Most businesses have trouble keeping up with today’s constant barrage of cyber threats. Many are turning to MSSPs (managed security services providers) to protect their networks cost-effectively and reliably. But choosing an MSSP requires thought and research. Not all offer the same levels of protection, so you should focus your search on a provider with a solid track record and reputation. Here are 10 best practices to follow when selecting an MSSP.
1. Getting to Know You: The first clue that you’re talking to the right MSSP is that the provider asks about your business needs and strategic goals. A provider needs to learn your IT environment to properly secure it. If a provider doesn’t ask enough questions about what’s in place, how it’s used and which users need what level of access, you probably should find another provider.
2. Reputation Matters: Handing over IT security to a third party requires trust. Ask for references and get feedback from existing customers about the MSSP’s reliability and expertise, and how responsive it is when clients need support. Find out if the MSSP has stopped any threats and, if remediation was required, how effective it was.
3. Menu, Please: Security requires more than firewalls, patch updates and antivirus. These days, you need functions such as asset discovery, vulnerability assessments, intrusion detection, log management, threat intelligence and behavior monitoring. If an MSSP doesn’t deliver these functions, it may not be able to fully protect you in a business environment where 1 million new malware threats are released everyday.
4. All Covered: With today’s elevated threat levels, you can’t take your eyes off the ball. That’s why you’ll want an MSSP that takes a holistic approach, preferably by implementing a SIEM (Security Information and Event Management) solution. SIEM provides complete visibility into your environment. Your provider also should offer integrated threat intelligence to accelerate detection of new threats and – if ever needed – effective remediation.
5. Technical Knowledge: Some MSSPs focus on specific security areas or do little more than monitor your environment. That may not meet your needs. Be sure to check on the MSSP’s levels of expertise and experience. Ask about its technical team–how much experience it has and what certifications its members hold. A well-rounded MSSP should have experts in multiple areas of IT security, and they should attend regular training to keep up with new and evolving threats.
6. There For You: It’s one thing to have the best technology and a well-trained staff, but what happens when the customer needs support? An MSSP needs to be responsive and ready to respond to any inquiries you may have about their service or new threats. Considering what’s at stake – your business data – you need a provider that responds promptly to your calls, especially if you believe a breach is underway.
7. Keeping It Together: An MSSP, like any other provider of remote and cloud-based services, functions better by leveraging automation and repeatable processes as much as possible. All processes and procedures should be documented and understood. If the provider is unclear or unable to explain its services, take that as a sign it might struggle to deliver on promises.
8. Human Factor: So you’ve done your homework and contracted an MSSP that secures your data. But who secures the users? Human action, malicious or otherwise, plays a major role in security incidents, which explains why cybercriminals rely so much on phishing to deliver malicious payloads. Find out if your MSSP offers training to teach users how to spot and avoid cyber threats and break risky practices that can result in a security incident. If your MSSP doesn’t provide training, consider finding a third party that does.
9. It’s the Law: Aside from protecting your IT environment, your MSSP must have the tools and know-how to help you comply with all applicable privacy and security laws. The MSSP must know what laws apply to your particular business, and, from a technology standpoint, the provider should offer functionality such as asset discovery, vulnerability assessment, intrusion detection and log management. The MSSP should also provide the ability to integrate data from legacy security tools to ensure compliance.
10. Value vs. Cost: When contracting an MSSP, you’ll want to know upfront how much the provider charges and exactly what you’re paying for. Try to get the best possible rates, but avoid basing decisions strictly on cost. Keep in mind the value of the security services, and how much it can cost a business to recover from a security incident, especially when valuable private records and business data are stolen.
For more information on Harmony Tech’s Managed Security Services offering, click here.