One of the best things about the Software-as-a-Service model for IT services is that it brings sophisticated, high-value IT capabilities to small and midsized companies that otherwise wouldn't be able to afford such services. Now these companies can get critically important data governance and compliance monitoring in the form of an easy monthly service.
It’s all about the data. Everything that network security professionals do is all for the sake of protecting data assets. That feat is hard enough if you have a large staff of IT professionals, but what if the “IT department” is really just one or two people? Chances are, those few people are just trying to keep the computer systems running smoothly, and they don’t have the time – or the expertise – to monitor data for real-time threats or violations of policies and regulations.
At the same time, SMBs have the same needs as large enterprises to protect their data assets and comply with regulations such as HIPAA and Payment Card Industry (PCI).
For example, the Philharmonic Center for the Arts in Naples, Fla., has a small network of about 100 computers. The center accepts credit cards for transactions at its box office, gift shop and café and on its Web site. The PCI Data Security Standard (DSS) dictates that a card holder’s account and transaction information be protected in specific ways that would overwhelm the center’s two person IT staff. As the network administrator puts it, “It’s a big hassle to maintain data and understand it.”
The arts center has found a solution to its data security and compliance needs through a service offered by Alert Logic, an IT compliance and security company based in Houston. Alert Logic automates the collection, review, analysis and archives of security event and log data generated by its customers. If a threat or policy violation is detected, Alert Logic can initiate a remediation response and/or notify the customer of the problem.
Alert Logic’s service offers three basic technologies: log management; intrusion detection; and vulnerability assessment. These are technologies that are often too expensive or too complicated for SMBs to implement on their own. For SMBs, it often makes more sense to rent the use of these technologies and their associated services for a small monthly fee.
Linda Musthaler is a principal analyst with Essential Solutions Corporation.
Partner Content
NetScout and analyst Jim Metzler have teamed to deliver a series of IT Briefs on Network and Application Performance Management leveraging research from NetScout's nGenius & Sniffer users.
www.netscout.com
Metzler on Service Delivery Management
Delivering IT business value by evolving our thinking from managing application performance to focusing on services.
Learn More
2009 Handbook of Application Delivery
Successful IT organizations must know how to make the right application delivery decisions in these tough economic times.
Download the Handbook
Metzler on the Modern IP Network
Discusses the growing emphasis on network management and the need to implement a holistic view of the end-to-end experience of the user.
Read the Brief