Network Computingwww.networkcomputing.com

Storage service providers also have gone through some hard times in the past year. In the aftermath of the "dot bomb," these expensive services were some of the first cut from corporate budgets. Of course, many companies had resisted outsourcing their storage to begin with. Consequently many SSPs have had to scramble to redraw their business plans fast.

The whole category is essentially a goner. The previous model of storage by the slice is still out there, but it's mostly within internal data centers as part of a managed service offering. The only recognizable section left is the market for off-site data storage as part of a disaster-recovery strategy. WorldStor, for example, is now emphasizing its disaster-recovery services as opposed to its pay-as-you-go storage.

This part of the market still has some viability, albeit on a limited basis. It makes sense in some other specialized situations, but the lesson has been learned: Companies are protective of their data. They will outsource their accounting, helpdesks and even human-resources functions, but their data storage stays under their control. The coming year may be a time to look at some of the reconfigured SSP companies for a consultancy with your SAN network, but on the whole, we recommend that you avoid this market segment entirely.

MSSPs: Calling for Security

Unless you've been living under a rock you've watched security concerns grow from late-night NOC (network operations center) conversations to front-page news. Unfortunately, the reason so many organizations have found themselves swimming in a sea of security chaos is because security programs are extremely difficult to maintain.

Organizations looking for some help with their security efforts can turn to outsourcing solutions provided by managed security service providers. MSSPs often can lighten the load by aiding with firewall, VPN and IDS (intrusion-detection system) monitoring and management efforts. However, you should note a number of important factors when investigating MSSP options.

First, not all managed-security-service offerings are equal. Some service providers have simply added security-device monitoring to their menu of traditional network-management services. For example, when a number of the large carriers started offering firewall-management services, some organizations discovered the hard way that their own staff was far more qualified than that of the carriers. While some service providers will do an adequate job, organizations may find more expertise and comfort with security-focused players, including Counterpane Internet Security, Internet Security Systems and Riptech.

Second, though MSSPs often can lift some of the burdens from security staff, managers looking to outsource their security responsibilities are in for a rude awakening. MSSPs can help with targeted tasks but will never be able to inherit the responsibility of maintaining a secure environment. Security-outsourcing solutions should be investigated to complement existing staff members' skill sets, not replace those staffers.

Finally, Chapter 11s are being filed faster than tax returns in April. A smart organization looking for an MSSP should do a little checking under the hood. Examining quarterly financial reports, for example, can help give organizations some insight into the financial stability of a future partner. Many MSSPs that are venture capital-funded are very much in the red and burning through cash reserves at a dizzying rate. Security outsourcing is not something you want to mess around with, so make sure to investigate not only the technical qualifications of your future partner, but the business ones as well.