Comment: The changing needs of a secure business
Du's Jatin Sahni reveals how to implement managed security services
Back in October 2013, I highlighted the need for the hotel industry to take a safety-first approach to protecting data with managed security systems. But how can hotels best implement such services?
So-called cloud-based services and shared platforms have now brought the concept of managed security services into the mainstream sectors of the hospitality market. At the higher end, vendors have become more flexible at delivering hybrid offerings combining on-premise and remote managed services. This model fits well with the ambitions of organisations that are seeking to reduce their capital expenditure and IT budgets and want the benefit and reassurance of managed security.
Managed security service is a systematic approach to managing an organisation’s security needs. The services may be conducted in-house or outsourced to a service provider that oversees other companies’ networks and information system security, and leverages cost benefits that are passed on to you as a customer.
Functions of a managed security service include round-the-clock monitoring and management of intrusion detection systems and firewalls, overseeing patch management and upgrades, performing security assessments and security audits, and responding to emergencies. There are products available from a number of telco and software vendors to help organise and guide the procedures involved. This diverts the burden of performing the chores manually, which can be considerable, away from administrators while companies can focus on their core competencies.
There are broadly five categories of managed security services as follows:
1. On-site consulting:
This is customised assistance in the assessment of business risks, key business requirements for security and the development of security policies and processes. It may include comprehensive security architecture assessments and design and may also include security product integration and on-site incident response and forensics.
2. Remote perimeter management:
This service installs and upgrades the firewall, Virtual Private Network (VPN) and intrusion detection hardware and software, commonly performing configuration changes on behalf of the customer.
3. Managed security monitoring:
This is the day-to-day monitoring and interpretation of important system events throughout the network, including unauthorised behaviour, malicious hacks and denial of service or distributed denial of service (DoS or DDoS), and is the first step in an incident response process.
4. Penetration and vulnerability testing:
This includes one-time or periodic software scans or hacking attempts in order to find vulnerabilities in a technical and logical perimeter. It generally does not assess security throughout the network, nor does it accurately reflect personnel-related exposures due to disgruntled employees, social engineering, etc.
5. Compliance monitoring:
This includes monitoring event logs not for intrusions, but change management. This service will identify changes to a system that violate a formal security policy for example, if a rogue administrator grants himself or herself too much access to a system. In short, it measures compliance to a technical risk model.
Benefits of Outsourcing
Hospitality IT security staff continue to be hampered by not knowing when and from where business information systems could be attacked. This is because the threat landscape is constantly shifting, with different types of attack and new potential vulnerabilities appearing on a daily basis.
Adoption of a managed security solution not only offers businesses a more comprehensive and proactive defence strategy against cyber threats, but can be more operational and cost-effective than DIY procedures. It is a solution that promises to reduce risk and expenditure.
A MSSP can work in conjunction with clients to set standards for accountability, reliability and protection. The service provider can also design security infrastructure, lower TCO, monitor and manage the end-to-end security operations on a 24/7/364 basis in addition to ensuring compliance standards are met. It means the entire process of managing and monitoring the overall infrastructure of managed and unmanaged services is simplified.
Although the organisation remains responsible for defending its network against security and related business risks, working with an MSSP allows the organisation to focus on its core activities while remaining protected against network vulnerabilities.
Experts agree that provision of a 24-hour managed service improves network security posture and lowers security costs. It is worth exploring the costs of running a traditional set up, where information security is monitored and managed on premises by an organisation’s own IT security staff, and comparing this with the innovative managed security solution model of an external specialist service provider.
About the Author:
Jatin Sahni is vice president of large enterprise and solutions marketing for du. Details: www.du.ae