The Anvil Group and Cisco Systems have formed a security tag team and are building four managed security systems centres. Cisco will provide art switches, routers and other technology, with Anvil responsible for storing and protecting the data that is collected.
The first centre is scheduled to open in Toronto in May, while the three remaining locations are set for North America, the U.K. and Asia. Anvil provides outsourcing of sensitive security data for small to medium size companies, and analysts believe this is a trend that will continue.
“Outsourcing is the trend in the industry, a managed services model,” said Fred Sass, the director of product management for AT&T Canada in Toronto. He believes companies are turning to outsourcing because they don’t have in-house security professionals with the skills needed to manage such complex systems.
“So if I can outsource it to a securities company, they’ll take care of my firewall, updating my firewall rules and take care of the patches on the software,” he said.
Companies like Anvil provide services similar to major players in the U.S., Sass said, and the incentive is to give customers time to concentrate on their core business and IT projects.
Joey Roa agrees with Sass’ assessment. “For a small to medium size company, definitely the outsourced approach (makes sense). A reputable outsourced approach will help you architect the right solution; we’re going to store the information here and here’s how the transaction flow works. We’re going to make sure it is secure from the point of entry to your site to ours and back,” said the Calgary-based security consultant.
Cost is one of the main reasons small-to-medium sized companies are outsourcing, according to Toronto’s Howard Phee, Anvil’s executive vice-president. “A lot of companies don’t have the money to invest to monitor their systems 7 by 24. (It) is a very costly exercise.” The company was approached by its IT clients to provide corporations with one-stop shopping for their security needs, Phee said.
Anvil’s relationship with Cisco is limited to its networking capabilities and technology, and Anvil will continue to own and oversee all the system centres it builds, he said. E-Security in Florida is providing the software intrusion that will sit on top of the network layer.
However there are some issues surrounding outsourcing that need to be addressed, Roa said. “There are still compromises, because while you might not (be able to) break into the storage vault so to speak, (during) the transmission from the would-be-site and the storage vault, there is now another point of entry that can be broken.
“Your company’s network is no longer an island,” Roa said. And while companies such as Anvil provide viable and safe security, there is no disputing that they also create a new entry point for potential hackers, he said.
Sass reaffirmed the notion that security breaches could increase, but the issue is not solely a company’s security potentially becoming more accessible to outside sources. Many are overlooking a threat that has always existed, in Sass’ opinion.
Recent data shows that security breaches are occurring internally, and that customers will need to look beyond just their perimeters for security issues, he said. Firewalls, while capable of providing security, are not the only option companies should be looking at, he said. Sass added that organizations, such as banks, are unlikely to report security breaches.