- Get a grip or you don't get the job
- Desktops of the future here today
- Researcher hides IE attack on Web
- Cisco third quarter 2008 channel stuffing
- Sci-Fi's goofiest gadgets and technology
Rss FeedRss Feed
Crackin' the Kraken bot. Listen now!
Wireless dangers at airports. Listen now!
Before now, midsize customers settled for either an expensive and complex array or low cost solution that lacked functionality. Now experience virtual storage with enterprise class functionality at an affordable price.
Get the latest on storage technologies that allow IT professionals to better cope with new IT demands. Learn how storage technologies can help you successfully tackle e-Discover, regulatory compliance, green data center initiatives and the data explosion. Get all the details now.
HP's Network Lifestyle Management can help you automate network processes and improve NOC efficiency. This webinar is part three of a four part series on Business Services Management (BSM) evolution to help you better align IT with business objectives. Register for this event scheduled for Wednesday, January 30, 2008 at 11:00 a.m. PDT/2:00 p.m. EDT to learn more. Register for this live webcast now.
So the line of defence remains is "PIN NUMBER" Wowww what a strong security ? HSBC , invest some money...- Anonymous
Security demands for online applications such as e-commerce and Web services are prompting more corporate customers to hand off security functions - such as intrusion detection and firewalls - to outside service providers.
Users are finding that third-party security service providers can also help augment an internal security strategy by preparing reports required by many new government regulations.
As a result, the trend toward outsourcing security functions, which peaked during the Internet boom, is slowly angling upward again as companies discover that handing off routine security activities enables them to focus internal security expertise in more critical areas. However, hurdles remain, and many companies still prefer to keep such sensitive IT functions in-house.
"As we've seen the economy pick up over the past six or eight months, we've seen companies turn to outsourcing because they want to use their security staff to address security needs for e-commerce and VPN and Web applications - the let-the-good-guys-in sort of stuff to connect with customers, partners and employees," says Kelly Kavanagh, a principal analyst at Gartner.
"The routine monitoring and maintenance of firewalls and monitoring of [intrusion-detection system] traffic for alerts are things they're finding have a great impact on their staff time and is something they can give to somebody who does that 24-7," he says.
Since the beginning of the year, clients have had more questions about outsourcing security and more are on the brink of contracting with service providers, Kavanagh says, adding that "the question now is 'who,' not 'whether' or 'if.'"
Still, analysts note that the move to outsource security functions is a slow one. One reason is that the so-called managed security service provider market continues to consolidate - Level 3 Communications acquired Genuity early last year, and VeriSign snapped up Guardent in February this year - leaving some enterprise customers wary about contracting with a firm that might not be around in a few months.
Gartner expects consolidation to continue as smaller players band together to compete with larger providers and those large firms seek to expand their security expertise through acquisition.
In addition, companies for a variety of reasons are still reluctant to hand off security functions to outside parties.
Willis Marti, associate director for networking for computing and information services at Texas A&M University in College Station, says increasingly complex security needs linked to proliferating viruses, patch management and other issues actually make him more likely to keep security in-house.
"The more complex the task, the more difficulty in structuring an agreement with an outside party," say Marti, who oversees a network that connects more than 60,000 users. "Security has to be provided in the context of business operations. . . . There is almost no chance we'll do any outsourcing of security functions. Part of the reason is a special expertise we have, part is because I'm not aware of any really successful outsourcing, and part is the close-to-unique nature of a major university."
John Halamka, CIO of Harvard Medical School and CareGrou p Healthcare System in Boston, began outsourcing network security monitoring to Counterpane in 2001, but brought those functions back inside the organization last year.
"Because we're a healthcare organization it was essential to develop a core competency in doing network security," says Halamka, who estimates his network is attacked about every 7 seconds on average. "With [the Health Insurance Portability and Accountability Act], we wanted to have our own internal staff who could be extraordinarily vigilant and fleet of foot to respond to issues instantaneously and constantly advise how to improve our infrastructure to guard against ever-wily hackers."
It was access to this type of advice that was part of the reason why financial publisher Bowne & Co. in New York outsourced its IDS monitoring to Internet Security Systems (ISS).
"We have a good mix of in-house expertise and good standard operating procedures and a service that has been reasonably priced and has given us access to additional expertise that has been quite helpful," says Ruth Harenchar, Bowne's CIO.
| NetworkWorld, Inc. | About Network World, Inc. | Advertise | Careers | Contact us | Terms of Service/Privacy | Reprints and links | Partnerships | Press room | Subscribe to NW |
| IDG, Inc. | CIO | Computerworld | CSO | Demo | GamePro | Games.net | IDGconnect.com | IDG World Expo | Infoworld | JavaWorld.com | LinuxWorld.com | MacUser | Macworld | PC World | Playlistmag.com The Industry Standard IDG List Services |
 |
Copyright © 1994-2008 Network World, Inc. All rights reserved. |
