When the Sony PlayStation Network was hacked several times in 2011, it exposed the very personal information of 77 million online gaming customers, including passwords, addresses and credit card details. More importantly, it revealed the vulnerabilities of websites and systems from cybercriminals.
Things haven’t really changed much in 2012. The just released January 2012 Symantec Intelligence Report revealed that while spam and viruses have been on the decline since the latter half of 2011, the types of attacks have changed. Phishers and spammers are being more specific in their targets and their attack approaches have become much more sophisticated. Some have started to use legitimate database sources and even recognizable brand websites. In addition to popular social platforms, malware purveyors are also using real distribution lists to improve their success rates.
Spammers have discovered that small to midsized businesses or SMBs are easier to target because they don’t have the same resources as the big boys to counter threats coming from the Internet.
And while the growth of the Internet has become the preferred channel for attacks, the Internet has also become an enabling platform for the creation of cost-effective security solutions that cater to just about everyone. Managed security services (MSS) is a systematic approach to managing an organization’s security needs. Usually outsourced to a service provider that oversees other companies’ network and information system security needs.
Functions of a managed security service include round-the-clock monitoring and management of intrusion detection systems and firewalls, overseeing patch management and upgrades, performing security assessments and security audits, and responding to emergencies. There are products available from a number of vendors to help organize and guide the procedures involved. This diverts the burden of performing the chores manually, which can be considerable, away from administrators.
What makes MSSPs popular with SMBs, particularly in Asia, is the relatively cost-effective offerings available in the market. From simple web filtering of emails, to 24×7 protection of websites and e-commerce applications, MSSPs use economies of scale to offer the same level of protection previously only afforded by large enterprises. After all, can you afford to hire an information security professional and keep these experts reasonably up-to-date with the latest in infosecurity best practices? Probably not!
With global ecommerce estimated to have reach USD711 billion in sales in 2010 (eMarketer) and China’s growing affluent consumers projected to spend USD134 billion online by 2012 (IDC), businesses of all sizes are scrambling to ride on this opportunity. But like all new ‘blue ocean’, caution must be exercised and efforts protected to ensure that risks are mitigated in this journey towards a globally connected world.
Like all things outsourced, identifying the right MSSP presents both an opportunity and a challenge. Just as importantly, identifying the right technology that offers the right level of security will be critical towards ensuring that your investment goes a long way towards achieving your business objectives.
A central tenet all MSSPs often choose to keep secret is the ability to use automation to deliver uninterrupted service 24×7. Partnering with innovators like Parallels has allowed many hosting service providers like us to achieve the economies of scale our business demands while ensuring our customers remain secure in the knowledge that their systems are protected 24x7xforever.
In my coming blog, I will list out proven steps to identifying what to look for in your MSSP so you are able to protect your investments and achieve the best outcome for your money. I’ll also uncover some of the best kept technology secrets in the hosting business. Stay tuned.