Do Managed Service Providers Provide Adequate Security for LANs/WANs?

Every day the news is filled with stories of yet another network breach. In some cases, the breach amounts to little more than a site defacement. There are times, however, when a worst-case scenario is realized—where customer data has been stolen, corporate secrets revealed or services are interrupted. Sadly, things are only going to get worse before they get better.

Network security problems have become so rampant, the consensus among experts is not if a breach will occur but when. 

That is not an acceptable answer for most IT pros.  Simply put: Do you want to let your job ride on the consensus of others? Or do you want to be an integral part of protecting your company, its customers and intellectual property?

Therein lies the real dilemma. How can you protect your network from breaches without breaking the bank and creating a management nightmare, while still allowing users and customers access  to information, accounts and critical services?

There is an answer, albeit not a simple one.  It takes a cocktail of mixed solutions to protect today’s heterogeneous networks. Those solutions are usually applied in layers. A group of appliances that normally offer firewall, VPN, Intrusion Detection Services (IDS), Intrusion Prevention Services (IPS), web filtering, policy enforcement and malware detection are deployed at the edge of the network to combat any malicious attempt.

Ironically, there are times when all of that effort doesn’t work, and something bad still happens.

You now have situation of not only layering, but also validating security and being ready to perform real-time forensics and anomaly detection to bring a modicum of true security to a connected, customer facing network. That in itself creates major concerns, such as how much will this cost? Who will manage this? Who is responsible when things go wrong? These are questions that the harried IT pro really does not want to hear, especially when the CIO, or worse yet, the CEO walks in and asks are we protected from this? The IT manager had better damn well have the correct answer.

That correct answer depends upon the security technology in place and the ability to manage and monitor it.  Both conditions lead us to an obvious question: What security technologies should I invest in?

Traditionalists tend to like the warm and fuzzy feeling of having racks of security hardware buzzing away just a few feet away from their offices. After all, it is tangible and right over there to monitor, fix and play with. Warm fuzzy feelings do not protect networks, however, technology does.  The real question becomes: Should I turn to the power of the Cloud to protect my network or should I build and manage my own solutions in-house?

Cloud services vendors assert that the Cloud holds all the answers, and that it is where security belongs. While software and hardware vendors think onsite solutions—provided by them, of course—are the only way to go. So which is better? Not surprisingly, the truth lies somewhere in-between.

Those turning to the Cloud for security find that these offerings are robust, affordable and reliable. And that there are many advantages to using the Cloud for security services.