Working remotely continues to be the new norm. Companies are adapting to the new changing work dynamics, and need to ensure consistent secure access for their employees working from home.
Similarly, the world of managed security services has shifted to further adapt to the needs of this reality. Last month, guest speaker Jeff Pollard, VP Principal Analyst serving security and risk professionals at Forrester, and Jason Georgi, field CTO at Palo Alto Networks, discussed how cloud delivered managed security can help secure remote workforces at scale.
Jeff Pollard shared his findings and most recent research on the managed security services (MSS) industry. In his view, managed security services have gone through a shift that has been exacerbated by the situation influenced by the pandemic. With cloud becoming an essential part of businesses, managed security service providers (MSSPs) are becoming innovative in many ways to support cloud and work with multi-cloud environments. They have also adapted their security services to support the decentralized and remote workforce that we see today.
When organizations are asked about their most important drivers to outsource security services, Forrester provides a very interesting finding. Looking at 2019 research, the most important drivers were:
- #1 Improve quality of protection
- #2 Gain 24x7 coverage
- #3 Greater competency or specialized skills
"To support a large number of mobile users” was much farther down on the list at #11. Now take the 2020 data:
- #1 Improve quality of protection
- #2 Greater competency or specialized skills
- #3 To support a large number of mobile users
As noted above, supporting a large number of mobile users becomes one of the most compelling reasons, rising up from #11 to #3. According to Jeff - “Looking at this year over year in the past, I have never seen this one that high. It is very clear that the pandemic, work from home circumstances have had a tremendous impact on why companies were looking at managed security services partners.”
Modern, Unified Cloud-based Security Platform Approach
Jason Georgi shared Palo Alto Networks strategy when partnering with MSSPs by utilizing a unified platform based approach that is based on the concept of a secure access security edge (SASE). It doesn’t matter where the user is or where the consumed service resides, it is based on the ability to connect all users, devices and applications in a secured manner. As a cloud-native platform, a SASE solution provides secure access to everything with cloud scale.
In turn, SASE allows MSSPs to build their offerings on a delivery-as-a-service-model, moving from managing infrastructure to security-as-a-service (SaaS) offerings, allowing rapid execution and enabling SLA assurance. Similarly, it helps organizations mitigate unpredictability by better adapting to changing working environments.
The idea of this platform-based approach doesn't just address the driving need to improve remote worker security and scalability. The outcomes of a unified platform are relevant to all secure access use cases: elastic scalability, complete visibility and control, improved user experience and a better ROI, derived from the simplifications of policies, interfaces and tools.
Where a True MSSP Partner Can Help Organizations
For organizations, change and cloud transformation can be a huge challenge. There are risks across many aspects including politics, lack of vision, and reputation. For many organizations the fear of change leads to doing nothing. So, how can organizations overcome this fear and get set up for success?
A viable option is to use professionals that have done this before and help to make the transition easier. In Jeff's view, MSSPs have gained a security pedigree and experience from working with many different customers and technologies. They know what is effective -what works and what does not work- and can potentially guide organizations along their transformation journey. They make prescriptive buying recommendations, ultimately identifying the best technologies and vendors to fit an organizations’ specific needs. MSSPs reduce the complexity by offering organizations a single view - one invoice, and one single interface - and hiding the complexity of vendors and technologies in the underlying service.
MSSPs are experts not just in cybersecurity but also in the operations of cybersecurity technologies. By training an organization’s own IT teams and helping with the initial operations, MSSPs can dramatically reduce the time to value. Additionally, they make sure organizations stay compliant, even in the cloud, where the shared responsibility model often comes full of challenges.
Organizations Are Not Alone And Have the Power to Define Partnerships
Organizations are not alone in their transformation journeys to accommodate to today’s dynamic working environments. Any new service – even a cloud-based one – comes with overhead that many organizations are not equipped to support. A viable option is to use professionals that have done this before and carry the right expertise to set them up for success.
Like any other organizational choice, picking the right MSSP matters. A true partner should be able to demonstrate problem solving and focus on the organization's specific concerns while applying their experience to unique use cases. The partner needs proven expertise, the right platform and tools to help with any strategy.
Organizations have the power to structure the arrangements with the partner, and define the type of service required. It takes discipline and awareness to decide on what you want to attempt with your own resources versus what should be left to a partner to help with. That is the power that enables organizations building services with the right mindset that ultimately generates a positive ROI and long term value.
To learn more about how MSSPs and organizations benefit from a cloud-delivered security solution, access the Securing Remote Workforces At Scale With Cloud-Delivered Managed Security on-demand webinar.
This post is part of a series on MSSP partners.