I am working for a MSSP in Italy and I can give you some information about
IT security and why it should be outsourced.
Information security is much more wide than IT security as it is
comprehensive of all information your company has: paper documents, phone
calls, internal policies and procedures, patents, etc...
Here some advantages to have IT security managed by a MSSP.
- The price of the service is generally very low compared to the great
expense you have to go if you decide to manage the IT security internally.
- Personnel and competencies are very hard to find especially if you do not
offer, to an IT security expert, proper career perspective in his field.
This perspective could be very hard to promise if you are, for example, a
textiles company.
- If you decide to manage IT Security internally you have to invest
resources (money, employee, time, etc...) in this activity that could be
better used for core business activities.
- Usually MSSP provided its services 24 hours a day, 365 days a year. Quite
expensive, or even not feasible, activity if IT security is managed
internally.
Have a look at www.cert.org. There is a complete section where is explained
pro and cons of an IT outsourcing choice.
Regards.
--------------------------
Pellistri Massimo
Business Development Manager
LISCOM - www.liscom.it
S.S. 33 del Sempione, 212
21052 Busto Arsizio (VA)
Cel. +39 348 4935818
Office. +39 0331 072292
email: mpellistri@liscom.it
-----Messaggio originale-----
Da: RusCrypto [mailto:ruscrypto@gmail.com]
Inviato: giovedì 30 giugno 2005 17.32
A: security-management@securityfocus.com
Oggetto: Outsourcing information security
Dear list members,
I'm trying to develop some sort of the policy about out
Outsourcing information security to different security providers.
Can anyone give me any ideas, directions or even a sample. Also
research papers on this subject is thankfully welcome.
--
Regards,
Ruslan O. Nesterov
Security Arhitect
http://www.ruscrypto.com
IMPORTANTE: il contenuto di questa e-mail e degli eventuali allegati, e`
strettamente confidenziale e destinato alla/e persona/e a cui e` indirizzato.
Se avete ricevuto per errore questa e-mail, Vi preghiamo di segnalarcelo
immediatamente e di cancellarla dal vostro computer. E`fatto divieto di copiare
e divulgare il contenuto di questa e-mail. Ogni utilizzo abusivo delle
informazioni qui contenute da parte di persone terze o comunque non indicate
nella presente e-mail, potra` essere perseguito ai sensi di legge.
IMPORTANT: The contents of this email, and any attachments, are
CONFIDENTIAL and intended only for the person/s to whom they are addressed. If
you have received the email in error please notify the sender
immediately and delete it from your computer system. Do not copy or distribute
it or disclose its contents to any person. Any improper use of the
contents of this email will be prosecuted by law.
