As data centers have become more important to companies’ operations, they have also become an increasingly large target for attacks. Yet while implementing strong data center security should be a priority, many organizations may not have adequate resources to handle the process in-house, according to a recent Data Center Journal article. Instead companies may want to consider outsourcing the task to a managed security service provider.
Data Center Journal noted that many companies outsource to some degree, as the practice provides a way of letting organizations focus on their core business while entrusting other tasks to experts. In the case of security, a third-party service is likely to have knowledge of the latest threats and data protection compliance considerations beyond what in-house personnel can provide, the site said.
“If you lack the in-house personnel and the requisite available capital to implement your own full-fledged security program, a security partner may be the right choice,” Data Center Journal’s Jeff Clark explained.
Guidelines when choosing a security partner
Data Center Journal pointed out the importance of choosing the right provider to help with data center security, noting Computer Weekly’s reminder that the responsibility for a data breach ultimately lies with the original owner of those assets. As a result, both sites were adamant that choosing a security provider requires making an informed decision.
Data Center Journal noted that organizations should look for a provider that offers the services they currently need as well as options to support future ambitions. Additionally, the publication advocated finding a provider with experience handling regulatory compliance issues for firms in a variety of industries, particularly the medical and financial service sectors.
Both of these points were reiterated in an IBM white paper, which emphasized finding a provider with broad offerings as a safeguard for the future.
“Your security needs are continually evolving with the dynamic nature of your business environment, the inﬂux of new threats and changing regulatory requirements,” IBM researchers noted.
Other factors cited by Data Center Journal as attributes to look for in a provider included its stability, its ability to work with multiple hardware vendors and its reputation. By obtaining a list of current clients and getting a sense of a provider’s resources for dealing with a threat, organizations can get a good sense of the provider’s reputation and abilities, the site explained.
The IBM white paper reinforced this point as well, with several items on its checklist of guidelines addressing a provider’s reputation, customer service history and expertise as a security thought leader. Providers whose researchers are at the forefront of uncovering the latest attacks offer specific value, as do those who have high customer retention rates, IBM said.
“Also ensure that their solid reputation stands beside a solid vision for the future,” the company’s analysts added. “Make sure that the provider is investing in their portfolio of solutions and services, and has a clearly deﬁned strategic roadmap that aligns with your security goals.”
IBM researchers advocated for a strong web-based management tool to help existing IT staff oversee data security in real time, as well as sophisticated back-end technology that integrates smoothly with existing processes. Additionally, a provider’s technology should be able to tap into common security knowledge resources across its entire customer base, as this added knowledge is one of the benefits of using an outsourced provider.
A final point both sets of guidelines emphasized is making sure that the service-level agreement (SLA) is flexible and scalable, while also ensuring that both parties are clear on where responsibility falls in the event of a breach. Data Center Journal stressed the importance of choosing a trusted provider since data center security has become such a critical part of modern business operations.
Data Security News from SimplySecurity.com by Trend Micro