We have all seen an increase in IT services being outsourced. The exact metric on adoption and market size is hard to come by because the definition of IT Managed Services is not clear. Nonetheless top IT management have become more accustomed to the idea of Managed Service Providers and in some obscure surveys, 90% of individuals were either familiar or somewhat familiar with what Managed Service Providers actually do.
The point I am trying to make here is that outsourcing IT has become very popular and has gained its popularity for many reasons. Before I go into the reasons on why there has been an increase in companies utilizing external IT support, I want to clarify some baggage when using the word “outsourcing.”
Support contracts and renewals can be a nightmare to manage. Think about every hardware, license, subscription that you have in your IT environment. You may have 5,000 plus assets that require support. All of which have different expiration dates. Who is managing all of these support contracts?
Keeping up to date with support contracts and renewals is a very important piece to making sure that downtime in your environment is at a minimum. Support contract renewals for a given product or solution can get lost in the mix especially when IT is tasked with day to day IT needs, projects, and emergency situations. When a contract has expired for some reason or the other and a problem occurs with that given solution, support is unavailable. This could result in serious issues not only for IT but for the business itself. Maybe a server is down and applications used to communicate with customers are inaccessible. Maybe a firewall is down and has left a vulnerability in your environment. If your engineers are not able to break fix and the support has expired, IT now has to pull the fire alarm.
More than ever before, enterprises need better security solutions. Advanced threats have moved into the next generation and most security solutions are a step behind (reactive) whether they are too slow, too complicated, and/or too ignorant to new forms of advanced threats.
The issue here is that cyber criminals continually evolve their techniques in order to bypass endpoint security solutions. These solutions also need constant updates, policy, and signatures in order to prevent threats which can be a nightmare to manage, financially and labor-wise. Due to the reactive nature of most endpoint solutions there must always be a successful attack in order to identify a new threat. In other words, you or your neighbor must be attacked in order to recognize and understand a new threat and then protect against it.
Does this concern you?
There has been a lot of buzz around the end-point these days. There are many reasons why the end-point has come to the forefront in security discussions. First, anti-virus and malware software have basically become obsolete. Zero day threats are too constant and mulitplied for companies to stay up to date on their security patches. Security needs to be in real time or close to real time. Second, we have become extremely mobile. We take our laptops, smart phones, smart pads, and many more devices everywhere we go. Now many people will say “hey, I have a next generation firewall. I don’t need end point security.” That person is exactly right, except for one problem. Your next generation firewall only works when you are connected to your network whether you are at work or you VPN.
Did you know, on average, that IT knows about 10% of the cloud applications running on their network? The other 90% of apps are never approved by IT as enterprise ready or secure. 70% of these apps are being implemented by your business leaders to communicate internally/externally and to make processes more efficient. The final 20% are all the apps that your users access on work machines including BYOD such as unsanctioned storage and email apps.