Jiri’s Notepad

Handy checklist for selection of managed security service:

Experience

• How long has it been in business?


• What kind of customers does it have?


• Has it got reference sites?


• Does it use contractors?

• What is the response time to incidents?


• Is there a firewall uptime guarantee?


• Are there performance tracking and reports systems?


• Are there penalties for poor performance?

• Is there a call-out rota or are centres actually manned 24 hours a day?


• Staff accreditation: Is there rigorous vetting?


• How many employees are accredited in the applied technology?

• Is it scalable?


• Does it provide continuity and integration?


• Does it rely on internet connectivity?


• Service Portfolio: Does it cover immediate needs? Development process?


• Does it have accreditation?


• What is its long-term viability?


• What is its policy on security best practice