Six Categories of Managed Security Services
- On-site consulting
This is customized assistance in the assessment of business risks, key business requirements for security and the development of security policies and processes. It may include comprehensive security architecture assessments and design (include technology, business risks, technical risks and procedures). Consulting may also include security product integration and On-site incident response and forensics.
- Remote perimeter management
This service installs and upgrades the firewall, Virtual Private Network (VPN) and intrusion detection hardware and software, commonly performing configuration changes on behalf of the customer.
- Product resale
Clearly not a managed service by itself, product resale is a major revenue generator for many MSS providers. This category provides value-added hardware and software for a variety of security-related tasks.
- Managed security monitoring
This is the day-to-day monitoring and interpretation of important system events throughout the network, including unauthorized behavior, malicious hacks and denials of service (DoS), anomalies and trend analysis. It is the first step in an incident response process.
- Penetration and vulnerability testing
This includes one-time or periodic software scans or hacking attempts in order to find vulnerabilities in a technical and logical perimeter. It generally does not assess security throughout the network, nor does it accurately reflect personnel-related exposures due to disgruntled employees, social engineering, etc.
- Compliance monitoring
This includes monitoring event logs not for intrusions, but change management. This service will identify changes to a system that violate a formal security policy for example, if a rogue administrator grants himself or herself too much access to a system. In short, it measures compliance to a technical risk model.
The decision criteria for engaging the services of an MSSP are much the same as those for any other form of outsourcing: cost-effectiveness compared to in-house solutions, focus upon core competencies, need for round-the-clock service, and ease of remaining up-to-date. An important factor, specific to MSS, is that outsourcing network security hands over critical control of the company's infrastructure to an outside party, the MSSP, whilst not relieving the ultimate responsibility for errors. The client of an MSSP still has the ultimate responsibility for its own security, and as such must be prepared to manage and monitor the MSSP, and hold it accountable for the services for which it is contracted. The relationship between MSSP and client is not a turnkey one.
An MSSP may offer any of the following services:
- regular vulnerability assessments, whose reports are given to the client, and penetration testing
- management of the client's network firewall, including monitoring, maintaining the firewall's traffic routing rules, and generating regular traffic and management reports
- intrusion detection management, either at the network level or at the individual host level, providing intrusion alerts to a client, keeping up to date with new defenses against intrusion, and regularly reporting on intrusion attempts and activity
- providing mitigation support after an intrusion has occurred, including emergency response and forensic analysis
- content filtering services, for electronic mail (i.e. email filtering) and other traffic
- data archival
Although the organization remains responsible for defending its network against information security and related business risks, working with an MSSP allows the organization to focus on its core activities while remaining protected against network vulnerabilities.
Business risks can result when information assets upon which the business depends are not securely configured and managed (resulting in asset compromise due to violations of confidentiality, availability, and integrity). Compliance with specific government-defined security requirements can be achieved by using managed security services.
Read more about this topic: Managed Security Service
Famous quotes containing the words categories, managed, security and/or services:
“All cultural change reduces itself to a difference of categories. All revolutions, whether in the sciences or world history, occur merely because spirit has changed its categories in order to understand and examine what belongs to it, in order to possess and grasp itself in a truer, deeper, more intimate and unified manner.”
—Georg Wilhelm Friedrich Hegel (1770–1831)
“The child knows only that he engages in play because it is enjoyable. He isn’t aware of his need to play—a need which has its source in the pressure of unsolved problems. Nor does he know that his pleasure in playing comes from a deep sense of well-being that is the direct result of feeling in control of things, in contrast to the rest of his life, which is managed by his parents or other adults.”
—Bruno Bettelheim (20th century)
“The contention that a standing army and navy is the best security of peace is about as logical as the claim that the most peaceful citizen is he who goes about heavily armed. The experience of every-day life fully proves that the armed individual is invariably anxious to try his strength. The same is historically true of governments. Really peaceful countries do not waste life and energy in war preparations, with the result that peace is maintained.”
—Emma Goldman (1869–1940)
“The community and family networks which helped sustain earlier generations have become scarcer for growing numbers of young parents. Those who lack links to these traditional sources of support are hard-pressed to find other resources, given the emphasis in our society on providing treatment services, rather than preventive services and support for health maintenance and well-being.”
—Bernice Weissbourd (20th century)