decrypting myths
restrictions on
where data can
be stored
and accessed.
Lastly, here are a few tips
to ensure that you achieve the
benefits and value that you are
looking for from your MSSP:
1. Be realistic
Your MSSP doesn’t provide a
magic veil that will negate all your
security risks. In large part, your
MSSP’s ability to be effective will
be dependent on the technologies
and tuning thereof that your
company has invested in within
the managed service.
2. MSSP partnership success
is a two-way street
Effective and clear communication
is critical for success. You or
your team will have to work with
the MSSP on a regular basis.
It is important that your team is
prepared to make access available,
answer questions, participate in
changes, etc.
for a third-party audit from an industry
body such as ISO. This validates that
appropriate controls are in place and
that the company pursues industry
best practices to evaluate their own
business processes.
5. Where is the service
delivered from?
Marc Brungardt, President and
co-founder, Foresite
accordingly. Understanding what
compliance frameworks your MSSP
has and is attested for will say a lot
about their readiness to have access
to your network. At a minimum look
www.intelligentciso.com
|
Issue 12
Many service providers look for the
cheapest places in the world to locate
operations centres where English
may or may not be the first language.
Be sure you are comfortable with the
regions that you will be interacting with
daily. More importantly, understand
where your data resides. Many business
and government entities have regional
3. You still own the
responsibility of your
company’s security
Unfortunately, partnering with an MSSP
doesn’t negate your responsibility to
own the security outcome for your
business. Your MSSP is your partner to
help you achieve the best outcome for
this goal. u
Your MSSP doesn’t
provide a magic veil
that will negate all
your security risks.
69