Q&A: Software-as-a-Service and Threat Management
by HNS Staff - Monday, 7 July 2008.
2. I’d pay special attention to the readiness of your security team. While I do not believe security should be managed internally, there always has to be an internal team that understands security, technology and your business. Companies that use MSSPs are especially sensitive to this – often outsourcing is seen as a green light to drop your guard. Truth is that in a triage situation, when fast response and well thought out action matters, no service provider can really be a surrogate for well prepared staff. Only the people who can truly understand business risk should handle response to critical situations. Have the roles assigned, procedures reviewed and incident response plans tested before something happens. Make sure the communication, command and control paths are crystal clear. This could mean the difference between full breach or data leak, or a close call.
With the constant evolution of threats, what kind of technology challenges does Alert Logic face?
Integration with other vendors and data sources is right at the top of the list. The software-as-a-service model opens up very unique opportunities that security products have not began to leverage. Everyone knows what mashups are – you take a Google map and blend it with LinkedIn. It’s not rocket science. But what if you could do the same with SaaS security products? Geolocation, reputation services, identity awareness come to mind. Possibilities are endless.