User:Shawndouglas/sandbox/sublevel1

Gartner defines a managed security service provider (MSSP) as an entity that "provides outsourced monitoring and management of security devices and systems," including "managed firewall, intrusion detection, virtual private network, vulnerability scanning, and anti-viral services."^[1] Gartner continues, noting that MSSPs run their security operations through their own or third-party data centers in order to provide an "always available" service, with the ultimate intent of reducing "the number of operational security personnel an enterprise needs to hire, train, and retain to maintain an acceptable security posture."^[1] In addition to reducing personnel requirements, turning to an MSSP may also improve the overall security competency of and reduce the technological complexity burdens within an organization.^[2]^[3]

One perceived downside to this approach may be the added risk of placing access to sensitive data in the hands of a third party, and indeed, there may be a few unique situations where it makes the most sense to keep security operations in-house.^[4] However, this perceived downside largely comes down to a question of the trust you place in the MSSP. As was discussed in previous chapters, many cloud service providers (CSPs) recognize the importance of supporting the element of trust associated with its services, as witnessed by their trust centers and associated documentation and certifications, particularly those related to the management of sensitive data. This element of trust is also baked into the service level agreement (SLA) provided by the CSP.^[4] In the end, just like a CSP, the level of trust you place with an MSSP will largely be based upon your business' approach to both vetting them and determining the level of accepted risk should the MSSP not be able to meet your every requirement. (These aspects are discussed in further detail in the following chapter.)