Managed security services

There’s no doubt that security is the No. 1 worry of IT executives today. All you have to do is look at the neverending stream of viruses and worms heading for your net to know why. Compounding matters, corporate nets have never been more critical to the productivity and profitability of a company. Just think back a couple of weeks to how much work got done thanks to the Sobig.F and Blaster shenanigans.

This week’s Management Strategies story in Network World examine a trend that many net executives are following: the outsourcing of their security management to a managed security service provider (MSSP). MSSPs can manage a company’s firewall, VPN, intrusion-detection system or vulnerability assessment duties.

Instead of hiring your own in-house staff (complete with the high salaries and benefits), many enterprises are turning to MSSPs, which have specially-trained staffs watching your net 24-7. It’s peace of mind at a price, but one many firms are more than willing to pay. Research firm Gartner says the MSSP market is growing big time, expecting it reach $1.6 billion this year, and increase to $3 billion by 2006.

Our author points to one law firm who thought the cost was justified. San Diego firm Gray, Cary, Ware & Friedenrich has about 900 employees in nine offices. Last fall it began directing its e-mail through FrontBridge to be culled for spam and viruses. CTO Don Jaycox says that works out to about $3 per user, per month, which is half the price of having the same level of security service and expertise in-house.

But not everyone is jumping on the security outsourcing bandwagon. Yes, it’s a greater level of protection, but many executives are wary of turning such a vital job as security to outsiders.

Read this week’s Management Strategies story in its entirety for more pros and cons on the practice of using MSSPs: https://www.nwfusion.com/careers/2003/0901man.html