What is the SLA for updating security policies for change requests or security protections?
Question No. 5: What is the service-level agreement (SLA) for updating security policies for change requests or security protections when new threats arise?
One of the challenges of security is the constant changing threats that can attack from anywhere on the planet. New attacks and threats occur every hour and the primary challenge of running security operations centers is staying ahead of those threats. What is needed is centralized management to click a button and propagate consistent security protections out to every device, every asset and every location.
Roughly 90 percent of network security breaches happen on systems where a known patch could have prevented that breach. Most providers will have SLAs defined, but one must check references and make the vendor prove that they deliver on their SLAs. They must take the business of protecting your data very seriously. They also should not price gouge if your change requests exceed your monthly quota.
The client has given up operational control but not the risk. They should demand the most from their vendor to take that risk seriously and deliver on their SLAs.
Question No. 6: How often does the vendor update firewall rules and policies?
One must have frequent updates to security policies and protections in order to stay ahead of the threat. The TCO of any system is how often you have to touch it. Security by definition implies frequent updates and forever. Centralized management and proactive SLAs ensure staying ahead of the threat and delivering business agility. Security managed correctly can be a business enabler.