http://www.itchannelplanet.com/commentary/article.php/3738951/Channel-Is-Key-In-Enterprise-Security-Sales.htm

Back to article

Channel Is Key In Enterprise Security Sales

By ITChannelPlanet.com Staff

April 6, 2008

There are a slew of enterprise security solutions on the market today, and the list keeps growing.The problem is that with so many vendors marketing solutions with similar features and benefits, and often conflicting promises, it can be extremely difficult and time consuming for enterprises – particularly ones with large, multi-platform, international IT operations – to find the best fit. 

This is where resellers, value-added resellers (VARs) and system integrators have an opportunity to demonstrate significant value for their clients.  They are often in an ideal position to help large organizations identify and deploy the security solution that best fits the needs and unique characteristics of their existing IT infrastructures. 

However, even the most diligent and astute reseller is bound to face a challenge sifting through the myriad enterprise security options available today while keeping up with the continual evolution of the technology.  But there is good news.  Potentially great rewards await those resellers who dedicate themselves to understanding the various IT security options, ranging from improved customer service and stronger, long-term relationships to repeat business and new revenue opportunities through professional services

One of the biggest challenges facing security technology practitioners is the constantly changing nature of today’s security threats.  New viruses, phishing schemes, spyware, malware, worms, data loss and theft and other threats turn up as quickly as security experts can develop patches and counter measures. And, several factors make the enterprise particularly vulnerable to these new threats. 

First, the very nature of the enterprise IT infrastructure makes it an attractive, and often easy, target. Many larger enterprises encompass complex networks that include a multitude of operating systems, applications and communications protocols.

Also, a number of organizations still rely heavily on legacy mainframe systems to store vast amounts of sensitive consumer and corporate data. In reality, these mainframe systems were not designed to handle the scope, nature and volume of today’s IP-networked world and the IT security challenges that come with it.

All of these factors put a tremendous burden on the reseller seeking to find the right solutions and add value for his or her client. However, there are a few core guidelines that can make this process easier.

At the end of the day, resellers need to ensure that their clients deploy, at a minimum, a comprehensive security solution to protect all aspects of the enterprise infrastructure. To this end, some key factors they need to consider include:

 

End-to-end communications security – The end-to-end approach is key for today’s enterprises.  This includes securing all files and data transmissions from the source to the destination, not just within the perimeter or from firewall to firewall.  This approach secures all data from application server-to-user, or from any combination of two secure endpoints exchanging information throughout the enterprise internal network and through the Internet between systems at different physical sites.

Multi-platform support – Resellers need to make sure that the enterprise security solution they recommend is capable of integrating data communications across heterogeneous IT environments, including Windows, UNIX, Linux, and IBM mainframe systems. 

Robust encryption – It is important to encrypt all data and file transmissions across the multi-site, diverse platform enterprise network.  This requires a new class of nimble, yet powerful technologies to accommodate the broad range of system platforms, as well as new and rapidly evolving applications.

Secure remote access – Since remote PCs, laptops, PDAs, and smart phones often have access to core enterprise data, they must be treated in the same way as systems located on the enterprise LAN.  Enterprise security must include encryption and authentication techniques for all devices that may allow users to access the internal network. 
Automated management capabilities – Monitoring and maintaining large enterprise security systems can be very time consuming for IT managers. This can often lead to delays in deploying critical security patches as new vulnerabilities are uncovered.  Therefore, it is important for the reseller to look for solutions offering some type of efficient, easy-to-use management capabilities.  For example, some vendors offer automated security platforms that enable management from a central location.  This type of system not only minimizes the time required to maintain the security system by an order of magnitude, but it also reduces overhead costs and the potential for human error.

Government regulations and industry standards – Existing and emerging privacy, security, auditing, and risk management regulations and standards, such as Sarbanes-Oxley Act (SOX), the Payment Card Industry Data Security Standard (PCI DSS), and the Federal Information Security Management Act (FISMA), are increasingly required for enterprises of all types.  Resellers must be familiar with these and the other regulations governing their clients’ businesses, and make sure that the recommended security solutions include support for the latest standards and specifications.

 

Improved client service is only one of the benefits for the reseller who expands his or her knowledge of the enterprise IT security landscape. Revenue generation through new or additional professional services offerings is another benefit.

For those integrators and VARs that offer supplemental professional services as part of their businesses, they will find that reselling enterprise security opens up the possibility for new streams of ongoing revenue. From integration, customization and consulting services, to comprehensive IT staff training, the opportunities can be virtually endless. 

While some client IT personnel will need a minimum level of support, others will require an in-depth ongoing commitment – particularly given that the IT security landscape changes so frequently, security threats constantly evolve, and government regulations and industry standards are subject to change over time. 

In addition, resellers may find that the enterprise infrastructure expands following the initial deployment, which will require added IT security product and service support.

As one of the driving forces in the enterprise security market, resellers are frequently the main point of contact for enterprise IT purchasing decision makers.With relationships built over time, based on past successes, the reseller can be in an ideal position to help enterprise customers effectively meet the IT security challenges ahead.

However, as in many business situations, knowledge is key. For the reseller, understanding today’s security landscape is job one. By utilizing vendors’ skilled knowledge and research, as well as going the extra mile to enhance the services they already provide, resellers can dramatically improve the level of guidance and support for their customers.