Arguments for and Against Outsourcing Computer Security Services – Research Paper Example
Outsourcing Computer Security Services Outsourcing Computer Security Services Arguments for and Against Outsourcing Computer Security Services
Computer security outsourcing is an intricate practice and has its benefits and risks. Many reasons are often presented in support of it while others argue against it. One of the many reasons that a firm should outsource computer security services is the costs involved with having its own security systems on its premises. There are numerous costs associated with this, including costs of the IT infrastructure necessary, technical support, training, software licenses, and costs of compliance with public authorities, not to mention operations and maintenance. In support of outsourcing, it has also been argued that it makes it possible for a firm to have access to the latest technology (Siepmann, 2014). This is easy to agree with, considering the rate at which computer software and hardware are becoming obsolete, which makes it necessary for any firm to adopt an approach that keeps its technology up-to-date.
No system security manager, for instance, would wish to purchase expensive system security software and hardware, only to have to meet upgrading costs a few months later. Another reason why a firm should outsource is the high-quality staff kept by IT security consultancy companies. A company that offers computer security services maintains highly trained security experts because that is its only business. This removes the threat of hiring a person how is missing some qualification on full-time terms. Providers of these security services have also been known to have diverse security resources, which they provide to their clients based on the specific needs of each client (Siepmann, 2014). This brings the advantage of security resource flexibility. Finally, outsourcing eliminates the burnout burden on internal employees, who need to focus on their specific responsibilities. In addition, an internal staff member might not focus fully on the security role because other responsibilities always come up.
While there are numerous benefits associated with outsourcing computer security services, there are risks involved, which have to be taken into consideration prior to decision making. One of the major risks associated with outsourcing is the loss of control of critical IT functions, which may make a firm vulnerable to the external environment. For instance, outsourcing a router means that another organization monitors the firm’s traffic and may decide what to or not to filter. This means that the firm must have great confidence in the service provider that it will meet its most critical needs. Another risk involves the confidentiality and privacy of sensitive organizational data, which is exposed to the external environment (Jammalamadaka, et al., 2013). This is a huge risk, considering that even security service providers operate in the wake of huge security concerns, such as highly sophisticated hacking. Security service providers have also been known to limit a firm’s flexibility because they sign firms up to their security systems and software. Sometimes this may involve a contract, which would limit a firm by seeking help from other companies even if efficiency goals are not met.
Comparison of Computer Security Firms
In the last one decade, companies have discovered the advantage of using cloud services as a way of outsourcing computer security services. Two of the world’s largest players in this field include Microsoft and Amazon. Amazon has operated its Amazon Web Services (AWS) as its cloud platform which business organizations seek help in when they need to outsources network and system security services. One of its biggest competitors is Microsoft, whose cloud platform is known as Azure. These two platforms have some important differences, which any firm would like to consider in seeking computer security services. One of the key disparity between the two is that, while Windows allows one to operate other software, such as VM on Azure, Amazon does not give that provision for free (Winkle, 2015). One has to pay for a license key in order to have what is referred to as license mobility, which is an additional cost. Amazon even lists the applications that are eligible on its platforms, such as the Amazon EC, which is a PaaS (Platform as a Service).
However, the company is making efforts to innovate into a cloud hybrid that will allow users to interoperate across operating systems, even those bought from competitors like Microsoft. Azure, however, may have an edge when it comes to compliance because it has advanced its Azure to make it viable for government agencies. In this regard, it has been established that it is ahead of Microsoft as far as compliance is concerned, which rids off or reduces compliance costs for its customers, such as the firm seeking security services. On the other hand, Microsoft has a higher level of compatibility, considering that it is the largest seller of operating systems for businesses in the world (mainly for normal users, not counting server OS’s). This gives it an edge. Azure, however, has the benefit of being the most suitable for open source users (Winkle, 2015). For this reason, it would be preferable for a firm seeking network security, operating with Linux on its servers.
Jammalamadaka, R. C., Gamboni, R., Mehrotra, S., Seamons, K., & Venkatasubramanian, N. (2013). A middleware approach for outsourcing data securely. Computers & Security 32, 252-266.
Siepmann, F. (2014). Managing Risk and Security in Outsourcing IT Services : Onshore, Offshore and the Cloud. Boca Raton, FL: CRC Press.
Winkle, W. V. (2015, Jan 31). Microsoft Azure vs. Amazon Web Services: Cloud Comparison. Retrieved April 09, 2015, from http://www.tomsitpro.com/articles/azure-vs-aws-cloud-comparison,2-870.html