What is Managed Security And Why Do You Need it ?
May 16, 2018 Published by Rajesh Goel
What is managed security?
A lot of companies, thought leaders and vendors are talking about MANAGED SECURITY and MANAGED SECURITY SERVICES PROVIDERs (MSSPs) – but what are they?
Simply put, MSSPs keep an eye on your security systems (firewalls, routers, log collectors, SIEMs, Antivirus and Antimalware dashboards) and either alert your in-house team to take actions or they resolve the issue for you.
Why do you need it?
In the real world, we all have managed security. For most of us, that’s the local police department – they monitor the cameras, patrol the streets, keep an eye out for known bad guys, investigate crimes and arrest the perpetrators. Just by existing, good police departments lower crime. For some of us, managed security is enhanced by installing an alarm system, hiring security guards, etc.
When it comes to managing corporate networks, firms used to rely on their internal IT team or their outsourced IT consultants. That was an acceptable practice for most companies 10 years ago. Today, we know that IT operations management is significantly different from IT Security Management.
The IT Operations team are firefighters – they spend most of their time putting out fires, and if they are lucky (and properly resourced), they implement fire prevention.
IT Security teams are more akin to Armed Guards – they deter bad actors from committing crimes by increasing your security posture, or they work like CSI – they look for clues as to what happened and assist in catching bad actors or preventing problems from occurring again.
What services does Brainlink provide?
Brainlink provides all three services.
Brainlink’s MSP (Managed Services Practice) provides IT Operations management. We manage your routers, firewalls, servers, email, databases, desktops, printers, etc. Our job is to keep things running smoothly.
Brainlink’s MSSP (Managed Security Services Practice) enhances our MSP practice AND augments your internal IT team by providing additional security enhancements. We can implement our own SIEM in your environment for collecting log data and analyzing it daily and/or we can manage your SIEM (iView, Splunk, etc.). We proactively manage your security posture by increasing systems security, active remediation, penetration tests and network security testing. Whether your systems are in-house, in the cloud or a mixture of both, we can help.
Brainlink’s COMPLIANCE services leverage Raj’s expertise as a CISSP who has worked on HIPAA, PCI-DSS, NIST-800, ISO27001, SEC, FINRA, GDPR and other regulations to help you develop better policies, procedures and deal with regulators.
Brainlink’s SOPCULTURE practices and approach enhance all our offerings, increase your operations resilience, improve your security posture and lower audit costs by giving our team, your team, regulators and attorneys structured documentation on IT, Security and Operations practices.
WOW – that’s a mouthful. What does it mean in plain language?
A) You can hire our MSP practice to work with your existing IT staff or you can fully outsource your IT management to us.
B) You can hire our MSSP practice to improve your security and keep an eye on things 24x7x365.
C) If you need to comply with data privacy regulations, you need good compliance attorneys and good compliance IT experts. We’ll work with you, your attorney (if you don’t know good data privacy compliance attorneys, we can introduce you to good ones!) and your management to update your policies, and help you pass mandatory or required audits.
D) We know that most people do good work – and most people suck at writing useful process documentation. In many cases, the process documentation is either missing or really, really outdated.
Brainlink’s entire team is trained in SOPCULTURE and we bring that with us to every task.
- We WILL document our work.
- We WILL share that with you.
- We CAN train your staff.
At the end of the day, adopting SOPCULTURE makes your company stronger, more profitable, more effective and just plain, better.
Meet your MANAGED SECURITY (MSSP) & COMPLIANCE Team
- Raj Goel
Raj has been involved in cybersecurity since 1996, and an active CISSP since 2002. When he’s not busy running Brainlink or writing books, you can see him on TV (CNBC, Bloomberg, Fox Business, Columbia Journalism, etc.) discussing cyber-safety and cyber-privacy.
Raj built the Brainlink MSSP practice and has recruited Charles to add even more heft to the team.
Raj is a CISSP – which means he can help you develop policies, talk to lawyers, cops & regulators. His hobby is reading privacy regulations and educating lawyers about data privacy. He speaks the language of cost-containment, risk mitigation, regulatory arbitrage, etc. Yeah, we don’t understand what he says most of the time either, but he keeps the lawyers happy, so that’s a good thing.
- Charles Rawls
AWS-PSA, AWS-DevOps, CCNA,
CCNP, CheckPoint vSec,
Sophos Certified Arch, E10K, E25K,
Sun Storage Architect, CrossBeam Architect
Charles holds (or has held) certifications from Cisco, Checkpoint, Microsoft, Amazon AWS, Sophos, etc.
He helped build data centers for Ross Perot at EDS, major banking systems in Panama and has worked with institutional investors, hedge funds, banks, internet startups (Priceline, College Humor, women.com, Hearst New Media, etc.), healthcare and many other industries in his 40+ years in the industry.
He serves as a senior mentor to the Brainlink team and actively implements strong security practices at our clients.
- Want to know if your staff is spending too much time on Facebook or watching Netflix at work? We provide you with daily reports on internet activities.
- Want to know if some malware or attacker is loose on your network? We setup early-warning tripwire systems that send out silent alarms when we detect unauthorized or unexpected activity.
- Need to know if your Windows servers & desktops are behaving appropriately? We enhance your windows networks with our comprehensive logging and analytics platform. Our machine-learning intelligence platform is very, very good at separating the wheat from the chaff. Want to improve your company’s security and ensure long-term success? We have deep experience in network segmentation, AV isolation, secure wired & wireless practices.
- Need help implementing NIST-800 recommendations, complying with SEC OCIE mandates, the latest changes in PCI-DSS or making sense of GDPR – Raj & Charles have combined 60+ years of experience in implementing these. Whether you’re a $400M AUM fund, a $900M construction firm, a construction firm that works in five states, a $4B retailer, a $30M manufacturer, a website with 600M users, or an app with 50M downloads we’ve been there, done that, got the t-shirts to prove it.
Let us help you succeed!