Managed IT security is now a huge industry, which means that there is a very diverse range of companies operating in it. One of them should be the perfect fit for your needs and wants, you just need to find them. With that in mind, here’s what you need to know to choose a service provider for your IT security.
1. First of all, you need to define what you need and want
Managed IT security services basically fall under three broad categories. The main service is usually what it sounds like, it’s handling some or all of a company’s day-to-day IT security issues. These would usually revolve around access and identity management and general security monitoring. Many service providers will also offer consultancy services, basically advice on improving your IT security and/or remediation services, basically helping to resolve any security issues identified through monitoring.
Please note that many managed IT security service providers treat managed security and security remediation as two different services with different charges. This means that either you need to keep an in-house IT team with the expertise to deal with any vulnerabilities you managed IT security partner identifies or you need to have a plan in place for finding and paying someone who does.
Finding the necessary help can be easy enough, your managed IT security service provider will probably have the relevant expertise, or if not they’ll be able to refer you to someone who does. Paying for help, by contrast, could be more of a challenge for the average SMB. This is why it’s strongly advisable to have some form of sinking funds for this purpose and/or insurance (preferably “and”).
For the sake of completeness, effective IT security management can go a long way toward minimizing security issues, but you can never guarantee that they will be completely eliminated so it makes sense to be as prepared as you can.
2. Check if you can buy managed IT security services as standalone services
If you’re planning on going down the 100% managed IT route (which is a very feasible option) then you may be quite happy just to have managed IT security bundled in with the rest of your services. If, however, you’re looking specifically for managed IT security (i.e. and no other managed IT services), then you’ll need to check that a company does offer these on their own.
On a similar note, you’ll also need to check if the company mandates that you purchase its designated security tools or other products. If it does, then see what sort of value for money they offer as compared to what you could buy elsewhere. The IT security service provider may actually be offering a perfectly good deal and making its life simpler at the same time, but it may also be using this as a means of pushing up its profits at your expense.
3. Check how easy it is to get access to your IT security service provider
Assuming you are mainly interested in everyday services such as administration and monitoring, plus some basic housekeeping such as patching and upgrading, your main contact with your IT security service provider is probably going to be through a web interface. You need this interface to be intuitive and user-friendly because if it’s not at best you’ll be spending more of your valuable time on it than you need to and at worst you won’t understand it or just won’t use it.
If you have a staff of differing levels of IT competence, then it’s best if you can get different forms of access that allow everything from an “at a glance” overview of your current status and trends over time, to the ability to pull detailed logs for analysis and investigation.
When you do need access to a human, which is going to happen from time to time, how are you going to get hold of them? Will you have a dedicated account manager you can contact at any time to discuss your service? Will the onus be on you to contact them or will they aim to schedule periodic appointments with you? If the former, how quickly should you expect them to be able to make time for you, and if the latter how often should you expect to hear from them?
Is there are helpdesk for non-account-related issues? If so, what hours does it run, and is the full service provided for that entire period or only for a part of that time, and if so what part? If necessary, can you be connected directly to security analysts or are they only available during certain hours, at least as part of your standard agreement?
If you’d like to speak to a reputable IT security service provider, please click here now to contact Aperio.IT.
Sign up today for free & stay current with local IT news.
X