Drei Wege Sicherheitsfragen zu lösen
What You Can Do If Your Security Vendor Fails
Even so, he wasn´t taking chances. After meeting with Pilot,he revisited his contingency plan and now feels fortunatethat he was ready to go when he found out that Pilot was nomore. "We worried," he says. "We probably should have worriedmore. Next time, I´d be even more aggressive."
This CIO´s contingency was relatively smooth. He started witha crude but sturdy frame-relay connection provided byVerizon. Once that was working, he set out to upgrade to ahigh-speed connection also provisioned by Verizon. After thatwas in place, he worked on adding secure access to hisnetwork in the form of a VPN. His e-mail contingency followedthe same slope: first, low-bandwidth access to e-mail, thenhigh-bandwidth access, then secure high-bandwidth access,which brought him back close to what Pilot had provided.
Concurrent to building the network up, he reinserted securityservices into his network while he sought a new managedsecurity partner. He started by assigning one person tomonitor the network, a pale substitute compared with what hewas paying Pilot to do. But it was monitoring nonetheless.
For the first awful week, the CIO had to rely on volunteerex-Pilot and Providian employees, who composed the managementskeleton crew. But within three days, he was out from underPilot, albeit with a temporary structure. "We´re stillsorting it out," he says. "We have some services. We won´thave others like filtering for a while. What we have now isOK."
In choosing his next outsourcer, this CIO echoes Durso as heconsiders the trade-offs between the small vendor with talentversus the big vendor with a stable business. But he´sleaning the other way---toward a bigger company with moregeneralized services. He chose Genuity for his networkconnections. Choosing a managed security provider ispredictably taking longer, but he wants a similarly largecompany, possibly Genuity.