Go to Top

What to consider when selecting a Managed Security Service Provider

With GDPR coming in next year, organisations need to become more aware of what service providers are doing to protect themselves and in turn protecting you. When selecting a provider, you need to prepared to grill them to ensure you are confident the level of protection your stakeholders and clients would expect is being provided.

A growing trend amongst Irish organisations is outsourcing specific security to managed security service providers (MSSPs). Firewalls, data hosting and vulnerability assessment are just some of the areas organisations now outsource.

The first question you need to ask is are they certified to recognised standards – ISO, PCI, and Cyber Essentials? It is important to know what standards they are working to and ensure they are compliant with GDPR. Data hosting, for example, is a service that organisations usually outsource. Hosting companies will provide their customers with servers which are physically locked which can only be accessed by a select few. This gives organisations a lot of control even though the provider does all the work.  Do your due diligence and find out how effective their physical security system is and how frequently do they test their own systems against possible breaches.

No matter what aspects of your security you outsource, remember outsourcing relieves the burden of managing of security internally, but you are still ultimately responsible for the liability if there is a breach.

Things to consider when selecting an MSSP

  • Choose an MSSP that you can trust if you have never worked with them.
  • Choose an MSSP that understands your customer needs.
  • Choose an MSSP that is financially stable.
  • Choose an MSSP that is flexible and willing to cater for different business needs.
  • Appoint one person or team as a contact point for MSSP to ensure smooth communication.
  • Ensure your employees are aware of the agreement you have within the SLA.

Contact us today to learn how you can become compliant to GDPR with ISO 27001 and Cyber Essentials.

Call Back



Like most websites Certification Europe uses cookies. In order to deliver a personalised, responsive service and to improve the site, we remember and store information about how you use it. This is done using simple text files called cookies which sit on your computer. These cookies are completely safe and secure and will never contain any sensitive information.

They are used only by Certification Europe or the trusted partners we work with. If you continue without changing your settings, we'll assume that you are happy to receive all cookies on this website.

» How to manage your cookies