Security Risk Solutions is one of the established information security services providers in Kenya. The company is making a transition into the provision of managed security services (MSS). Large IT security companies have provided this kind of service to enterprise customers but this has now been restructured to include offerings to small and medium businesses (SMBs). And since SMBs are some of the biggest adopters of cloud services, meeting information security requirements in these environments through MSS provides a significant reduction in capital expenditure. At least 14% of an SMB’s IT budget is spent on the cloud according to a report published by Spiceworks. A further 11% is spent on managed services.
Through a tripartite partnership AccessKenya Group, Security Risks Solution Limited and Internet Solutions Kenya Limited will be offering an MSS solution capable of full deployment within seven days after an audit. The solution helps organizations identify critical IT assets in their environment providing a complete view of the business’s threat landscape.
“We are introducing MSS as a single vendor solution with access to modules such as automated monitoring, Visibility, control and oversight, Cost savings, Reduced risk of obsolescence, flexibility and Security compliance. By deploying MSS, hosted on the AccessKenya and Internet Solution cloud, an organization will be able to free up critical human and financial resources”, says Loren Bosch, the Head of Managed Services at AccessKenya and Internet Solutions.
MSS, he explained addresses one of the major failings affecting highly vulnerable environments and sectors such as banking, insurance and government revenue centers and that is non detection and reporting of incidents before they become crises. The solution is able to capture real-time logs and alerts of manipulation of electronic files and any attempts to circumvent IT controls. Instead of bundling this huge volume of data into dormant silos, SRS channels this into their product which creates workable reports which can help in incidence response and the creation of pre-emptive solutions to imminent attacks.
Manatosh Das, a research analyst at Forrester notes, “Scarce internal security skills and a dearth of deep technical specialists in the labor pool are ongoing challenges for organizations around the world. This not only raises the cost of staffing and severely restricts efficiency, it may also increase the costs of security breaches by giving cybercriminals more time to carry out attacks undetected.”
The scarcity of security personnel is more so felt by SMB’s who are sometimes unaware of the need for IT security structures or if this exist, they are largely limited by constraints on the budget. By offering an SaaS security product, SRS hopes to reduce the business challenges of deploying cybersecurity solutions.
“Contracting with a managed security service provider (MSSP) can help improve your security posture without making large upfront investments in technology and resources,” says Manatosh Das.
The BYOD trend and the movement of more and more business operations to the cloud introduce new threat vectors to organizations’ IT infrastructure. In 2013 over 71 percent of all attacks were directed at end user Devices and Personal Computers and another 51 percent targeted server systems for weaknesses.
“As the bring your own device (BYOD) trend continues at the workplace, we shall continue to see information security risks being exploited both from internal and external vulnerabilities such as poorly deployed business applications and downloads”, said Jason Finlayson, Director Security Risks Solution.
According to Finlayson intrusions are rarely discovered in time by the victim, not until they are locked out through highly evolved theft of authentication credentials or malicious takeover of genuine applications.
“This means that organizations need to treat privacy as both a compliance and business risk issue to reduce regulatory sanctions and high impact security events that may lead to reputational damage and loss of customers due to privacy breaches”, he explained.