The shared operational environment used by many service providers to service multiple clients poses more risks than an in-house environment. Sharing a data transmission capability (such as a common network) across multiple clients can increase the likelihood of one organization having access to the sensitive information of another. The CERT Coordination Center of Carnegie Mellon University provides a list of best practices for engaging managed security service providers. The third practice provides content guidance for a Service Level Agreement (SLA) The SLA is one part of the contract between client and provider.”]
Source: https://www.cuinfosecurity.com/managed-security-services-part-2-risks-best-practices-a-359