May 31, 2012
Strategy: Finding the Right Security Outsourcing Balance
Enterprise networks have become so complex that few IT departments truly have the resources and expertise to manage them entirely on their own, particularly when it comes to keeping them secure. Outsourcing certain aspects of physical security—such as lobby guards, night watchpeople and transportation services—is commonplace, but enterprises have only relatively recently begun turning to third-party managed security services (MSS) to block spam and filter Web and email content. Now, though, there is a trend toward outsourcing a growing number and variety of security services, including log management and patch and configuration management.
Indeed, as enterprise security professionals are tasked with keeping an ever-increasing amount of data secure on a growing number and variety of devices—often used outside the safety of the internal network—more and more businesses are deciding to outsource security functions and processes to third parties. According to Gartner, growth in the European MSS market reached $2.1 billion in sales in 2010, with a predicted compound annual growth rate of 14% from 2010 to 2014. But what functions should you outsource, and which ones should you keep in-house? In this report, we offer some advice on how to decide what services to use, and what the advantages and disadvantages of using a third party might be. (S4970512)