That’s why we asked Ivan Paynter, a security expert from our esteemed vendor Masergy Security, for a list of the most critical questions you should ask when choosing a sound security-as-a-service solution for your customers. Knowing the right questions to ask your potential vendors could be the difference between finding the perfect fit for a customer and losing a customer.
As such, be sure to ask the following six questions:
Can you provide a solution tailored to my customers’ unique network architecture? To protect an organization’s data thoroughly, the MSSP must tailor the security solution to the unique network’s architecture. For instance, Masergy only loads signatures or anomalies based on what is in a customer’s network, and scans the network on a regular basis to make sure that both its machine intelligence and human intelligence are familiar with the unique environment. In this way, customers can rest assured that their network is managed individually.
Where do you store my customers’ data and how do you protect it? Not every vendor stores client data in a way that leaves the customer feeling in control. To support your customers who want to be in command of their own data, choose a vendor that keeps client data on-premises. For example, some vendors provide a behavioral-based analysis of historical, anomaly and raw data that can be executed on the client’s network on their premises to preserve data integrity and compliance. This enables the MSSP to compare data sets in order to discover variances, all without moving data off-premises, which can potentially comprise data integrity. This will also keep many customers in compliance with applicable regulations.
How do you perform analysis? Some MSSPs, such as Masergy, perform analysis on-premises, as explained above, which reinforces data security. From there, the analysis process involves watching the customer’s data over a period of time so that both machine and human intelligence can learn how it flows and the types of protocols that are used. This data then becomes normalized data, which the MSSP uses to discover correlations and traffic patterns. Then, by comparing raw data and normalized data, the service provider can detect potential vulnerabilities and anomalies.
How can you protect my customers’ organizations from a zero day attack? A best-in-class security-as-a-solution vendor identifies deviant behavior in a customer’s network by possessing an inherent understanding of the traffic patterns within the normalized data, as described above. By maintaining a deep knowledge of the unique network infrastructure, the solution provider can detect holes and patch them before a hacker has time to attack and, subsequently, alert the customer in rapid time.
How do you minimize false positive results while ensuring you provide legitimately actionable events? The service provider gains a deep understanding of a customer’s data by watching the network for period of time and analyzing the historical, raw and normalized data, as previously mentioned. As such, to avoid false positives, the vendor must ensure that it does not rely solely upon machine intelligence to analyze data. That is, human intelligence is required to teach the machine how to detect false positives and, thereby, avoid diagnosing them as security events.
How do you resolve and mitigate identified issues? There is much to be said about a vendor that steps in and becomes a part of the customer’s team. Especially when it comes to security, choosing a vendor that is dedicated to becoming your customer’s resource is of the utmost importance. With that said, a vendor like Masergy makes sure that when an issue is identified, staff is available to jump in immediately and walk the customer through the solution process step by step. This way, customers are never left in the dark; they have a provider with a reliable game plan in place.
Take the time to ask your potential vendors these six critical questions before making a final MSSP selection. Your choice will determine whether you have the power to either satisfy or displease your customers.