-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
> -----Original Message-----
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]] Sent: Wednesday, August 23,
> 2000 7:38 PM To: Frank Knobbe; [EMAIL PROTECTED] Subject:
> RE: Online Security Services and Continous Risk Management
>
> OK, let's then put into your thinking then. Manufacturers:
> vendors who
> make firewalls, IDS, virus protection, etc
> Installers - high end to low end consulting services that install
> and configure them (rack and stack ) Consulting - verify that
> everything looks and smells ok, the alarm trips when the door is
> locked type of thing. (Don't really do to much). Monitoring
> companies - 24 x7 if the alarm trip they call or page you.
>
> OK, so where does online security services come in, mind you
> the category I
> am talking about is very ill-defined, especially when they
> advertise they
> are a one-stop security solution but they are just going
> after replacing
> the Consulting piece stated above.
I would say they fit the Monitoring companies. Back to your question,
though: Are they worth it.
I think that can be answered by comparing them to traditional
security monitoring companies (A*T etc). Are they worth it? Shouldn't
alarm bells and whistles be enough? Hardly, because by the time you
return from vacation your stuff is gone. Does a monitoring company
help? My personal opinion is no because when they show up, my stuff
is gone already.
Now reflect that to IT security monitoring. If they monitor and send
me an email saying that around 2am on Sunday something strange
happened what appears to be a break-in, then they're worthless
because I'll find that out on Monday when I review my logs (or check
my email etc).
If they show up Monday, it's too late.
If a security monitoring company could be on site immediately to
catch the intruder and prevent damage, start forensics and have a) my
data saved from the evil hackers, and b) evidence or at least a
report for me on Monday, then I think they would be worth an
appropriate amount of money.
Are they worth it? Only if they can prevent damage or minimize it. I
don't think they are worth it if they just let me know I have been
hacked.
So the question becomes: What service can they offer that really help
my company and its data? Just being a watchdog and bark is not
enough. They oughta be able to bite the intruder.
If they are so cheap that I don't need a network admin capable of
reading log files, than this might be another reason to contract them
(Saves me from setting up/getting a log analyzer/IDS system). Money
is the deciding factor in that case and I doubt that the security
consulting companies are as cheap as A*T.
Another question is: Does my company want to take the risk and
responsibility of trusting such a contractor? How do I explain my
shareholders that my alarm system failed because the contractor
failed.
> >The problem I see is that pretty much everyone wants to do it all,
> >trying to present themselves as a one-stop security shop.
>
> The one stop solution model stopped working a while back, it
> is more of a
> partnering type of ASP, MSP type architecture these days.
> Not one company
> can do it all,and what end it ends up doing is confusing
> CIOs, CEOs on who
> to go with. The biggest result for each security dollar spent.
Yet we still find companies that acquire instead of
partnering/outsourcing. I know of a press announcement due next week
that fits this shoe perfectly. And I think everyone has seen
company's A stock dip when they acquired company B to add to their
portfolio of services offerings because the market does not believe
that company B's line of business fits in company A real of
expertise.
Sorry for drifting off topic there for a minute...
Regards,
Frank
-----BEGIN PGP SIGNATURE-----
Version: PGP Personal Privacy 6.5.1
Comment: PGP or S/MIME (X.509) encrypted email preferred.
iQA/AwUBOaR2e0RKym0LjhFcEQIjcwCg/g/eH1ieb5ooJE4p9XcS8FksHcIAnRfB
oJHuK1E6cAdyqRP91DwfBD3a
=1/On
-----END PGP SIGNATURE-----
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
