Managed Security: Private guards for your networks

In the network security business, the guessing game about the timing and
nature of the attack is always on. Other issues that haunt the network managers
and the CIOs are related to the portion of the network that might get affected
once the attack has taken place, and the speed at which the damage may spread
across the network.

While the enterprises and the security solution vendors are investing
millions to make the network as secure as possible, the undeterred hackers find
themselves at free will to pick and choose the target to strike at. In between
this cat and mouse game, not only are the attacks increasing in number but are
also mutating to adapt better and cause maximum damage.

Though
blended threats are increasing by the day, viruses still remain the most
dangerous of all the threats. As a result of this, across the world, a large
amount of money goes into buying, renewing and maintaining some kind of
anti-virus solution. According to VOICE&DATA estimates, of the Rs 300 crore
security market, anti-virus solution occupies almost 41 percent.

The Anti-Virus Regimen

With the penetration of Internet on the rise and usage of e-mails gaining
importance, virus attacks can lead to a collapse of the whole enterprise
network. While the companies are aware of the dangers of virus attacks, the
nature of attacks is changing so fast that it is getting difficult to monitor
and mitigate these attacks 24x7x365. Today desktops and servers in an enterprise
are equipped with some form of anti-virus solution, however the viruses still
spread and cause havoc.

It is difficult for the in-house team to assess the threats in time and
maintain the requisite expertise of an anti-virus expert. The investment
required in maintaining the pool of talent and expertise to adequately secure
the networks is very high. Security solution vendors like Trend Micro, Symantec,
Network Associates, Check Point, Watch Guard etc have dedicated teams who are
working on the threat perception in a proactive manner to avoid any attacks.
They are also involved in coming out with patches once an attack has happened.
This is not possible if done individually by each company.

Further, IT professionals by their very nature are pretty restless and need
to constantly update their skills. For many organizations, regular training
means lot of money and they are not always very open to it.

Further,
security solutions including anti-virus generate threat logs. Most of these
reports are not relevant or useful and need sorting before the relevant portions
are culled out. With in-house resources being limited, often going through the
reports is not possible, which at times proves to be costly. Also, the
regulatory pressure for compliance to various security certifications and
standards is increasing. This makes the task of the IT managers even more
difficult.

All this has made network security to move towards managed services area.
This managed security services can be delivered on-site or off-site depending on
the requirement. The key here is to free the resources of the company and let a
third party take care of everything. The client signs the service level
agreement and makes sure that he gets what has been promised.

Outsourcing the management of security services is also in line with the
prevailing mindset in boardrooms. Today the focus is on consolidating the core
business of the company while outsourcing non core activities like IT and
communication networks.

Globally outsourcing IT infrastructure and its maintenance has gained
attention. In India, infrastructure maintenance has started but traditionally
security has been kept out of the deal. However, slowly the confidence in
managed security services is increasing. Currently all forms of security
services round up to Rs 60 crore, which is almost 20 percent of the total
security market in India. The services part is expected to double in the next
two-three years and most of this would come from managed services.

Though system and network integrators like Wipro, HCL, GTL, Datacraft and
host of others are offering managed security services as part of the network
deal, managing exclusively anti-virus solutions has been absent. Recently HCL
joined hands with Trend Micro to bring the managed anti-virus service to the
Indian market.

In the mature markets of Europe, US and many Asian countries, managed
security services are broken into various components like managed firewall,
managed intrusion detection, managed anti-virus, managed anti-spam, managed URL
filtering, managed remote access. This gives the customers a choice to pick what
they require. Some argue that each component has to work with another to create
put an effective security in place. This holds true but the breaking up also
means the customer might not take what he already has from other vendors, who
might be experts in that particular field.

The Scoring Points

Any company offering managed security services positions itself as a
pioneer, an expert in security services. Because expertise is the main
differentiator between them and the in-house IT team, they do what is not
possible in the regular day-to-day working of the company like overall security
analysis, periodic health review, outbreak defense training services and
targeted security training and consulting.

They bring to the table professional anti-virus architecture design, solution
deployment and support. As these companies have dedicated teams working round
the clock monitoring any abnormal traffic or behavior, their response to attacks
is more effective with timely pattern release and cleanup tools, virus
descriptions and clean up services.

As no security mechanism can eliminate attacks completely, the reaction time
to bring the network back to normal is the key issue and is also the parameter
to check the efficiency of any security team. The high quality security
deployments are no guarantee that viruses would not enter the network. It is
here that the expertise of the managed security services team comes handy. They
have the experience and knowledge of handling attacks. According to industry
estimates, with the implementation of managed anti-virus services the average
number of outbreaks per year came down from six to one and the number of
computers infected decreased from 20 percent to five percent in an organization.
Similarly, the time taken to recover from the attacks reduced to just
half-an-hour instead of an average six hours. These might be just numbers but
they are also indications of the threats being real.

What is holding back?

One major apprehension in managed security services is the concern relating
to data confidentiality. Organizations are still not open to putting security of
their data into the hands of another company. Though the regulations like HIPPA,
Sarbanes-Oxley, CISSA, and GSRA provide some guarantee against data theft, it is
unlikely anyone can ever say it is completely safe. It is more a matter of
mutual trust and confidence that would drive the market. Lack of awareness of
new rules and technologies being used to secure the networks remotely is also a
reason for managed services not taking off.

Couple of years back in India, connectivity was a pain area. But with
broadband policy in place and lot of fiber having being laid, high speed, good
connectivity is no longer a bottleneck. Though broadband penetration is still
low, it is likely to take off in the next couple of years which would give a
boost to managed services.

Budget allocation for security services has always been very low in companies
and it is seen more as a cost rather than an investment for better business. The
enterprises are waking up to the importance of security services but budgetary
constraints remain.

Another pain point for managed security services is the lack of customized
solutions and offerings for existing networks. It is a fact that in security,
not one size would fit all and each organization would like to have solutions
specific to their requirements within their budget.

Anurag Prasad