Outsourcing cyber security: How does it work?

March 18th, 2020
Outsourcing cyber security: How does it work?

Now you’ve decided you want to outsource your cyber security, you’ll naturally have some questions on how it will work.

While all IT providers will take a slightly different approach, you should expect regular updates, monitoring of your systems and rapid response to any problems.

At ATG, we’ve decided to put cyber security at the forefront of everything we do, so no matter what kind of support we provide our clients, they know that their security is as important to us as it is to them. We ensure that each business is protected as well as it can be.

The first steps

We want our clients to be as informed as possible when it comes to cyber security and for them to understand the risks that they face as business owners. Since 2017, cyber crime has increased and all kinds of businesses have been targeted and exploited.

The first step is that we get an idea of your business, your industry and what potential challenges you face when it comes to cyber security. We work with a variety of manufacturing, creative and professional services companies so can talk through the challenges we see in your industry.

If we feel that there’s a right fit, we’ll agree to move forward, that's usually in the form of an assessment of your current system.

Next steps

After an assessment of your business, recommendations should be made on how you can best protect your data.

This could be in a variety of services both software and paired professional services.

Once you’ve chosen your external supplier and decided on your security services, you need to have a timeframe agreed for when any software and hardware changes will be carried out and what you need to do before this can happen.

Factor in busy periods for both you and the provider so your expectations are managed; where possible, they should implement the solution so it causes little downtime. Make sure staff and customers know, as appropriate, when this is happening.

Find out what your IT partner offers in terms of training and user awareness – if cyber security is new to your company, the chances are that the staff may not be aware of it, or realise how significant it is. You may want your provider to help employees to understand the importance of password security and precautions to take if they use their own devices.

Outsourcing cyber security How does it work - quote image

You might consider a nationally-recognised qualification to demonstrate your commitment to cyber security. The UK government and the National Cyber Security Centre (NCSC) offer two levels of Cyber Essentials accreditation, which is awarded when a company can demonstrate that they have appropriate security measures in place. ATG are a certifying body for Cyber Essentials, our team can take you through this process.

Ongoing support

Just because you’ve implemented a security solution and you’ve got peace of mind that your data is protected, that doesn’t mean your IT partner isn’t constantly working to keep you safe. They should offer ongoing help throughout the time you work with them.

Proactive monitoring and threat management is part of any cyber security solution, and the best monitoring is 24/7/365. Your IT provider should have systems and processes in place for identifying potential threats to your server and to take steps to prevent an attack.

You should expect regular reports from them which detail how your systems are protected, potential new threats and things to be aware of, and statistics on data backup speeds, any problems and the speed of resolution.

Arrange regular reviews with your main contact to discuss the reports and to look at how things are going. If you have any concerns, you should be able to get in touch with someone immediately.

Your IT partner should continue to provide training, both for new staff and for employees who get promoted and take on additional responsibilities. Ask for regular (annual or six-monthly, depending on the complexity of your organisation) refresher sessions to make sure everyone is up to date with the latest in cyber security and defence.

If you take on more staff, you have a second office or your business changes significantly you should expect additional support from your provider. They should be able to advise you on any necessary upgrades to your security solution and make suggestions on how to improve it in future.

We hope you’ve found this article helpful. If you’d like to discuss any part of it, please contact one of our team directly and we’ll be happy to help you protect your business.