We are going to admit right from the outset that this post will seem self-serving. We are a company that provides a managed security service, so when we say what we are going to say you’ll think to yourself, “Well, sure. Of course that’s your opinion.” But, we’re going to say it anyway because it’s true. Here it is: Whenever possible, you should outsource your network security.
Now, if we were the only ones to say this, then we probably wouldn’t have said it at all. At least we wouldn’t have said it this matter of factly. But we aren’t the only ones to say it.
A recent report by IDC and sponsored by SecureData was interesting on a couple of fronts. It focused on the use of threat intelligence by 300 large companies in the United Kingdom. For a company like ours that preaches the importance of threat intelligence, all of the conclusions were worth diving into. But it’s the last one that we want to focus on.
This is what it said:
The emphasis there is ours, but it’s worth reading again.
“… our survey suggests that the primary driver for outsourcing is to achieve better performance …”
The 300 companies in the survey each have more than 500 employees. These aren’t small businesses. These are businesses that have budget for IT departments. They can probably afford to hire staff members who can focus on security. Still, they aren’t. That’s because they’ve realized what a lot of smaller companies struggle to see. Often, hiring someone to handle either a portion of your security or someone to manage all of it will get you better results than you can get if you manage it on your own.
That’s no slight on the IT staffs at these smaller companies. Often, they are a small team with a small budget and are already asked to do a hero’s work. They keep the company network running; they handle the day-to-day support tasks that a help desk would often be asked to remedy. They keep software updated and upgraded. They don’t have the time to handle a complicated task like keeping the network secure on their own, not to the level that it needs to be managed.
The security world changes faster than maybe any other IT concern. New threats emerge everyday. New vulnerabilities are exposed. New methods of infiltration are constantly introduced. It’s hard enough for someone who does nothing but focus on security to keep up. For someone who has a dozen other IT concerns on their plate, it’s impossible.
Visibility into network traffic is too important to be left half done, or worse, undone. Monitoring is too important. Threat management is too. If security is something that you are struggling with, maybe it’s time to consider outsourcing some or all of your security operation. The people who do security all day, every day can get you better results. Studies prove it.