The explosion of information that has characterized the Age of Technology means far more than having a virtual encyclopedia on every topic imaginable available at a moment's notice 24 hours per day. For SMBs, it has also meant a bewildering multiplicity of software programs that purport to offer IT security. According to recent surveys of this programming realm, there are more than 1,000 different vendors of IT security products, and the products themselves fall into well over a hundred different categories, encompassing such issues as encryption, firewall protection, and anti-virus.
Choice is certainly a good thing, but too much choice can tend to be paralyzing when SMB owners and managers are not themselves experts in the IT arena. John Muir, who runs a business that helps the US federal government find IT security providers that will meet its needs, concurs: "A lot of these products are getting pretty sophisticated and you have to have a pretty thorough understanding of what you're actually seeing to get the utility out of it. I would want to make sure that their strong points align with the risk profile… established for a given, particular company."
Muir sees great merit in a managed security approach for businesses, acknowledging that in many organizations, it is simply not possible to hire an internal expert for each type of IT security. Expertise in all of the major categories, however, is available under one roof if SMBs instead go the route of contracting with an IT company to provide computer security services for them.
Yet Muir cautions such businesses to do their homework and carefully vet any IT services providers under consideration. Nor is it a good practice, he says, for organizations using managed services completely to "abdicate responsibility for what happens on their network." Instead, businesses should take pains to work cooperatively with their managed services provider, staying involved and informed with the security decisions undertaken on their behalf.
Managed security is also an excellent first step for companies that may be considering transitioning some or all of their operations onto the cloud. By starting first with a managed security model, such companies can become used to working with an IT company providing remote services. The arrangement will also provide them with a logical and comfortable point of contact when they are ready to begin exploring the various cloud solutions that such a company can provide.