maybe it is a mute point because most non-Fortune 500 placs I
know of don't want to or don't feel it is warranted to spend the
cash on a local security guy OR a MSP. it depends on the
context. some smaller places may have a security guy of their own
who could rival the service these large MSP's provide. as you
said they look for patterns etc. they can't/aren't motivated to
spend the same time or intensity a local person may be able to
give (IF QUALIFIED). a bad MSP is no better than a bad local
guy. a MSP shouldn't be the sum total of one's security policy.
On Wed, 27 Jun 2001, Bill Royds wrote:
> Which would you rather have watching your network security?
> Your local IT jack of all trades who spends most of her day recovering deleted
>Word files?
> or
> pay a professional IT security guy to watch your network connection (and 100
>others to catch patterns) 24x7.
>
> For anything under a government department or Fortune 500, that is your choice.
>
> A good Managed Security Provider will work with a client to develop a security
>policy, establish the security needs and procedures, and provide the personnel
>support to achieve this. For some companies, it might mean a regular staff person
>during working hours who handles policy and local support, with a MSP providing
>management outside of office hours, installation and hardening and installation of
>patches and monitoring of alerts.
>
> A firm should be able to work out a service contract that fits the firms needs.
>Most firms are not in the IT business, so the security expertise is certainly not
>in-house..
>
>
> -----Original Message-----
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]]On Behalf Of Zachary Uram
> Sent: Wednesday, June 27, 2001 17:59
> To: [EMAIL PROTECTED]
> Cc: Ron DuFresne; [EMAIL PROTECTED]
> Subject: Re: Managed Service Providers
>
>
> i don't understand what someone would rely on an outsider to
> manage their security structure?
> it seems this is best handled on the inside (with firewalls, IDS,
> etc..). and if you are just one of many customers won't you get
> less intense/frequent scrutiny than if you had your own dedicated
> security staff person whose job is to manage your network
> security?
>
>
[EMAIL PROTECTED]
"Blessed are those who have not seen and yet have faith." - John 20:29
_______________________________________________
Firewalls mailing list
[EMAIL PROTECTED]
http://lists.gnac.net/mailman/listinfo/firewalls
