Dec 20, 2012
Strategy: How to Get Your MSSP In Line With Expectations
MSSPs can be an effective addition to your security portfolio, or they can be a real drag on your operations. For most companies, the reality of working with a managed security service provider is somewhere in the middle.
Any managed service provider should lift at least some cost and effort burden from IT professionals’ shoulders. In a perfect world, an MSP meets all service-level requirements, follows escalation procedures to the letter and provides five nines (at least) of uptime. Of course, some of your providers will be better than others at meeting these goals. Should you cut all ties with providers that aren’t even close? Perhaps, but sometimes it’s hard to tell where they — and your organization as a result — stand.
Some security service providers promise the moon to get your business, then disappear after you’ve signed the contract. Others almost — but don’t quite — meet service-level agreements. Some providers will be up front when they have dropped the ball, while others hope you don’t find out, setting the IT department up for a doozy of a blindside.
There’s an art to managing security service providers after the deal is done. In this report, we offer some methods for assessing your MSSP’s performance in a variety of areas and provide recommendations for what to do if it’s not meeting expectations — especially contractual expectations. (S6311212)