MSPs, are you thinking about jumping into managed security services?
A superior MSP technology stack can offer differentiation and the ability to deliver a better service with lean operational costs. However, MSPs have always faced a challenge: choose top solutions in each category or choose solutions that work well together.
Most analysts predict managed cyber-security will grow at a CAGR of over 15% in coming years. This trend is no surprise, considering the global shortage of security talent and the increasing sophistication of attacks on data and business productivity.
Recent attacks on MSPs have confirmed once again that both managed service providers and customers are increasingly targeted by cybercriminals, and the attacks often succeed.
This is a good time to be a managed security services provider—if you believe industry reports about the robust growth of the market. Even if you don’t believe the research, there is plenty of evidence that many organizations are looking for expert help when it comes to strengthening their security posture against a host of potential threats. And service providers can provide that needed assistance.
While rare, every now and then, major cloud providers such as Amazon must ponder interrupting service to reboot parts of their environments. It is a curious thing, and leads to asking, “Why?”
As cloud initiatives shift from cost savings efforts to strategic transformations of IT and the business, CISOs are finding that in many ways they need to completely reimagine their security controls to keep up.
A short while ago, Amazon announced a new offering called Aurora. In a nutshell, Aurora is a MySQL database engine wrapped as a service. It’s relatively cheap, and Amazon handles the nitty-gritty of the thing.
It begs the question, why does it matter? As Amazon declares, it’s the fifth SQL database engine that they have made available. So, why the big deal? It is a big deal because it says quite a bit about how Amazon operates.
First, let’s have a look at the product page:
“Amazon Aurora provides up to five times better performance than MySQL at a price point one tenth that of a commercial database while delivering similar performance and availability.”
In my previous post I raised a flag around the importance of identity and access management (IAM), and how this should be embedded in your overall security planning.
What does identity and access governance stand for?
According to Gartner, it represents "a combination of administration and account provisioning, authentication and authorization, and reporting functions" which is either served from the cloud (IDaaS) as a utility, or implemented internally in a more silo’d approach.
Companies may choose to run a combination of the two in their hybrid environment, where they bring up a secondary IAM system to handle their hosted apps, while continuing to rely on standard IAM for internal applications.
There are many questions about cloud; what is it, where is it, and who’s using it?
The answer to the last one is: “most everyone”. Analysts are a bit short on data because they too are still trying to figure-out this cloud stuff. The straightforward answer is that you are likely already using it.
Does your organization use a service provider for software-as-a-service, platform-as-a-service, or infrastructure-as-a-service? If your first answer is an absolute, “No”, you’re probably wrong.
If you’re a start-up, you’re likely using a Google or Microsoft service, perhaps a hosted customer relationship management system (Salesforce.com, for example), and myriad other cloud-based services.
Distributed Denial of Service (DDoS) attacks have started to grow in intensity and sophistication as more companies rely on web-based applications for their daily business operations. In the past few months, such attacks have become the weapon-of-choice for cyber criminals in every corner of the world because they hardly ever miss their target(s). Taking the analogy further, I would say that these insidious attacks are as precise and merciless as a DSR-50 riffle is for a trained sniper.
What makes DDoS attacks a bad dream for even the most experienced of IT admins is their distributed nature, as the very name suggests. This means that not only one, but a multitude of compromised systems (also known as botnets or bots) seize the target host with simultaneous requests through a breach in the system, which thereby becomes saturated and unavailable to user access.
As an AWS customer, chances are you made a great business decision to move to that model for some or all the following reasons:
Whether you’re a startup or a DevOp in a large enterprise, some of the most compelling reasons to move a business model or develop a business process on AWS is that incredible and versatile infrastructure.
The power and productivity is second to none (well except in the case of the odd outage here and there – but that’s another story). When all is running smoothly, so is your business or your project. The ability to scale and spend according to your delivery model, timelines and needs, while delivering world-class applications and business processes is like no other time in history.
