Managed IT Services firms come in many shapes and sizes, and provide a wide range of capabilities. Some specialize in particular industry segments, while others might focus on niche IT domains. Most will strive to be full service, providing the hardware / network resources as well as the subject matter expert (SME) resources to enable IT for your business. But a key question that should be addressed is what they do to protect your business from security threats.
Don’t be fooled into thinking nobody wants to hack your business, or that the data you have would not be so bad if leaked. According to the National Cyber Security Alliance, 60 percent of small companies close down within the six months following a cyber attack. Additionally, attacks on SMBs are rapidly increasing since SMBs are often seen as easy targets and “gateways” into larger corporations with which the SMBs interact. Combine these two facts and you begin to see a real need for protection from cyber security threats and attacks.
So in addition to selecting the best and most cost efficient Managed IT Services for your needs, ensure that the overall solution includes robust security and recovery components. Generally, there are two areas of focus – Prevention and Recovery.
Prevention: The old adage “an ounce of prevention is worth a pound of cure” is a real understatement when dealing with Information Security. It is important that your service provider has a holistic view to securing both your data and overall infrastructure. Security Information and Event Management (SIEM), Penetration Testing, Vulnerability Management and Incident Response are key areas that need to be addressed. Your service provider needs to protect the perimeter as a base line, and then your individual resources as second boundary.
Recovery: Even with a robust Information Security plan there is a chance you will be the victim of a breach. Phishing scams continue to flourish because they work occasionally, and those often lead to leaks from the inside which are more difficult to prevent. These generally take advantage of people either not being aware and savvy, or otherwise playing on emotion often resulting in malware being inserted into your systems. So having a documented, tested, and readily available Response and Recovery plan is vital. This is much more than just having a backup available to restore. It involves determining when a breach was first achieved since many attacks remain live in a company’s systems for months before they are detected. Restoring systems from backups that were already infected is not going to help if you cannot isolate good data from bad. It also needs to take into account customer notification requirements. If your business is involved with HIPAA or PCI-DSS for example, there may be regulatory or legal requirements dealing with who, how and when notifications must occur.
On a related note with regard to recovery is the subject of Business Continuity. There are scenarios where a Business Continuity plan may need to be invoked that has nothing to do with a breach so it is an important component of an overall Information Security plan. A Business Continuity plan will deal with restoring business operations in addition to, or in connection with, a cyber attack recovery event. A Managed IT Services firm like Intrinium can not only provide additional Information Security Consulting Services, but they also have the expertise for backup / recovery resources to deal with these subjects.