Managed Services companies operate similarly for the most part. Benefits include 24x7, Vendor Certifications, Staff Augmentation, Tuning, Rule Setting, Expert Engineers etc. But what is also important to consider is picking a security services company that offers a co-managed service. More and more companies are offering this now which is good to see. Below are some benefits of co-managed versus traditional managed service.
Login to everything, copied on vendor support issues, view logs anytime or perform support issues and can self-audit all changes. All policies can configurations can be reviewed on a regular basis. No "Black Box" and questions on what is going on. Can login and see anytime.
In traditional managed security services, logs are sent back and forth increasing chances of security risks. Co-managed security service companies DO NOT receive or store any of client's data but instead work from devices that are from the client's location. This includes log files, system configurations, etc. Security staff from client and the co-managed security services company can search and browse original log data and work close in hand (if interested) during investigations. This is not true with conventional managed security services.
With co-managed security services the co-managed security partner leverages the current technology environment and other products and solutions as needed. As customized scrips are made and created based on specific rules or dashboards or whatever is needed, that is YOURS. Your property, you do not need to do it all over again if you at one point you decide to bring the service in house.
The MSS analysts have multiple other environments and have diversified tools and skill sets. Their use cases, attack analysis and reports that are created from the co-managed security services company all stay within your environment and helps for future cases, new rule sets etc.
If you are worried about a Hotel California Model (Check in anytime you like but you can never leave) OR if you have a SIEM and are not using it to its full potential OR if you are worried about sending data offsite OR if you want the option for control and access for your logs then co-managed security services are a good fit for you!
April 20, 2017