|
Managing the growing list of
security threats facing organizations today can be difficult, time consuming
and expensive. Unwanted spam, computer viruses, spyware or sophisticated
phishing scams all have the potential to seriously impact business
continuity and compromise an organization’s intellectual property.
Additionally, organizations need to be more sensitive to how data is
transmitted, to ensure compliance with industry regulation and privacy law.
Today, managed security service providers (MSSPs) are
available to help implement hosted solutions–to identify and stop threatening or
uncontrolled content. Traditionally, MSSPs deliver a range of network-based
services and applications. Often viewed as a “hosted solution†or a type of
outsourcing, focus areas can range from secure messaging solutions (spam,
viruses and content control) to intrusion detection and firewall services. The
one characteristic these services have in common is that they are performed
outside the customer’s network.
Among the possible benefits of using an MSSP are:
-
flexibility and scalability;
-
no affect on bandwidth, security or business continuity
since e-mail traffic is routed through the MSSP, where it is filtered of
malicious content;
-
little is required of the customer during the
installation process, as these services are designed to leverage a
customer’s existing technology environment;
-
customers do not need to worry about additional
bandwidth costs, scalability challenges or business continuity;
-
updates, upgrades and maintenance are all centrally
managed by the MSSP.
With increased regulation, such as HIPAA or Sarbanes-Oxley,
organizations also are turning to MSSPs for content-control services, designed
to monitor inbound and outbound e-mail for confidential, offensive or sensitive
data. This also protects organizations and their employees from being bombarded
by inappropriate content (pornography) or from sending sensitive data by
accident.
With content-control services, administrators set policies
and rules to search for certain keywords and attachments as they pass through
e-mail. Additionally, administrators can set policies to manage the attachment
characteristics and monitor what documents are sent and received via e-mail.
Inappropriate images can also be managed through a content-control service.
In most cases, administrators should have the opportunity to
work with the MSSP to customize and tune the service. This ensures the solution
is in line with business and technology goals, as well as company policy.
Buyers that choose to adopt the managed services approach
should expect to sign a service level agreement (SLA), a contract that details
the performance criteria the MSSP will meet during the time period of the
agreement. It also includes details on the customer’s rights in the event a
service fails. A buyer should have its legal counsel review the SLA before
signing.
The cost of a hosted solution varies based on the type of
service that is being provided. In most cases, the cost is based on a variation
of time and the number of people using the service.
Buyers should consult third-party resources, including
industry analysts who are experts in their respective market areas. Lastly,
before making a final decision, request to speak with a customer reference of
comparable size in a related industry for first-hand insight into their
experience.
For more information from
MessageLabs:
www.rsleads.com/512cn-261
This article was provided by Mark Sunner, chief
technology officer at MessageLabs, New York.
|