Print

Comment

Email

Digg

Del.icio.us

Reddit

Twitter

In the wake of economic instability, inadequate security measures and increased regulatory pressures, more and more enterprises are shifting towards adopting managed security services over traditional security solutions.

No doubt the market for managed security services is rising in India and is proving to be the next big trend in IT services.

What it Offers
Today, businesses and corporate across verticals like BPO, telecom, BFSI and retail are increasingly deploying IT enabled business solutions in order to increase their productivity and keep themselves updated with the rapidly changing global IT industry trends. Beyond this, as there has been an enormous increase in the use of Internet across the globe, information security is turning out to be a major business concern for all enterprises. The increase in the online e-commerce transactions, greater access to the Internet and increase in the number of data thefts are driving enterprises towards adopting managed security solutions. The adoption of managed security services has increased over the past one year. Enterprises are increasingly becoming security conscious, and most of them have realized that they need security experts, says Kiran Desai, GM and business head, managed IT services, Wipro Infotech. According to Desai, the major concern enterprises face is in finding security experts. As security experts are hard to find, the enterprises may have to hire a lesser experienced professional, invest time and money to train him; however the employee might quit the company, and hence, the entire cycle needs to be repeated again.

The MSSP helps customers in managing all aspects of IT security by identifying, conceptualizing, deploying, and managing security infrastructure to meet all kinds of business and regulatory requirements of a customer. Based on business requirements, each organization deploys a different level of security solutions to protect its business critical data. As the industry faces stringent compliance norms and security policies, more and more organizations are going for deploying security solutions for their IT set-up. The focus is more on security management than operational side of IT, says Prosenjeet Banerjee, head, global security services, HCL Comnet.

Remote security management includes all aspects of IT security operations done remotely like, security device management, security incident and event management, security compliance management, endpoint security, managed IDS/IPS/VPN, managed firewall, anti-virus and anti-spam, etc. All these aspects are popular models and are packaged to fit into specific requirements of the clients. However, holistic security monitoring and management involving correlation and analysis with SLAs are still to come up in a remote model, explains Murtaza Bhatia, national manager, professional services security & iBOSS, Datacraft.

MSS helps enterprises in monitoring gateway activities and generating reports for internal records. These include keeping a close eye on traffic patterns and port exploitation, thereby, avoiding malicious activities on the web zones. Vibhor Garg, senior manager, network and security division, Religare Enterprises who has opted for MSS over Tata Communications says MSS provide us first level defense against common attacks such as DDOS, Vertical/Horizontal scans, TCP hijacking.

The Market
As per 2008 Yankee report, the global market for managed security services is around $9 bn and is growing at a rate of 26% y-o-y. APAC contributes around 35% of the market share, in which India, China and Japan are the key contributors. Therefore, opportunity is huge. Keeping these calculations in mind, we assume that the market size in India should be approximately, $400 mn, says Sunil Bhatt, CTO, Allied Digital.

India being a growing economy, the domestic market is evolving very fast. Its not just the large corporate but the SMEs as well who are embracing managed security services in a large scale today. With IT being the backbone of most businesses, it is of utmost importance to secure the environment and protect the infrastructure.

With recent cases of hacking, frauds coming into the light, information security has become a pressing concern for CIOs. Many organizations report financial losses due to security breaches resulting in business loss. There is therefore, a growing demand in the enterprises to effectively monitor, detect, report and respond not only to the new security threats, but also to the existing vulnerabilities in corporate IT systems and applications. Additionally, compliance and regulatory requirements are making it compulsory for the enterprises to adapt to latest security technologies and services, to safeguard their core business interest.

With the advent of new technologies, increasing IT complexities and exposure to various stakeholders, enterprises have taken cognizance to this fact and are looking up to service providers to deploy best-of-the-breed solutions, says Banerjee. According to Bhatia, compliance and assurance are the two key important factors driving these services. Customers are evaluating the offerings provided by multiple service providers and SI in the domestic market. In the current market, where nearly everyone is looking forward to cut the cost and focus more on key business to keep it up, such services helps them precisely meet the objectives. Also the professionally managed and monitored security infrastructure helps the client in improving the availability of the infrastructure along with productivity, he adds.

The Trend
As the market for such services are picking up, the technology offering and solution trend is fast moving into a maturity stage as well. We are very focused on providing our client end-to-end services and offerings. Management services helps us offer the same to the client, where we take control of all the client day-to-day operation and management headaches, allowing them to focus on their key business initiatives leaving IT headaches to us, informs Bhatia.

Wipro, on the other hand, offers flexible service models based on the requirement of the customer and the feasibility of solution in a customer environment. HCL offers a holistic service through expert consultation, designing and implementation, management and monitoring of the entire security environment of its clients.

Primarily, it is either completely an onsite service model, wherein, we have Wipro resources, tool and processes deployed onsite, or the remote service delivery model, wherein service delivery happens through our remote delivery facility, GSMC. However, in most scenarios, we offer a combination of both models to provide the required flexibility,thereby, leveraging on investments done by our customers, explains Desai.

Latest trends in the industry include deployment of endpoint security to secure user level points in the networks. Network Access Control (NAC) is another technology, restricting access to a corporate network based on identity or security posture. Another trend thats picking up in the market is the adoption of identity and access management technologies that enable organizations to establish, administer, control, restrict and audit user access to IT services and resources and business knowledge. Mobile security technologies are also catching up fast in the organizations to face the challenge of addressing the unique security needs of a mobile employee environment, says Banerjee. Centralized password solutions like Password Vault, is also seeing the demand in the market to support, the need for mobile IT workforce and support team, he adds.

One key business model that is seeing an increased adoption today is the concept of outsourcing the service component. Slowly with the increase of cost of owning an integrated solution and at the same time maintaining the same, the enterprises in India are opening up to the option of outsourcing the solution itself to the service providers. Services like hosted secured email security solution, managed authentication solution etc are now gearing up in the market.

Although governance and compliance (with risk management) requirements have been clearly voiced by the market for some time now, the important trend here is that corporations are looking to address the compliance mandates by using a unique set of products and services to create a customized, ongoing compliance objectives administration framework. This very visible trend is rapidly helping OEMs, system integrators, managed security players, and customers to work together to create industry-specific comprehensive governance and compliance solutions.

Piyali Guha
piyalig@cybermedia.co.in

Page(s)   1