What to consider when selecting a Managed Security Service Provider

With GDPR coming in next year, organisations need to become more aware of what service providers are doing to protect themselves and in turn protecting you. When selecting a provider, you need to be prepared to grill them to ensure you are confident that the level of protection your stakeholders and clients would expect is being provided.

A growing trend amongst Irish organisations is outsourcing specific security to managed security service providers (MSSPs). Firewalls, data hosting and vulnerability assessment are just some of the areas organisations now outsource.

The first question you need to ask is are they certified to recognised standards – ISO, PCI, and Cyber Essentials? It is important to know what standards they are working to and ensure they are compliant with GDPR. Data hosting, for example, is a service that organisations usually outsource. Hosting companies will provide their customers with servers which are physically locked which can only be accessed by a select few. This gives organisations a lot of control even though the provider does all the work.  Do your due diligence and find out how effective their physical security system is and how frequently do they test their own systems against possible breaches.

No matter what aspects of your security you outsource, remember outsourcing relieves the burden of managing of security internally, but you are still ultimately responsible for the liability if there is a breach.

Things to consider when selecting an MSSP

  • Choose an MSSP that you can trust if you have never worked with them.
  • Choose an MSSP that understands your customer needs.
  • Choose an MSSP that is financially stable.
  • Choose an MSSP that is flexible and willing to cater for different business needs.
  • Appoint one person or team as a contact point for MSSP to ensure smooth communication.
  • Ensure your employees are aware of the agreement you have within the SLA.

 

Contact us today to learn how you can become compliant to GDPR with ISO 27001 and Cyber Essentials.

Call to action

LinkedIn LinkedIn




Newsletter Subscription

For updates and industry news join our mailing list today.

Certification EU
CERTIFICATION EUROPE

Block 20A, Beckett Way
Parkwest Business Park
Dublin 12
D12 P8R2

CONTACT

Phone: +353 1 642 9300

email: Info@certificationeurope.com

Newsletter Subscription

Newsletter Subsciption
Areas of interest

All fields are mandatory