Why Managed Security Services are so Popular in Financial Institutions
by Carl Annicq - EVP Corporate Account Program and Business Development for Ubizen - Friday, 20 June 2003.
Providing the resources to maintain and monitor the environment on a 24-hour basis requires a lot of manpower. The costs are therefore expensive. By outsourcing time-consuming, repetitive tasks, FSPs can focus their own security resources on activities that support the security objectives, such as overall policy compliance. Selecting a quality managed security services partner will allow institutions to increase their security profile while managing the costs.

As stated earlier what is being outsourced is the operational aspects of some security technologies. Organisations will not and should not outsource their security responsibilities. They will still need to develop a security management infrastructure and supporting processes. This will include the security outsourcing and how the security partner interfaces with the FSP. Perhaps a better term is "co-sourcing", to indicate the overall control and responsibilities that the FSP retains.

For an organisation to achieve the best results the security infrastructure needs to be in place or at least defined, before they invest in any Internet security products or services. Organisations need to carefully select the appropriate co-sourcing partner. They will also need to pay due care to the terms and conditions of the contract. This will have to capture the types of service and service levels required by the organisation, not those that can be provided by the supplier.

Key criteria for selecting a managed security service provider will be the responsiveness and the quality of the services provided. Trust in the supplier will also be an important factor as will a global presence for large international organisations.

One possible pitfall which should not be underestimated is the internal politics that can arise. Technical operational teams may well resent and resist attempts to take ownership of their cherished firewalls away from them. While not strictly true in that the teams will still own the equipment and specify what changes are to be made, it is still a difficult mindset to overcome. Care has to be taken to involve all parties and ensure a smooth transition from the in-house support teams to the co-sourcing supplier.

While there are possible pit falls when co-sourcing to a managed security services provider, the substantial benefits are there to be gained. This is why so many institutions are considering engaging a managed security services partner. For the maximum benefit it will need an initial effort on the part of the client organisation to select a supplier and then to specify the services required. However, such effort would be well rewarded.

FSPs have been outsourcing their physical security for decades, including the key security requirements for the transferral of funds. The outsourcing of electronic security is the next logical step.


Harnessing artificial intelligence to build an army of virtual analysts

PatternEx, a startup that gathered a team of AI researcher from MIT CSAIL as well as security and distributed systems experts, is poised to shake up things in the user and entity behavior analytics market.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Thu, Feb 4th