Many enterprises recognise the benefits of outsourcing their complete IT requirements to one of the large systems integrators or managed service providers. It allows them to focus on their core competencies and most likely provides cost benefits. It does, however, come with a degree of risk. You are 100 percent reliant on the outsourcer. If they fail, so does your IT. If they do not perform as required, no SLAs or compensation can remedy the potential damage.
Balance risk, cost of ownership, flexibility and quality of service
Large outsourcers build product portfolios using technologies from their vendor partners. These vendors, in turn, often license technologies from other vendors, especially in the information security world, where it is common practise to use third-party detection engines and security intelligence feeds. This creates a patchwork of complex supply chains and relationships, with the responsibility for support and SLAs getting diluted or passed from contractor to sub-contractor. The resulting service delivery chain often makes it difficult for the large, controlling outsourcer to be adequately flexible and cope with their customers’ needs. In today’s business environment where IT has become a strategic asset, they require their applications and infrastructure to be agile in order to allow them to adapt, move quickly, and remain competitive in their markets.
After years of mixed experience with the single, monolithic outsourced contract model, many companies are considering a new approach. They are mitigating the risk of over-reliance on a single vendor and gaining flexibility by breaking up these contracts, moving to a new model that involves working with multiple vendors and potentially insourcing some IT functions. This does, of course, necessitate expanding the IT function to enable you to manage multiple vendors. The benefit, though, is that the quality of service you receive could improve significantly.
Acquire best-of-breed security
Most enterprises recognise the benefits of best-of-breed information security and most large outsourcers will create a portfolio of products from multiple companies, so it is likely that, if you do outsource your security, you will be taking a best-of-breed approach with respect to technologies. However, security is also about processes and people, and do you really want the company that is managing your infrastructure and applications to also be responsible for securing them.
If you do choose to use multiple providers, you now have the opportunity to acquire your best-of-breed security products and services directly from the original vendors or through their channel partners. Choose carefully though, because, even when acquiring products and services directly, you might be buying into technology that the vendor has licensed from a third-party. As previously discussed, this is a common practice in the information security world. You could find that even sourcing directly from a vendor, you are still reliant on their relationships and support processes with their third-party suppliers.
Choosing the right email security supplier
When it comes to an email security service, most SaaS providers will manage the infrastructure for all their customers, which brings significant total cost of ownership benefits. They do, however, leave the policy configuration and reporting in the hands of their customers, and for good reason – most want to maintain control themselves. For those with a propensity for full outsourcing of IT administration functions, email security providers will typically offer a fully managed service through a partnership with a systems integrator or managed service provider. Few provide a fully managed secure email gateway service. Those that do can control your complete email security, from simple change management to the infrastructure software and all aspects of threat detection. This ensures that when you require any email security task be done, it is 100 percent owned by a single provider.
Find out more about Cyren Managed Secure Email Gateway.