Rackspace Is Getting Into the Cybersecurity Business If companies aren't concerned with security and compliance, they should be.
This story originally appeared on Fortune Magazine
Rackspace, which bills itself as a provider of "fanatical support" for customers' information technology, is launching a managed security offering for small and mid-sized companies concerned with security and compliance. (If they're not concerned about this they should be.)
That means for one fee -- 25% of that customer's monthly Rackspace spending—the company will take care of all the piece-parts of security, including two-factor authentication; security information and event management (SIEM); malware protection; behavioral analytics; endpoint protection and the like, all in an integrated fashion.
While Rackspace has offered security services for some time, customers had to take responsibility for their own environment. With all the threats out there, "we decided to invest in security in the customer space and offer our expertise," said Perry Robinson, vice president and general manager for Rackspace Managed Security.
Toward that end, the company has taken a number of security tools -- including Crowdstrike, AlertLogic,LogRhythm, Rapid7 and Duo Security -- and combined them into a managed security platform. But Rackspace also looks at the particular customer to see what options are most appropriate, said Jarret Raim, who heads up strategy and operations for Rackspace Managed Security.
"We look at what tech they use, what their vertical industry is, what threat actors are active in that vertical, and we decide on the tool based on that, and the customer pre-authorizes us to handle things for them," Raim said.
In the wake of Sony and other cyber hacks, security is top of mind for most businesses (again, if not, it should be) so many vendors have cooked up their own managed security options. Rackspace's differentiators, according to Paul Teich, principal analyst at TIRIAS Research, is that it has an integrated "comprehensive managed security offering as a one-stop shop, including SIEM."
That "one-throat-to-choke" option is new, and should be attractive to businesses wary of dealing with individual systems, operating systems, and application vendors, Teich said via email.
He also noted that big public cloud vendors Amazon Web Services, Google and Microsoft Azure do not yet offer their customers an integrated package that combines SIEM logging and advanced pattern analytics for threat protection. Those big vendors typically send customers to partners where it ends up being a sort of do-it-yourself project, he noted.
Still, given that many Rackspace customers run at least some of their own technology, it's important to delineate just what's covered by the Rackspace service and what's not, or all that one-throat-to-choke stuff goes out the window.