The pros and cons of MSSPs
Part 1: 10 reasons to outsource security
Computerworld - More companies are outsourcing part of their security infrastructure, including firewalls, intrusion-detection systems and virtual private networks, to managed security service providers (MSSP).
There are many reasons why outsourcing may be a cheaper and better way to go. Note that I said "may be" because everything depends on your requirements. If your requirements dictate that all your security devices must be in-house and only two administrators will have access to them, then outsourcing isn't for you. So the first thing you need to do is to document your requirements.
Here are some reasons why outsourcing is an option.
MSSPs can get much better deals from vendors than you can on your own, so hardware and software will be cheaper. Let's do some simple calculations. If you decide to run firewalls in-house, the cost of a pair of Cisco Systems Inc.'s PIX 525 retail plus maintenance is about $20,000. The cost of a dedicated security engineer plus training will cost at least $110,000. (That's a low figure because I haven't added corporate overhead, which could be another 30% to 40%.) Take that over three years, the usual length of the depreciation period, and it costs about $10,000 per month. You can get it for much cheaper with an MSSP.
Generally, you can get a decent service-level agreement (SLA) for $1,000 to $2,000 a month. Over three years, that's quite a big savings.
2. Hardware upgrades
This section may be different depending on the MSSP, so be sure to ask if you are looking to outsource. Basically, hardware gets obsolete very quickly. If you buy your own hardware, in three years, you'll have to spend more money to upgrade. The original investment you made will become a paperweight. But if you go with an MSSP, you can get the hardware upgrade as part of your SLA. For example, let's say Nokia Corp. decides to upgrade its IP350 system to a faster processor. The MSSP would be able to upgrade you for free, whereas without one, you would have to spend money on your own.
3. Software upgrades
As with hardware upgrades, you can get software upgrades included in your deal with the MSSP. Software upgrades are sometimes part of the product maintenance cost (Cisco's PIX 6.1 to 6.3) or an additional cost (Check Point 4.1 to Check Point NG). On your own, you would have to shell out a 15% to 25% maintenance fee, plus whatever additional cost there is to upgrade. With an MSSP, the cost would be covered by the SLA.
4. Vendor support
Because MSSPs buy so much
- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- The 12 PCI DSS 3.0 requirements addressed by Peer 1 Hosting This handy quick reference outlines the 12 PCI DSS 3.0 requirements, who needs to be compliant and how Alert Logic solutions address the...
- Defense Throughout the Vulnerability Life Cycle This whitepaper provides insight into how to leverage threat and log management technologies to protect your IT assets throughout their vulnerability life cycle.
- Mobile Policy Checklist Here's what to consider when putting together a mobile policy designed to support a highly productive workforce.
- Securing BYOD Mobile computing is becoming so ubiquitous that people no longer bat an eye seeing someone working two devices simultaneously. Individuals and organizations are...
- Live Webcast On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy...
- Live Webcast Endpoint Backup & Restore: Protect Everyone, Everywhere Arek Sokol from the bleeding-edge IT team at Genentech/Roche explains how he leverages cross-platform enterprise endpoint backup in the public cloud as part...
- Streamline Software Asset Management, Compose a software Management Symphony Keeping track of your organization's software is easy with effective software management solutions from CDW. View the videos in our software solutions channel
- Druva inSync: Endpoint Data Protection & Governance CLICK HERE to watch this video about protecting corporate data on laptops and mobile devices, sponsored by Druva. All Security White Papers | Webcasts