A managed security service provider explains how it can offer enterprise-grade protection to small businesses.
“Everybody is a target of cyberattacks,” warns Hayden Johnston, operations director at Wyscom, an Australian managed security service provider (MSSP). This is one reason why it makes sense for small and mid-sized businesses to outsource their IT security to a specialist, Johnston says.
And by serving lots of smaller businesses, an MSSP can apply technologies that are generally only the domain of big business and government, such as managed highly-available enterprise-grade firewalls, according to Johnston.
MSSPs can also offer a team of engineers with a range of backgrounds such as applications, backup, networking and so on, and certified in the use of various products. And MSSPs work 24 hours a day, seven days a week, 52 weeks a year.
So using an MSSP can be better, more efficient and cheaper than relying on an employee or a lone consultant who are unlikely to have the full range of skills required, according to Johnston.
Wyscom technical manager Damian Petkovic says that using an MSSP to take care of security frees up a business's own IT staff to concentrate on more productive tasks. We suspect that also applies to technically-oriented people in other positions that have become de facto IT staff.
Most often, small businesses approach Wyscom after realising their systems have a vulnerability, or – more worryingly – after being attacked. For example, the owner or manager might suddenly twig that the firewall installed two or three years ago has never received firmware updates and has never been reconfigured to account for the changing environment. A business might have spent a significant amount of money on security measures two or three years ago, but that doesn't guarantee it's still doing its job properly, Petkovic warned.
Another example of a trigger for contacting Wyscom is that ransomware or other malware has found its way through the business's defences.
Petkovic suggests that if you're not sure whether your security measures are working properly, you ought to have them independently reviewed by an MSSP.
Uncovering attacks that use encryption
In addition to security housekeeping, MSSPs deliver additional value to businesses by staying abreast of the security scene and the associated marketplace. For example, deep packet inspection of encrypted network traffic is becoming important as cybercriminals increasingly use encryption to mask their activities from conventional inspections.
Note that inspecting SSL traffic is tantamount to a man-in-the-middle attack – the unified threat management (UTM) firewall decrypts the incoming traffic, inspects it and then re-encrypts the traffic that passes inspection. But that re-encryption has to be done using a different certificate, so you have to make sure that all your computers and other devices recognise that certificate. That’s another reason for getting specialist help.
“We're constantly seeking out the best products to incorporate into our customers' networks,” says Petkovic. The wide range of security products overwhelms many businesses’ ability to make a rational choice, but an MSSP does this on a continuing basis.
Currently, Wyscom suggests small businesses combine cloud-based services such as Office 365 (for email) and Webroot (endpoint security and web gateway protection) with a Watch Guard UTM firewall (which can cost less than $500 including a three-year management subscription).
Johnston says very small businesses could assemble their own collection of such products and services, but using an MSSP is simpler.
When you should consider an MSSP
According to Petkovic, small businesses tend to become interested in MSSPs once they have at least five people. Before that, they usually get by on their own, providing they have at least some technical expertise. But with five or more people the idea of paying a monthly fee becomes less daunting, and they can see that a more formalised approach to IT security is appropriate.
And “it depends how much their staff are screaming” about IT issues, says Johnston. Ongoing problems are a sign that expert outside help is needed.
“A lot of our business comes from word of mouth,” he says.
That makes sense: how many small and mid-sized businesses know enough to be able to choose the right MSSP? So a recommendation from a peer probably carries even more weight than usual.