Cyber security is a hot topic these days. The Colonial Pipeline cyber-attack in May of 2021 and its fallout is a reminder to business leaders that any business can be attacked. This includes small to medium sized businesses (SMB).
Security breach statistics prove it. The distance between the number of large business and small business breaches is closing. If you think you’re not a financial target because you’re an SMB, think again. According to the Verizon 2021 Data Breach Investigations Report, 93% of the time the motive behind SMB breaches was the same as large business breaches: financial.
Cyber criminals see your business as fair game and a viable target for their attacks. Do you have a plan in place to protect your business? A recent 2020 study conducted by Bullgard reports that 43% of small to medium sized business owners don’t have any type of cyber security defense plan in place, much less a comprehensive plan like managed IT security.
You may be asking why you need a managed security plan if you already partner with an IT company for services that include security measures. That’s a great question. This article addresses the difference between managed IT services and managed security and answers the following questions:
- What’s the purpose of managed IT vs. the purpose of managed security?
- What are the technical differences between security services in an IT services plan vs. those offered in a managed security plan?
- If I have an IT service plan, why do I need a managed IT security service plan?
- What kinds of organizations need managed IT security services?
- How do I find a managed security company or an IT service company that offers managed security?
What’s the difference between managed IT and managed security?
Traditionally, an IT company or internal IT department focuses on keeping your IT systems operating. This includes, but isn’t limited to, these broad categories of service:
- Remote management and monitoring of your network to keep it up and running and troubleshooting problems
- On-site assistance and support offered by technicians and engineers
- Help desk support to deal with technical issues and answer related questions
- Procuring and installing hardware (i.e. workstations, laptops, servers)
- Access Management (administration of user accounts, passwords)
- IT security (firewalls, anti-malware software, automated patching of issues)
As you can see from this list, an IT service plan has a certain amount security incorporated. However, it’s main focus is keeping your IT up and running. The depth and breadth of the security measures will depend on the type of plan you have.
Managed security is solely focused on preventing, identifying, and resolving external threats to your systems.
Managed security services are usually offered by a managed security services provider (MSSP). However, some IT companies with strong security divisions offer them as well. Here’s a technical comparison of the security measures included in an IT service plan and a managed security plan.
Typical IT services plan security measures:
Endpoint protection and anti-malware software: Protecting a network by focusing on network devices/endpoints (computer stations, laptops, mobile devices). Monitoring their status, authorizations, authentications, and software.
Server monitoring: Identify and troubleshoot performance and security issues.
Secure remote control capability application: Allows remote access and management of your network in a secure environment.
Monitor /manage backup systems.
Manage firewall: Monitors network traffic coming in and going out.
Network password manager: Manages software that allows you to store and manage password safely.
Patching and application updating: Fixing and improving computer software, operating systems, applications when a vulnerability is discovered.
Managed security services often include:
Vulnerability Scanning: Advanced security tools and solutions for scanning and monitoring are used to scan the IT system. Detecting vulnerabilities and compromise in real time.
Alerts, reviews, and recommendations for action steps are provided when new or greater threats are found.
Incident response management and investigation: A coordinated defense strategy for addressing and managing a cyber-attack and breach. Followed by forensic analysis and investigation.
Security Consulting: Some managed security providers will offer executive level security consulting and access to a Chief Information Security Officer.
Compliance support: IT compliance experts guide, monitor, and advise on regulatory issues.
Security Information and Event Management (SIEM) tracking security: Real time analysis and management of security alerts and events. (Often optional for added fee).
If I have an IT service plan, why do I need a managed IT security service plan?
Over the last two decades, cyber security threats have increased and grown in their complexity and persistence. Cyber criminals are creative and tireless because when they’re successful, the payoff is substantial. IBM and Ponemon Institute report that in 2020, the average cost of a data breach was $3.86 million. Even a fraction of that cost would put an SMB under or likely close their doors. Consequently, it takes constant vigilance and expertise to offer persistent cyber threat protection. Your IT service plan is the beginning of that defense. Managed security takes it to the next level.
Think of your IT security like the defense of a football team.
In football, your linemen are the first line of defense. You can’t begin to play defense without them. This is like the security services you receive in a basic IT service plan. Your network protection starts with these security services. But, your defense can’t end there. If you want to do more than play a quick pick up game, your defense needs skill and depth. Add a few linebackers and you’re looking at the security measures in your mid-range IT service plan.
A full defensive team isn’t complete without a secondary team with cornerbacks and safeties. Depending on the quality of the team and coaching staff, you can find this kind of security defense in a premium IT service plan that offers advanced security measures. All of these are necessary for a strong defense. However, if you’re serious about your football, you want to keep the offense from scoring. What you really need is a defensive coordinating coach in the skybox to help call the plays. This is managed security.
The coach in the skybox sees the big picture and can switch up the defensive game based on what plays the offense is calling. Likewise, a strong managed security plan has trained security analysts. These security engineers actively search for and identify new threats. As a result, they can provide alerts to the coaches on the sidelines (you and your leadership team) and review the threats and make recommendations. They can also provide real-time monitoring for vulnerabilities. They’ll adjust the security “game plan” and reprioritize issues based on new or greater threats or risks that arise. This affords your business the protection it needs when faced with persistent security threats.
Who needs managed IT security services?
Managed IT and managed security aren’t an either/or proposition. They’re a both/and option. You need a defensive team and coach to play your best game. Still, there are some issues that make it obvious you should invest in managed security.
Does your organization have:
- Compliance and regulatory standards that require you to protect client and patient data and information
- An internal IT team that can’t keep up with security issues and training
- A complex network
- Multiple offices
- Remote and onsite employees
- Experience with a security incident or breach in the past and the need for security experts you can call if you have a security crisis
- A high degree of trust with clients and customers which must be protected
- Plans to grow and expand your services
- The need to outsource IT to minimize your costs and maximize efficiency
Any business that needs to protect their data, clients, reputation, and bottom-line benefits from managed security services. The strength of your IT security is proportional to your investment in the team you employ and the tools they use to protect your network and business.
How do I choose a managed security company or an IT service company that offers managed security?
Firstly, if you’re already partnering with an IT company, it’s important that you know what services you’re paying for and actually receiving. This includes the security measures. Once you know what you’re receiving, you need to assess the services you’re receiving. Consider using these resources to help you in that process:
Secondly, determine if your current IT company can handle your security needs or if you need to look for a company that offers managed security services. In addition to the issues mentioned in this article, look for the following:
- A team of professional security engineers with significant experience managing incident responses and conducting forensic analysis. How much incident response work have they done? How experienced is their team? What would they do if your network was breached?
- A company that offers senior level security and IT consulting with their Chief Information Security Officer, Chief Information Officer, and Chief Technology Officer. Security experts and engineers are a must have, but you also need a managed security team that can advise your executive team when it comes to future IT security needs and during a security crisis.
- A company you can trust. Do your research. Are they transparent about their pricing and the services they offer? Do they offer reports that prove they’re doing the job you’ve paid them to do? Do they offer exceptional customer service? Will they work well with your employees and in-house IT team if you have one?