Managed Security: It’s About Trust and ROI

MSPs can provide cost-effective, trusted firewall management services that secure the customer’s business and keep their bottom lines healthy.

By Jody Brazil

Security concerns and tight budgets persist, so the challenge to “do more with less” will carry further into 2010. To do more with less, organizations have found ways to reduce expenses while retaining efficiency and performance. In many cases, they have been able to accomplish this by gradually outsourcing their IT initiatives to managed service providers (MSPs), a trend that has created new and profitable opportunities for MSPs in all IT sectors.

Organizations recognize that outsourcing IT security management functions can lead to significant cost reductions; however, their security outsourcing decisions aren’t based solely on savings. Before an organization will hand over its security to an MSP, the MSP must prove that it can provide both savings and a high level of trust.

An example of just what trust means can be found in two investment banking scenarios:

Scenario 1: You put your money into a bank savings account. You receive a modest return on your investment while history, government-backed insurance, and transparency into your account provide you with a high degree of trust or confidence that your money will be available when you need it.

Scenario 2: You invest your money with a Bernie Madoff–type of investor. Although you’re promised an incredible return, you have little to no trust or confidence in this investment scheme, as history proves there is significant risk involved and little to no transparency into the investment activities.

When it comes to IT security, what sort of analogous scenario do you think most organizations are going to choose? While some may take gigantic risks, most organizations will select an MSP that provides the type of trust outlined in the savings account scenario.

Today, solutions are available that enable MSPs to provide cost-effective managed security services and the high degree of trust that customers demand. This is especially true in the managed firewall services sector. When choosing a managed firewall services solution, MSPs should look for technologies that:

• Provide an ROI significantly lower than what it would cost a customer to manage the process in-house
• Raise security and compliance postures to levels that ensure threats are being managed and regulations are being adhered to
• Automate significant portions of management tasks, reducing daily management operations costs while increasing accuracy and auditing capabilities
• Integrate into the existing change management and workflow tools to capture change justification with policy modifications
• Enable the MSP to provide its customers with visibility into the firewall operations, giving them confidence and assurance that they can trust the MSP with their security initiatives
• Offer compliance reports that customers can use to prove to auditors that they are adhering to regulations and standards
• Provide policy optimization, which improves performance and security by identifying unnecessary rules that can open security gaps and degrade overall firewall performance 

Managed firewall services provide considerable benefits to both the customer and the MSP. With the right tools and processes, an MSP is in a position to offer a significantly better service to the customer at a reduced price while maintaining healthy margins to ensure a sustainable business.

JODY BRAZIL is founder and CTO of Secure Passage, a provider of firewall management solutions based in Overland Park, Kan. He is an entrepreneur with two decades of executive management experience and domain expertise in network security design, assessment, and product implementation.