SearchITChannel’s 2017 technology outlook article identified a number of cybersecurity trends affecting channel companies.
Among those developments are an anticipated rise in security operations center automation, the adoption of machine learning as a security technology and greater customer interest in integrated security suites.
SecurityScorecard, a cloud-based security rating platform provider, this week launched its first channel program.
The new program aims to help value-added resellers (VARs) offer continuous security rating services in what the company believes is an emerging market. Using the company’s platform, VARs can assess and monitor their customers’ security postures, assigning grades to the organizations based on their risks and vulnerabilities. Importantly, the platform assesses the security risks of customers’ third-party vendors.
“[The platform’s] primary use case, from a sales and value-added reseller perspective, is focused on enabling companies … to have visibility into the security posture of their third-party vendors, consultants and suppliers,” said Michael Rogers, vice president of strategic alliances and channels at SecurityScorecard, headquartered in New York.
Rogers added that VARs can potentially use SecurityScorecard ratings to identify opportunities for bolstering customers’ security capabilities. This, as a result, opens the door to providing professional services and cross-selling security-related products.
SecurityScorecard’s channel program offers access to deal registration, qualified sales leads, sales and technical training, co-marketing funds, and joint business planning. Additionally, partners can also connect with white hat hackers for guidance on designing product sets, the company said.
The program right now is by invitation only, Rogers said. “My feeling has always been, ‘Let’s go with the right ecosystem with the right partners.” Current partners include Gotham Technology Group, Optiv Security, GuidePoint Security, Bayside Solutions and Sycomp.
Gotham Technology’s use cases
First, the platform helps Gotham’s highly regulated customers audit their subcontractors, he said. These customers typically send their subcontractors multipage questionnaires and spreadsheets, allowing subcontractors to perform a self-evaluation of their security capabilities. “They’re spending a lot of time and energy trying to evaluate the efficacy of the security programs within the subcontractors,” Phelan said. “I think [the SecurityScorecard platform] is a great way of approaching that.”
Phelan said he also sees the SecurityScorecard platform helping customers who need to communicate their security postures to board members. The platform’s ability to continuously monitor an organization’s security health can offer critical insight. “Having a running metric of what we look like on a day-to-day basis is a really valuable thing for customers to … [understand] where they [stand] from a security perspective and how it changes every day.”
While Phelan sees Gotham’s partnership with SecurityScorecard as a promising opportunity for 2017, he said he hopes the vendor will develop more of a managed services play around its offerings.
Citrix Summit 2017 kicks off today in Anaheim, Calif. Here’s what channel partners can expect the company to emphasize at this year’s meeting:
Craig Stilwell, vice president, worldwide partner strategy and sales at Citrix, said 2017 will be the year when the company “walks in the cloud.” The company, he said, began to crawl in the cloud in 2016 and looks forward to running full force in the cloud in 2018.
This year, Citrix will focus on talking to partners about how to make the cloud transition, providing technical enablement as well as coaching on positioning and sales motions around the cloud, Stilwell said. And, of course, there will be discussions on how to make money in the cloud. Indeed, the Citrix Summit 2017 opening keynote outlined three ways for partners to make money in the cloud: transactions for new cloud licenses, services (installation, configuration and managed services) and renewals (partners sell Citrix Cloud packages in a per-user, per-year subscription model).
As for the latter, Stilwell said he plans to design a renewal program for partners. He noted that once a customer makes a cloud purchase, the channel will play a key role in making sure usage is high and customers are satisfied. He said his goal it to have the renewal program figured out by the Citrix Synergy conference, which will take place in May in Orlando.
Other partner go-to-market priorities outlined at Citrix Summit 2017 include:
Secure deals for Citrix Workspace Suite
Stilwell said the objective is for Citrix sales personnel and channel partners to lead with Citrix Workspace Suite, a set of Citrix products for delivering secure access to desktops, data, applications and services.
Win with networking
Specifically, the Citrix game plan is to attach NetScaler and SD-WAN technology to every Workspace Suite, XenApp and XenDesktop deal. He said SD-WAN sales benefit from a close association with desktop virtualization and application virtualization user experience.
“We find the most uptake on SD-WAN … where resilience and uptime are of primary importance to the end user customer,” Stilwell said.
Win together with Microsoft
Stilwell said Citrix is asking its channel companies to become better Microsoft partners and focus on key use cases such as Skype for Business, Windows 10 virtual desktop infrastructure and NetScaler for Azure.
