My second article on the SLA series, SLA 102: The Service Summary, is out.
In this article, I’ll focus on the service summary. In most SLAs, this section describes the service you will be receiving in general terms. Here are some of the areas you should keep in mind as you negotiate your contract with your service provider.
Computerworld is starting to publish a series of SLA 101 articles, written by yours truely: SLA 101: What to look for in a service-level agreement
Many IT administrators aren’t comfortable handing over control of the most critical security components of their infrastructure. But in recent years, security outsourcing has become a popular and viable means of lowering the cost of perimeter security management. More and more companies are outsourcing parts of their security infrastructure, including firewalls, intrusion-detection systems and virtual private networks, to managed security service providers (MSSP).
Anyone thinking about outsourcing such a mission-critical aspect of their network should understand in detail the potential implications to their IT security infrastructure and their company as a whole. One of the biggest differences among providers of security services is the service-level agreement (SLA). In this five-part series of articles, we will dive deep into the various aspects of the SLA and attempt to explain in details what the SLA should contain and why each of the items is necessary.
In general, an MSSP SLA should cover the following areas:
Opinion: Making the case for an audit standard
Interesting article by Oracle’s CSO Mary Ann Davidson
Disclaimer: This is my personal blog. The opinions expressed in this blog are the views of the writer and do not necessarily reflect the views and opinions of VMware.