Keeping Security Monitoring In-House Becoming Riskier for Some Businesses

Kachina Shaw
Slide Show

Seven Data and Information Security Mistakes Even Smart Companies Make

The task of staying on top of all of the alerts and alarms that security monitoring tools send out constantly is becoming an unsustainable burden to some IT departments. In balancing setting up and manning these alerts – sometimes millions of them -- while at the same time providing other mission-critical services to grow the business, something has to give. The problem has even been blamed in the massive 2014 Target breach, in which relevant alarms were not noticed in a timely manner.

Security monitoring tools are all but useless without human IT resources to follow up on them, and quickly. It’s become a specialized service area for some enterprises, who want to outsource the monitoring to experts who do nothing but, and know the ins and outs of setting thresholds and balancing monitoring of multiple systems.

Managed service provider Logicalis US has compiled five questions for CIOs considering bringing on a monitoring service provider to support IT’s security responsibilities.

It’s about balance and value, says Michael Strysik, services principal, Logicalis US:

"The question CIOs have to answer with regard to IT monitoring is whether or not they are getting the best value out of the tools they are using. When alerts are flooding in, are they able to efficiently filter the 'noise' to be able to focus on the top issues that are the root cause of the problem impacting the environment? A managed service provider experienced in monitoring IT environments for customers will be able to bring a lot of intellectual property to the table. They are accustomed to monitoring and managing a 24x7 environment for thousands of devices across an array of heterogeneous environments. At the end of the day, for many customers, it makes sense to take advantage of a managed services model rather than trying to recreate that expertise in house."


The five questions CIOs can use to weigh keeping monitoring in-house vs. outsourcing to a specialist:

    Is your monitoring tool configured properly? Most organizations have off-the-shelf monitoring tools that gather information from all of the devices on their network. The information coming from these tools can be overwhelming, and while it may be helpful to have access to all of that data, weeding through it in crunch-time can be cumbersome. To limit alerts to those that are most important takes training, knowledge and expertise, which leads many organizations that want to manage IT monitoring in house to employ full-time experts just to configure and manage their monitoring tools.

      Do you update regularly? Since rules are continually being added to monitoring tools, monitoring isn't an "implement and forget it" situation, which means IT departments spend a considerable amount of time making sure the tools they depend on for alerts are as current and up-to-date as possible.

        Can your tool provide event correlation? A single network error can have a ripple effect impacting applications that would otherwise be completely unrelated. As a result, it's critical that an IT monitoring tool provide event correlation to speed diagnosis and remediation in all affected areas.

          Does your monitoring tool offer historical trending data? When managing an enterprise environment, IT pros need to analyze historical trend data to identify recurring issues as well as to do capacity planning which, in many cases, can help prevent issues before they arise. Some of today's popular monitoring tools, however, either operate in real time or store historical data for 30 days or less. Knowing what your tool offers is important information since being able to intelligently analyze and manage an organization's IT environment can depend on having access to this historical data long term.

            Do you have the right expertise in house? In an enterprise IT environment, it's important to consider internal staffing needs and the expertise required to manage the monitoring tools and process in house. Keeping an enterprise environment up and running is no longer IT's value-add; it's an expectation. Today, most organizations want their IT staff delivering business results, which is why it may make sense to consider outsourcing monitoring to a third party skilled in assessing and limiting incident reports to only the handful that a busy internal staff actually needs to address.

              Kachina Shaw is managing editor for IT Business Edge and has been writing and editing about IT and the business for 15 years. She writes about IT careers, management, technology trends and managing risk. Follow Kachina on Twitter @Kachina and on Google+



              Add Comment      Leave a comment on this blog post
              Jun 5, 2015 2:49 PM sean sean  says:
              I like your point about personnel being so critical when it comes to monitoring security alarms from security systems. It is easy to buy a good security system and think that the process is automated and you are secure however. Security monitoring is something that requires personnel. I think another point you make, about companies who specialize in this type of IT being a great option for many companies, is a very valid one. Reply
              Jun 25, 2015 5:40 AM security Alarm System Newcastle security Alarm System Newcastle  says:
              Yes exactly I too agree using security alarm systems, CCTV cameras and other security devices one can easily security surveillance & monitoring. Reply
              Oct 26, 2015 9:55 AM Farah Farah  says:
              Does this security monitoring device needs frequent or regular update? Please send some advice. Thanks Reply

              Post a comment

               

               

               

               


              (Maximum characters: 1200). You have 1200 characters left.

               

               

              Subscribe to our Newsletters

              Sign up now and get the best business technology insights direct to your inbox.