Try the new FT.com

June 15, 2005 8:38 am

Make it someone else’s problem

  • Share
  • Print
  • Clip
  • Gift Article
  • Comments

Trying to stay ahead in the network security race is a time-consuming and often thankless task for IT directors, so an option worth considering is outsourcing to a third party.

Managed security services are receiving a lot of attention, particularly from companies in sectors such as financial services that are facing stiffer regulatory compliance requirements.

In the past, companies adopted a do-it-yourself approach to internet security using firewalls and tools such as anti-virus scanners. But  hackers have become a lot more sophisticated and networks today are under attack from a greater variety of threats. Spyware, for example, has turned into a major headache for corporate help desks while phishing attacks cost US financial services firms up to $400m a year, according to Financial Insights, part of the IDC research company.

"The volume of scams on the internet has increased dramatically," says Bart Vansevenant, director of product marketing at Cybertrust, a leading managed security service provider.

The growing burden of network security has led many IT chiefs to recognise that they do not have the necessary resources properly to run and maintain security systems themselves.

“We used to rely on a simple scanning engine and desktop anti-virus tools. But it was a chore keeping them up to date and it is very difficult for a company such as ours to provide the necessary resources for security,” says Edmund Comber, manager for IT security at Rothschild, the investment bank.

So, Rothschild decided to outsource its e-mail to a managed service, operated by MessageLabs, a leading UK-based provider. The MessageLabs infrastructure intercepts any e-mail bound for Rothschild. Viruses and spam are filtered out and only legitimate e-mail is forwarding on to Rothschild’s mail server.

Compared with the do-it-yourself approach, managed e-mail service providers claim to be much better at filtering known pests and, equally importantly, spotting new types of threat that cannot be detected by traditional anti-virus software.

Symantec, the US security software specialist, claims that 25 per cent of the world’s e-mail traffic passes through its network. That gives the company an unrivalled ability to detect new threats, according to Grant Geyer, vice president for managed security services at Symantec. For example, one of the most recent threats has been the rapid growth of phishing attacks. At the end of December 2004, Symantec’s anti-fraud filters were blocking over 33m phishing attempts each week, up from 9m a week in July 2004.

Another advantage of managed security services is that they also filter outbound traffic. That allows companies to stop employees innocently - or otherwise - sending e-mails to suspect destinations. If someone is sending an e-mail to a known hacker, the firewall will never detect it but we can from outside,” says Mr Geyer.

But for many businesses, perhaps the biggest attraction of managed e-mail services is that they can significantly reduce the barrage of spam they receive today.

According to BlackSpider Technologies, a European provider of managed e-mail services, for every 500 people in a company, the equivalent of three full-time jobs are taken up by clearing spam from inboxes.

That is because spam is harder for businesses to filter than viruses. You cannot just install a spam filter and expect it to work, as it has to be continually tuned to ensure that the filtering is not too lax or, conversely, that legitimate e-mails are not getting blocked.

Outsourcing e-mail to a service provider can also reduce the significant “hidden” costs of spam, namely the extra infrastructure that companies have to deploy to handle unwanted e-mails.

E-mail is not the only way viruses and other pests infect corporate networks. Indeed, the widespread publicity of the  risks surrounding e-mail communications has caused hackers to look for other ways to enter corporate networks.

“The e-mail vector has commonly been used by the ‘bad guys’ but lots of companies now protect themselves very well from e-mail threats so the bad guys are looking for other, softer targets,” says Mr Comber of Rothschild.

For this reason, Rothschild signed up for a second managed service from ScanSafe, a UK-based managed security provider, which has MessageLabs as one of its backers. The ScanSafe service filters web-borne viruses and other pests that try to enter Rothschild’s network using a different communications port from that used by e-mail and so would go undetected by conventional e-mail scanners.

Technically, the ScanSafe service looks out for suspicious internet traffic that uses the FTP and HTTP protocols, which are used for file transfers and web pages, respectively. A conventional e-mail scanner  filters traffic that uses the SMTP e-mail protocol.

Rothschild has only been using this service for a couple of months but in its first month it detected 500 possible attacks corresponding to 35 distinct web-borne threats.

Mr Comber says managed security services offer several advantages over the do-it-yourself approach to network security, not least the peace of mind from knowing that the network is no longer being constantly bombarded with viruses and hackers trying to find “back doors” and open ports.

Proponents of the managed service model go further and say outsourcing security can be a lot cheaper than the do-it-yourself approach because companies do not have to spend money evaluating, purchasing and constantly upgrading their own anti-virus and anti-spam software.

Nevertheless, Mr Geyer of Symantec admits few companies are prepared to dispense entirely with traditional measures such as anti-spam software and firewalls, and he prefers to see the two approaches as complementary.

Copyright The Financial Times Limited 2017. You may share using our article tools.
Please don't cut articles from FT.com and redistribute by email or post to the web.

  • Share
  • Print
  • Clip
  • Gift Article
  • Comments
SHARE THIS QUOTE