Security: it’s not just anti-virus anymore. From social networking to virtualization, new technologies are pushing security beyond firewalls and intrusion detection. And for resellers, it means opportunities for specialization.
Web 2.0, in particular, is raising red flags. Social networking allows for the possibility of inappropriate information being shared says James Quin, senior research analyst with Info-Tech Research Group. In a lot of cases, organizations are taking the broad stroke of banning these sites altogether. But there are business benefits to some social networking sites, such as LinkedIn, so outright banning isn’t always the best way to go.
“But organizations do have to take measures to ensure they are protecting their sensitive information,” he says.
New theories applied to old problems
One area that’s starting to gain traction is data leakage protection. For a long time we’ve had inbound content filtering – making sure employees weren’t looking at inappropriate Web sites or receiving inappropriate attachments in their e-mail.
Now we’re seeing the reverse – making sure we know what’s going out too, and having measures in place to correct and protect that.
Data leakage protection isn’t just about putting a cap on e-mail – it’s also looking at instant messaging, Web mail traffic and other alternate channels of information distribution.
“That’s what this new breed of data leakage protection tools is all about,” says Quin. “It’s taking an older theory and applying it to a new problem.”
A couple of years ago we started to see outbound filtering take off, where rules had to be applied to the firewall about what kind of traffic was allowed out of the organization. We’re now starting to see that same paradigm being applied to content, because it doesn’t matter whether it’s accidental or malicious – if the information gets out, it’s a problem.
But many organizations don’t know what information they’re trying to protect.
“You have your wallet, and you know how much money is in your wallet,” says Fiaaz Walji, country manager for Websense Canada. “When you look at networked information, it’s funny how people don’t know that.” For resellers, those questions open up a great opportunity to really own the customer.
Most resellers and customers have the basics down – AV, firewalls, even Web filtering. However, since information is now the currency of the Web, the next step is data leakage prevention. This step is more consultative and requires more heavy lifting, Walji says.
But anyone who participates in e-commerce, owns intellectual property, does mergers or acquisitions or collects data from customers is a candidate for data leakage prevention. Web filtering products are an option. Websense offers auditor and enforcer tools, so resellers can run reports and see what’s happening in the customer’s network, which is a good way to get buy-in from management.
Security as a service
The other trend that’s starting to pick up steam is the expansion and consolidation of security tools – and how they’re managed. We’re starting to see all these tools – AV, intrusion detection, firewalls –integrated into one package, says Quin. That makes security easier to manage, but it also means there’s more connectivity between these tools. That means there’s a broader picture available on security threats, so organizations are able to make educated corrective measures.But what does this mean for the channel? AV is not dead, says Quin. It continues to be a hot topic, even though viruses are not the biggest threat out there anymore. The fact everything is getting bundled means anti-malware tools have radically improved over the older piecemeal ones. And a lot of organizations carry AV through the channel, especially in the SMB space. This is also where on-demand or software-as-a-service (SaaS) comes in.
“Our customers are asking for it,” says Brian Greene, senior product manager for the Data Management Group with Symantec Corp. In many cases, customers want to continue to own the business application and have their data onsite, but they’re more willing to augment that environment with a layer of protection provided in the cloud.
“What we’re trying to do is bring solutions to them where they may not be backing up the way they should, they may not have the level of security they should, and they don’t have the time or the resources or expertise to do it,” he says.
But SaaS is adding complexity to the channel and, in many cases, forcing VARs to change their processes. So Symantec has gone for a model that prevents them from having to do that, says Greene.
“Any customer that you sign up, we’ll handle all that for you, and we’ll give you a recurring commission fee that’s a generous percentage of the revenue we’re collecting from the customer,” he says, adding that will continue for any renewals and subsequent services the customer buys. Online backup starts at US$25 a month, while online storage starts at US$38 a month.
“It’s a matter of trying to make sure there’s minimal friction as the channel starts to adopt these new types of technologies,” says Greene. “They want to make sure no vendor, Symantec or any other, uses SaaS as a way to get around the channel, and that’s certainly not our goal. Our bread and butter is the channel, so we’re trying to find a way for them to adapt to this new type of model with minimal disruption to their business.”
And there’s a big potential market for these services. According to Symantec, 78 per cent of respondents in a recent survey says that availability-related IT risks were of business-critical concern, whereas the previous year the leading area of concern was security-related IT risks.
What this leads to is a broader definition of an incident, says Jennie Grimes, senior director of the Symantec IT Risk Management Program Office. Added to the list of denial-of-service attacks and worms and phishing would be things like being found non-compliant on an internal audit, the loss of a backup tape or the inability to restore a set of information within a certain amount of time on a service-level agreement.
Respondents expect to experience a security-related IT incident about once a month (compared to once a year in the previous survey). “Part of that could be that respondents are using a broader lens by which they define an incident in the first place,” says Grimes. “But there’s a suspicion that it’s also going up because of the increased reliance on IT.”
A more holistic approach
There’s a greater interest in taking a more holistic approach to security from end-users, and resellers can lead those discussions says Ray Gonsalves, director of product marketing with Tech Data Canada. This is more complex in terms of deployment, but offers better ROI in the long-term, as opposed to point solutions that address only aspects of security.But for many organizations, security is still a checkbox, and it’s a checkbox for the 17 different projects they have going on. “Are you looking at the bigger picture?” he asks. “Very often you could be creating problems in other parts of the organization based on what you’re letting in.”
This is a conversation that resellers should be having with their end-users. A great way to start that conversation is around compliance, says Gonsalves, because that’s a hot button for business owners – from breaches in access to data, to data going missing, to data getting into the wrong hands.
One emerging area with growth potential is virtualization as a security tool, as well as security around virtualized environments, says Quin. Vendors are coming out with tools to protect virtual infrastructures, and conversely with virtual tools that provide security. “So it’s a real mixed bag,” he says. “It’s a very new area – a lot of buzz, a lot of talk.”
Consolidation is also a big trend, where security organizations are being snapped up by other security – and non-security – organizations. But in many cases, consolidation can kill off a product line. Symantec recently acquired Vontu, and it’s not likely to kill off its own Symantec Information Foundation, nor is it likely to kill off Vontu.
“At the end of the day you’re going to end up with one product, not two,” he says. “So certainly the channel has got to be aware of these changes and be cautious around who they’re backing.”