in this video, we're gonna look at the benefits security as a service, then contrasted with the concerns that seconds brings
security as a service, is a cloud based service. And ask that you start off with all the potential benefits that cloud computing generally brings. This includes things like reducing your capital expense costs, having redundancy within the infrastructure to provide high availability. You have lots of resiliency is
parts and pieces may failure. There's other parts and pieces to back it up.
The degree of these specific benefits is gonna very depending on the specific SEC gas provider that you're using.
Keep in mind, companies have a tough time finding motivated individuals with cybersecurity expertise. So this is people like you getting the training listening to this video right now, and rather than have to pay for a bunch of headcount of these individuals
when you use a cent gas service, you gain the benefit of these expertise and having all these different cyber researchers there
that are focused on the security domain. They're going really deep in these areas, but you don't have to actually hire a full time employee or its team of full time employees you're kind of outsourcing that competency, and it's very powerful for a smaller company to be able to tap into this. Even midsize companies who may not have the
the staffing requirements needed for the expertise building
and the seconds providers are gonna have multiple, different clients. So this puts them in a really interesting in good situation to share intelligence data between one client and the other. For example, one client make it hit by some new virus or some sort of a zero day exploit. And the provider can tag that signature of the virus and create alerts
that other customers can have
so that they avoid getting the same. Fate. Common with other cloud benefits is deployment flexibility. And since that gas has delivered over the broad network, this allows for deployment across many different geography. Ease without the overhead of managing separate install bases or numerous physical devices at your different sites
as long as they have a network connection.
And as long as the Seconds provider has the appropriate performance and network late and see concerns are all figured out, you can quite easily deploy this to your different sites. Another benefit is insulating the client. So your network traffic is gonna get routed through the seconds provider themselves, for example,
when you're doing e mailing or if you're using a Web application firewall, which we'll talk about more in later videos
and this by routing it through the seconds provider, it can absorb a lot of the attacks before they actually get to the client assets or the customer assets. In this case, you being the client, you being the customer. And finally you have scaling and costs, which kind of comes to that staffing and expertise and a little bit more because it's a SAS model you're gonna be paying as you go.
So when you're smaller organization,
the minimum cost to get headcounts a five security experts maybe ah, whole lot more than if you were to use a sink *** provider and leverage the expertise that they bring with themselves. Now, of course, when you get larger, the cost to value of using this kind of service may
start to go over the line, and it might actually make
sense for larger company to employ their own full time staff and pay people to be dedicated and have expertise instead of relying on the second software. It's really that return build, verse by type decision that each company needs to make to determine
how much focus they want on their core bread and butter products and services
versus spending and investing time and effort. So what are some of the concerns? Well, lack of visibility. This is really a corollary to having the benefits of getting that expertise without requiring direct staff is you're gonna lose director visibility into the day to day decision making
of the staff. Their research is what they're looking at, right. You also want to make sure
to touch on the topic of evidence collection even before you make any sort of engagement with the provider and come to any sort of agreement. Having evidence collection is going to be very important in the case that you need to pursue some sort of prosecution that seconds provider needs to provide you the evidence,
give it to you so that you can then submit it as evidence and be mindful of the chain of custody as well. We've talked about this and
prior models, so I'm not gonna get too deep into it. again, there's regulation differences. The provider may not be able to ensure compliance, and all the jurisdictions that it's operating is a follow under regulation Differences. How regulated data is handled in different territories for different types of customers for different types of employees can also be impacted.
For example, the level of employee monitoring allowed in Europe
is much more restrictive than the kind of monitoring you can do in the good old US of a. So if you have one seconds provider and you have employees in both countries, there's gonna be some considerations from a legal standpoint of what you're doing in the capabilities that that Seconds provider is is giving you
another concern is data leakage. The data is obviously highly sensitive, for example, with their examining emails or monitoring Web traffic. And we've talked about intended isolation in the past and that being a key responsibility of any provider.
But with this sensitive data that really requires some good, strong multi tenant isolation and segregation amongst the tenants, you want to be really confident that your seconds provider is going to give that to you.
Changing providers, you know, lock in is a general concern In this case, the provider may have data you need to retain for prolonged periods of time. So you want to leave the provider? They say, Well, we have the data that you need for Maybe you have a long running case and you're prosecuting something that started 34 years ago.
Make sure your agreement addresses your ongoing right to get access to that data, or at least some sort of right to export
and retrieve your own copy of the information from the seconds provider. In the event that you do decide to change who you're using at a later point time and then finally migrating in two seconds because you probably have some sort of on premise, security teams, processes and procedures those individuals need to be engaged in understand
What is the second provider?
How does it integrate within their work? Where is the line can be drawn between what they're responsible for looking at and monitoring versus with the seconds provider and that software solution and how it's going to integrate with the monitoring process and system.
It's a quick video. Let's do another quiz.
What is not considered a benefit of sec *** insulation of clients cost savings, deployment flexibility or intelligence sharing. Think about it a second. Okay, so this one's kind of a tricky answer. You have to really be paying attention to the details. The answer is B cost savings.
So you may recall, I was talking about pay as you go and
the value of having a smaller organization being able to leverage a lot of expertise, talent and be able to focus on building their business. But for a larger organization, seconds services may not make sense, and you're gonna look on the specifics of the situation, but you may end up paying a whole lot more
then it could otherwise cost to bring on a full time staff
or equivalent that can provide these kind of services or provide some sort of augmentation internally to improve your monitoring and increase your security posture.
In this video, we went through the benefits and the concerns related to second guess the pros and cons