Outsourcing model for IT security

The economic crisis, where is it, according to the USA Federal statistical worst recession since the Second World War, seems to have bottomed out in Germany passed through.

Still, however, many companies are reluctant new investments, especially in the IT sector. And while outsourcing is a classic element of the IT cost reduction, exercise, according to the analysts at IDC, many companies still in care as they just want to bind in tight economic times, medium and long term, not fixed.

The global crisis and the resulting economic uncertainty resulted in many companies, especially in recent years to ensure that planned IT expenditure has been re-checked or postponed and reduced budgets frozen or cut altogether.

IDC’s experts now expect the second half of 2010, a sustainable recovery of the economy and therefore a significant recovery in the IT service market. But only if the confidence is strengthening in the upswing, according to IDC, the company again increased in IT services, especially in outsourcing will continue to invest.

Especially in the field of information technology companies are already spoiled for choice, “Make or Buy” outsourcing, outsource or not? Investment decision is made to outsource only once, this raises the next question: What outsourcing model is most appropriate?

The main goals of most IT decision-makers will not change it even with a recovery: Consistently good quality with the least possible cost and time. The solution to this sometimes difficult task in practice can look very different.

For just as the demands on IT security can vary depending on the company, are different and the various models offered. No matter what parameters a company is important, whether control, infrastructure or service, can in the light of reduced budgets, there are rarely an all-inclusive package. The various alternatives should be carefully considered, is therefore imperative for companies.

Hosted Security Services

The model of “Hosted Security” allows companies to save the larger issues. Outsourcing providers make the customers for certain areas of IT security resources of their data centers are available. Just server security solutions can be realized as simple as incurred for the software and data storage media-no huge investment into their own IT infrastructure.

It must only client for the respective access can be implemented. Hosted Security Services worthwhile, however, especially for smaller companies.

Access to the hosted services and data is generally independent of the location of access, so the model also provides for branched establishment or branch networks. The disadvantage is that any adjustment to new security regulations and corporate standards is often limited and time delay are possible.

Managed Security Services

If already own IT security infrastructure in place and available – whether from historical structures or because they are run locally by compliance and must be – rather, the model provides the managed security services.

A company may adopt much of the responsibility for maintenance, legal requirements, remote access management, updates and management of the implemented solution to a service provider.

The advantage of this solution is obvious: the specialized outsourcing services in the past has often been done with thousands of security incidents had and can bring this experience and the services for other companies.

The experience of most managed security service provider is also reflected in the knowledge of compliance with current and future legal requirements and rules.

The model does have its drawbacks, as a close collaboration between client and provider is essential. Because only by continuous close consultation may take into account the outsourcing provider’s individual needs and requirements of the client in the IT security. The model is therefore primarily for small and medium enterprises (SMEs) are suitable.

After all, SMEs are often deprived of necessary expertise regarding compliance and security requirements and to observe sufficient human resources to the networks and IT architectures around the Clock.

The cloud

This is still much discussed cloud computing is another outsourcing option for the area of IT security dar. called it primarily the approach of abstract IT infrastructure such as computing power or data storage, finished packages and programming environments dynamically to the needs to survive the network available to . make Data and security applications are not here locally, but stored in a cloud of many, over the Internet is connected to the data center.

Services are provided by data centers worldwide and are virtually permanent and available everywhere. It also allows Cloud services easily adapt to changing needs.

One of the main advantages of the model is its high scalability, that is tailored for the respective actual needs without any delay. Companies can use the cloud to reduce their capital expenditure, without running the risk of overloading their systems in peak hours.

Disadvantages of the model: As with hosted services make the user dependent on a strictly and smoothly-functioning Internet connection. Falls from this, the effect stored in the cloud security measures.

Another challenge in the cloud is the function of each cloud provider since the provided interfaces are usually manufacturer specific.

Alternative to outsourcing: Consolidation

Despite the large range of outsourcing alternatives, experience shows that outsourcing of IT security functions is not the ideal way for all companies. Especially large companies prefer to save critical data on its own servers and the management of IT security due to your own IT department.

Often, the outsourcing of IT security fails even to legal, unternehmenbezogenen kundenvertraglichen or regulations that a company must take into account regarding the IT security.

To be cost effective yet to mobilize against the growing variety of everyday security threats, the consolidation offers several features and services in one system. Ideally can bundle network, Web and Mail Security on a single platform. All security installations can then be centrally managed and configured.

Consolidation can be achieved by an integrated solution or via virtualization and automation to achieve. Companies benefit from the minimization of the field is clear even kept available IT infrastructure, lower system complexity and low cost.

However, can not be as many services together in one platform, and also for the centralized system and its integrated services is a certain cost for installation and maintenance to be included.

Conclusion

Whether and how outsourcing is eligible, must ultimately decide each company based on customer desires and needs of your own. Whether it is hosted or managed services, computing Could or would you prefer to consolidate their IT security, find the right model is certainly not child’s play. It will be for most companies, however, always more expensive to operate the IT-security, even as they admit in the hands of a specialist.

This is particularly true in terms of complexity, cost and regulations. So, to make the right decision, especially the time factor plays a role – time for a comprehensive requirements analysis and risk evaluation.

Also the confidence factor to the outsourcing partner plays an important role, as companies enter their most important data in his hands.

Source: http://www.saasmagazin.de/fachbeitraege/grundlagen/astaro020910.html

This entry was posted in blog. Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *