“Never” is how most people answer when asked, “has your network ever been hacked.”
It is the next question that is far more important: “How do you know?”
If you think the fact that your data is undamaged means you’ve never been hacked, the fact is that most network breaches are meant to copy your data, not to hurt i.
If you think the fact that your company is small and uncontroversial means you’re not a target, the statistics show that more than three-quarters of attacks look for any vulnerable network they can find and are not targeted at anybody in particular.
If you think that having a firewall in place means you’re protected, remember that new attacks are emerging every day, so no security strategy can ever be “set-it-and-forget-it.”
If you think you’re just too busy and don’t have the resources to address all this, think again.
Let the Right Someone Else Take Care of It
There are many different types of companies offering to handle information and network security for you. Some are very large, like your telephone and network carrier. Others are very small. While they may present themselves as “boutique” resources, it’s important to remember… they’re still very small! They’ll all tell you that they are “managed security service providers” (MSSP) but there are significant differences you need to be aware of when selecting the one that’s best for your specific requirements.
The right MSSP will always keep you aware of who has been connecting to and accessing your network, especially those who don’t usually connect to you. Not only will you receive reports about this, you’ll also enjoy useful interpretation of the reports with recommendations for preventative action.
The right MSSP will detect unusual entities “lurking” on your network long before they attack. Many hackers may spend as long as 200-400 days on your network before finding a way in. Identifying and blocking them early prevents them from ever doing so.
The right MSSP will never offer you a “one-size-fits-all” program. Instead, they will tailor an offering to your specific network with your specific data assets and concerns.
The right MSSP will prepare you to work with them on executing the most effective response in the event they ever detect an active threat. How you respond can make millions of dollars’ worth of difference to you.
What You Should Look for When Selecting Your MSSP
As with any service you seek to have performed externally, look for years of experience, excellent track record, impeccable references, and financial stability.
Beyond those basics, remember that effective data and network security depends as much upon expert personnel and comprehensive information as it does upon sophisticated technology.
People – You want to know that the people running your MSSP’s Security Operations Center (SOC) have years of experience and extensive training. Security is a multi-disciplinary team effort. You need people who are fluent with networking protocols, people who have deep understanding of how application code operates, people who are expert with the routers, switches, and other equipment required for effective network communication. You also need people experienced in spotting unusual patterns of activity in volumes of network data logging. Very few individual companies can afford to keep all these highly expert resources on staff, but MSSPs distribute their cost among their community of customers. This is a driving reason that so many companies prefer to use an MSSP rather than try to keep security in-house.
Threat Intelligence – Enormous volumes of logging and other data are generated each day and the best MSSPs avail themselves of all information coming from these data. This allows them to compare your traffic to a wide variety of others that are currently under attack, or in the process of being invaded and scoped for future attack, and much more. An informed MSSP knows when brand new “zero day” exploits have been released, dramatically increasing their ability to protect you.
Self-Protection – If an MSSPs network is protecting your network, anything that attacks them attacks you. Ask your candidates about how they are protected themselves. If their primary SOC is brought down, do they have a redundant data center or centers that immediately fail-over? What measures have they taken to assure that you are not rendered vulnerable by an attack on them?
Information Access – The best MSSPs know the thing their customers want most is assurance. As part of that, they’ll provide a user access portal that you can consult anytime just to see how everything is going. While you may not be equipped to effectively respond to some threats, there is often comfort in seeing that everything is “green-lit” and that any anomalies are being aggressively addressed.
A Clearly Understandable Service Level Agreement – Underlying your entire relationship with the best MSSP will be the Service Level Agreement (SLA) you enter into with them, because it specifies exactly what you can expect to happen, how quickly, and with what results. If you have any questions about the SLA, get them answered before you go any further.
For most of us, the company data network is at the core of the company. Give that core the protection it deserves by actively seeking and selecting the best possible MSSP to protect it for you. This is not something most companies are equipped to do for themselves. Find the right resource and grill them mercilessly like your business life depends upon it. Because it does!