Friday, February 10, 2012
Google  
Web voicendata.com
  RSS | Archive    
 Home > V&D PLUS > Managed Security: Private guards for your networks
  V&D PLUS
Managed Security: Private guards for your networks
The recent HCL-Trend Micro deal on remote managed anti-virus services is expected to give a new direction to security services
Anurag Prasad
Saturday, August 06, 2005
Print Comment Email DiggDigg DeliciousDel.icio.us RedittReddit

In the network security business, the guessing game about the timing and nature of the attack is always on. Other issues that haunt the network managers and the CIOs are related to the portion of the network that might get affected once the attack has taken place, and the speed at which the damage may spread across the network.

While the enterprises and the security solution vendors are investing millions to make the network as secure as possible, the undeterred hackers find themselves at free will to pick and choose the target to strike at. In between this cat and mouse game, not only are the attacks increasing in number but are also mutating to adapt better and cause maximum damage.

Though blended threats are increasing by the day, viruses still remain the most dangerous of all the threats. As a result of this, across the world, a large amount of money goes into buying, renewing and maintaining some kind of anti-virus solution. According to VOICE&DATA estimates, of the Rs 300 crore security market, anti-virus solution occupies almost 41 percent.

The Anti-Virus Regimen
With the penetration of Internet on the rise and usage of e-mails gaining importance, virus attacks can lead to a collapse of the whole enterprise network. While the companies are aware of the dangers of virus attacks, the nature of attacks is changing so fast that it is getting difficult to monitor and mitigate these attacks 24x7x365. Today desktops and servers in an enterprise are equipped with some form of anti-virus solution, however the viruses still spread and cause havoc.

It is difficult for the in-house team to assess the threats in time and maintain the requisite expertise of an anti-virus expert. The investment required in maintaining the pool of talent and expertise to adequately secure the networks is very high. Security solution vendors like Trend Micro, Symantec, Network Associates, Check Point, Watch Guard etc have dedicated teams who are working on the threat perception in a proactive manner to avoid any attacks. They are also involved in coming out with patches once an attack has happened. This is not possible if done individually by each company.

Further, IT professionals by their very nature are pretty restless and need to constantly update their skills. For many organizations, regular training means lot of money and they are not always very open to it.

Further, security solutions including anti-virus generate threat logs. Most of these reports are not relevant or useful and need sorting before the relevant portions are culled out. With in-house resources being limited, often going through the reports is not possible, which at times proves to be costly. Also, the regulatory pressure for compliance to various security certifications and standards is increasing. This makes the task of the IT managers even more difficult.

All this has made network security to move towards managed services area. This managed security services can be delivered on-site or off-site depending on the requirement. The key here is to free the resources of the company and let a third party take care of everything. The client signs the service level agreement and makes sure that he gets what has been promised.

Outsourcing the management of security services is also in line with the prevailing mindset in boardrooms. Today the focus is on consolidating the core business of the company while outsourcing non core activities like IT and communication networks.

Globally outsourcing IT infrastructure and its maintenance has gained attention. In India, infrastructure maintenance has started but traditionally security has been kept out of the deal. However, slowly the confidence in managed security services is increasing. Currently all forms of security services round up to Rs 60 crore, which is almost 20 percent of the total security market in India. The services part is expected to double in the next two-three years and most of this would come from managed services.

Though system and network integrators like Wipro, HCL, GTL, Datacraft and host of others are offering managed security services as part of the network deal, managing exclusively anti-virus solutions has been absent. Recently HCL joined hands with Trend Micro to bring the managed anti-virus service to the Indian market.

In the mature markets of Europe, US and many Asian countries, managed security services are broken into various components like managed firewall, managed intrusion detection, managed anti-virus, managed anti-spam, managed URL filtering, managed remote access. This gives the customers a choice to pick what they require. Some argue that each component has to work with another to create put an effective security in place. This holds true but the breaking up also means the customer might not take what he already has from other vendors, who might be experts in that particular field.

The Scoring Points
Any company offering managed security services positions itself as a pioneer, an expert in security services. Because expertise is the main differentiator between them and the in-house IT team, they do what is not possible in the regular day-to-day working of the company like overall security analysis, periodic health review, outbreak defense training services and targeted security training and consulting.

They bring to the table professional anti-virus architecture design, solution deployment and support. As these companies have dedicated teams working round the clock monitoring any abnormal traffic or behavior, their response to attacks is more effective with timely pattern release and cleanup tools, virus descriptions and clean up services.

As no security mechanism can eliminate attacks completely, the reaction time to bring the network back to normal is the key issue and is also the parameter to check the efficiency of any security team. The high quality security deployments are no guarantee that viruses would not enter the network. It is here that the expertise of the managed security services team comes handy. They have the experience and knowledge of handling attacks. According to industry estimates, with the implementation of managed anti-virus services the average number of outbreaks per year came down from six to one and the number of computers infected decreased from 20 percent to five percent in an organization. Similarly, the time taken to recover from the attacks reduced to just half-an-hour instead of an average six hours. These might be just numbers but they are also indications of the threats being real.

What is holding back?
One major apprehension in managed security services is the concern relating to data confidentiality. Organizations are still not open to putting security of their data into the hands of another company. Though the regulations like HIPPA, Sarbanes-Oxley, CISSA, and GSRA provide some guarantee against data theft, it is unlikely anyone can ever say it is completely safe. It is more a matter of mutual trust and confidence that would drive the market. Lack of awareness of new rules and technologies being used to secure the networks remotely is also a reason for managed services not taking off.

Couple of years back in India, connectivity was a pain area. But with broadband policy in place and lot of fiber having being laid, high speed, good connectivity is no longer a bottleneck. Though broadband penetration is still low, it is likely to take off in the next couple of years which would give a boost to managed services.

Budget allocation for security services has always been very low in companies and it is seen more as a cost rather than an investment for better business. The enterprises are waking up to the importance of security services but budgetary constraints remain.

Another pain point for managed security services is the lack of customized solutions and offerings for existing networks. It is a fact that in security, not one size would fit all and each organization would like to have solutions specific to their requirements within their budget.

Anurag Prasad

Page(s)   1  

Print Comment Email DiggDigg DeliciousDel.icio.us RedittReddit
Managed Voice: Reinventing Voice Services
Next Generation Networks: It's all about capex, opex, and IP
TECHNOLOGY TRENDS: A Defence at every step
 

Subscribe to our Newsletter
Name:
Email Address:




 

Current Issue
Click here to book your copy now






Your Opinion Matters

Does cloud computing cast a cloud on the future of IT professionals?

Is your Accounts Payable Solution working for you? Think Again…

   CIOL Services
IT News | IT Jobs | IT Outsourcing | IT Shopping
 



  For Voice&Data Print Subscription
  [ Magazine Subscription ]  [ Contact Info ]  [ Media Kit ]
 
Other CyberMedia web sites
[Dataquest]  [PCQuest]  [CIOL]  [Living Digital]  [CMR India]
[DQ Channels]  [The DQweek]  [CyberMedia Events]
[CyberMedia Digital]  [Cyber Astro]  [CyberMedia India]
[Global Services]  [BioSpectrum]  [BioSpectrum Asia]  [DARE]
[Computer Shopper]   [College Buying Guide]   [Technology Review

CyberMedia India Ltd

 
  Copyright © CMIL. All rights reserved.
Reproduction in whole or in part in any form or medium without express written permission is prohibited.
Usage of this web site is subject to terms and conditions.
Broken links? Problems with site? Send email to webmaster@ciol.com