During the downturn, you streamlined operations to make them truly lean. Now, with economic conditions brightening, you don’t want to take your eye off the ball. But, during all this belt-tightening, did you let things go that exposed you to risk?
Network security often lands on the back burner when the going gets tough. We hear about security risks every day and understand what could happen…but dismiss the likelihood it will happen to us.
The truth is, the risk is just too high and now is a good time to evaluate your security strategy. But how do you know what’s right for you?
Let’s break down the options:
Do it yourself: Hire or train staff to secure your business through tools such as firewalls and web filters.
Pros: No worries about handing over the “keys to the castle” or compromising confidentiality. You stay in the driver’s seat.
Cons: Significant capex and opex. Increased complexity from managing multiple tools. Ongoing maintenance can get costly.
Who it works for: Typically larger businesses with a full IT staff and resources (capital and tools) to manage the environment.
Buy the gear, pay someone to manage it: Purchase managed security services from a partner who manages security equipment and services on your network.
Pros: Minimal capex. Reduced complexity. IT staff and budget focused on strategic activities, not day-to-day security management.
Cons: Must trust your partner, who must work within your existing setup. If it’s not optimal, this may affect quality of service or costs. Ongoing licensing fees from previous agreements.
Who it works for: Companies that invested in security, but struggle to keep up with compliance, threats and maintenance issues.
Go to the cloud (almost): While it would be nice to rely solely on the cloud, the reality today includes a premise-based solution. In this case, you outsource all security, but your partner typically deploys and manages hardware at your site.
Pros: No capex or staff needs. Partner can manage other elements like the network for an integrated environment. Incident management and resolution improves.
Cons: Not as fully integrated with other cloud offerings as it could be.
Who it works for:
- Small businesses that lack security staff and expertise.
- Mid-sized businesses, where dealing with security distracts IT from core business functions.
- Large businesses with many locations, looking to outsource day-to-day security.
Have you had successes or failures with any of these approaches? Any lessons learned or best practices?