Turning over management of its data centre to a managed IT service in the last year is saving commercial real estate company Colliers International on its insurance costs, according to its CIO.
Colliers is among the customers
who have signed managed security contracts with Fusepoint Managed Services Inc. and Bell Security Solutions Inc. (BSSI). The two firms are providing a range of services including data backup, firewall security, intrusion detection, managed hardware, database management and end-to-end monitoring and reporting.
“It does give us leverage in negotiating rates,” said to Colliers’ chief information officer, Rennie Fisher, adding that the agreement is also saving the firm between 10 and 15 per cent of its IT budget. “That’s fairly significant for us.”
Eliminating the risks from physical disruptions such as power outages, as well as hacker incidents, were also factors in signing on with Fusepoint-BSSI, he added.
“Those would be the issues that would worry us,” Fisher said.
The Fusepoint-BSSI service is designed to guarantee the performance of mission-critical applications in the face of power outages, natural catastrophes, security threats and acts of terrorism.
Stephen McWilliam, Fusepoint’s vice president of channels, agreed that insurance companies are beginning to ask their clients questions about the security of their servers.
For instance, if a server is on a building’s third floor, with the company café above it on the fourth floor and restrooms on the fifth, that poses a potential risk of water damage.
“All of a sudden, the insurance company is very interested in where the nearest water source is,” McWilliam said in an interview. “The fact that there’s no water on the raised floor is of great interest to an insurance company.”
But the threat of water damage is only one of a wide range of risks that are virtually eliminated using IT security services.
McWilliam said that recent terrorist actions have raised the awareness of many customers about the risk of security threats.
“Customers are telling us that business continuity and security go together,” McWilliam said.
It isn’t enough to simply pick up a firewall from Radio Shack, McWilliam said.
“People are starting to get that this isn’t about technology,” he said. “It’s not about the firewall.”
Merely detecting threats isn’t sufficient, he said.
“There are 120,000 alerts per day slamming into our intrusion detectors,” McWilliam said. “What do you do, and which ones do you worry about?”
Patch management, one of the services Fusepoint provides, has grown in importance due to the “zero-day” problem.
Previously, there was a six-month delay between the identification of a software vulnerability and its exploitation.
“It gave vendors lots of time to come up with patches,” McWilliam said.
These days, attacks can come the same day that vulnerabilities are discovered.
“Instead of 180 days, we’re down to zero days.”
As well, some businesses are vulnerable even though patches are available: “The reality is that patch management is a full-time job.”
Hiring a managed IT security service is also cost effective, McWilliam added.
“I can do it for a customer a lot cheaper than they can do it themselves, because I’m doing it for 400 customers,” he said.
BSSI and Fusepoint have also recently signed contracts for managed IT security with Maple Leaf Foods, Cossette Communications, Hospitals of Ontario Pension Plan, the Just For Laughs Comedy Festival and Tim Hortons, among others.