boundary protection, including Security Devices Management Services for Firewalls, Intrusion Detection Systems (IDS), and virtual private networks (VPN);
- 24×7 security monitoring for devices like firewall/IDS/IPS/AV/VPN etc;
- Incident management, including emergency response and forensic analysis (may be bundled with 24×7 security monitoring);
- Vulnerability assessment and penetration testing;
- Antivirus and content filtering services;
- Information security risk assessments;
- Data archiving and restoration; and
- Onsite support/consultation.
For the most part, businesses have responded to security threats by deploying solutions that include a variety of single-point security products – firewalls, intrusion detection, antivirus, policy monitoring, vulnerability assessment, and authorization and authentication – from a number of different vendors.
However, such initiatives are useless if the IT staff cannot monitor, understand and respond to security breaches in real time.
Compounding this, the industry has also yet to establish interoperability standards, and most of these products do not work well together. Most corporations also lack the human resources to effectively manage these complex heterogeneous systems, which require constant attention and continual maintenance.
Hence, the key questions management should ask in ascertaining whether or not the organization requires 24×7 network surveillance and monitoring are:
- How many of the security events logged per month are significant enough to warrant a response?
- How do you decide which events are critical to your network and require an immediate, real-time response?
- Do you have the necessary resources and 24×7 surveillance capability to respond to online threats and security breaches while they are happening?
- What can you do to make your security posture more proactive rather than reactive in handling information security threats?