The downside of offering managed security services

Managed security services (MSS) are all the rage in the security channel and for good reason. As margins on security products continue to diminish and customers have less time to focus on security activities, being able to provide a monthly solution that alleviates the pressure on your customers is a good thing, right?

For the most part it is. Customers are increasingly receptive to outsourcing some facets of security, like email scanning and firewall/IPS monitoring. But does that mean you should run headlong into the wild, wooly world of managed security services (MSS)? The answer is probably yes, but before pulling the trigger consider the following issues.

Of course, what's good for the customer can be bad for the service provider. It's not like you can go back to the customer and ask for more money in the middle of the contract. Moreover, these markets are so competitive that you'll have no pricing power. So as volumes increase, you will need to keep pace.

There are a lot of reasons why offering manage

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Security Channel Issues & Commentary The pros and cons of offering specialized security services PCI compliance: Web application firewall vs. code review How to leverage integrated security and storage Making the most of selling antivirus services Should VARs embrace the monoculture? How to recession-proof your information security business Top five security service provider tips of 2007 How to maintain healthy relationships with small security vendors Incident response services: A five-step program for security VARs Find the best security engineers for your managed services More resources How to recession-proof your information security business What are considerations for VARs offering managed security services? Information Security Service Provider Concerns Survey: Financial services sector may soon start spending on security HP partners with Fortify Software for secure application lifecycle offering New IBM-Avaya partnership to cover unified communications security AirPatrol launches wireless security partner program IBM launches social networking community for partners Kaspersky Lab and Juniper Networks extend affiliation SonicWall announces new managed service provider program Merging the channels: McAfee and Secure Computing half a year later Offering cloud computing security services to customers Event log management programs boosted by standards, survey finds

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary

d services to customers is a good business move -- tighter relationships, monthly annuities and providing a lot of value to customers top the list -- but I hope this discussion has given you a greater appreciation for the risks of getting into the business, as well.

Entering MSS is a significant investment, and one that should be analyzed carefully. A less risky play would be to OEM a provider's services. This will get you out of the infrastructure and 24/7 support business. Many of the independent MSS players offer a private label option, which may make more sense for your situation. It's certainly something to consider.

About the author
Mike Rothman is president and principal analyst of Security Incite, an industry analyst firm in Atlanta, and the author of The Pragmatic CSO: 12 Steps to Being a Security Master. Get more information about the Pragmatic CSO at http://www.pragmaticcso.com, read his blog at http://blog.securityincite.com, or reach him via e-mail at mike.rothman (at) securityincite (dot) com.