Citrix Summit 2017 will run through Wednesday, Jan. 11.
As channel partners mull over business moves for the upcoming year, many executives may consider IoT as a potential play — and for good reason.
“There is so much demand for IoT within SMBs [small and midsized businesses],” said Anurag Agrawal, CEO and analyst at Techaisle, a market research firm that closely follows the SMB market. Techaisle expects nearly three-fourths of midmarket businesses to adopt some form of an IoT initiative in the next year. At least one third of small businesses, which Techaisle defines as having one to 100 employees, will launch one or more IoT initiatives within their organizations.
“There are many different benefits of IoT that the SMBs are starting to see, and they’re starting to embrace it,” he said.
That’s not necessarily the channel’s fault. For example, many firms continue to grapple with cloud computing, mobility and security, making IoT an impractical next step. Additionally, traditional vendors experimenting with IoT products opt to sell direct to customers. “[Vendors] are all experimenting, and the best experiment is to sell it themselves,” he said. “That, in turn, drives channel partners to say, ‘How do I learn by myself?’ They don’t have enough time to be able to do it.”
First steps to the IoT opportunity
The first step involves what partners “already know how to do today” — selling and installing hardware. Selling and installing sensors and data-collecting devices is a practical way to get started.
From there, partners can move up to managed services, proactively managing and monitoring their customers’ sensors and devices. “I think this could be a potential sweet spot for MSPs that start investing in that area today,” April said.
Partners can then harness and analyze the data collected from customers’ devices and advise customers on running their businesses. “That is really the cream of the crop right there,” she said, but added that the channel is “a ways off from this.” Only a segment of the channel will acquire this type of expertise, she said.
Charles Weaver, CEO of MSPAlliance, suggested MSPs may play a more vital role in IoT when security issues begin to emerge. “I think that IoT is going to be a major … problem-solver and then it’s going to be a major problem — in that order,” he said. He said we will likely see massive adoption, followed by breaches and attacks that will bring greater attention to IoT security.
But Weaver also noted that MSPs should start to explore the IoT opportunity. RMM tools in the market today can handle the task of monitoring IoT devices, he said. “If it’s connected to the internet, generally speaking, I think it can be monitored. If I was an MSP, I would be definitely looking at that for the future.”
Microsoft said it has some 20,000 partners selling cloud through the company’s Cloud Solution Provider program.
Now, Microsoft wants to get more partner personnel up to speed on cloud technology. In a briefing this week, Gavriella Schuster, corporate vice president of Microsoft’s Worldwide Partner Group, unveiled free Azure training. Schuster, citing a shortage of technology professionals with the skills to capitalize on the cloud opportunity, said six Azure training modules are available at no cost today and six more will be added in the next few weeks. Continued »
Aruba Networks, a networking vendor and Hewlett Packard Enterprise company, unveiled an expanded portfolio aimed at supporting IoT initiatives at the HPE Discover Conference in London today.
The new products, which include Aruba ClearPass Universal Profiler and the “IoT-ready” 2540 Switch Series, will play into HPE’s overall IoT strategy, Aruba said, while opening up partner opportunities in the IoT market.
The Universal Profiler, also a feature of Aruba’s ClearPass platform, automatically discovers and “fingerprints” IP-enabled managed, unmanaged and IoT devices on multi-vendor wired and wireless networks, according to the vendor.
Partners can use the tool to provide visibility into the number of devices connected to their customers’ networks, as well as the types of devices, operating systems, statuses and locations. The information can then help fine-tune performance and security across infrastructure components, Aruba said. Additionally, the information can be shared with ClearPass Exchange partners, which provide security and operations features such as user behavior analytics, deception intelligence and firewall security that integrate with Aruba’s ClearPass Policy Manager.
Christian Gilby, director of product marketing at Aruba, said the Universal Profiler “simplifies and lowers the barrier for our partners to get this [information] into customers’ hands and understand what’s on their networks.” He noted the tool is also a vehicle for up-selling customers to ClearPass Policy Manager.
Small organizations are a good candidate for the Profiler, as larger organizations will generally adopt ClearPass Policy Manager, added Trent Fiero, Aruba’s director of security marketing.
According to Optiv, a security solution provider based in Denver, Aruba’s decision to offer the Universal Profiler as a standalone product, separate from the from the ClearPass platform, was a smart move. “I think it will allow [Aruba to] get into customers a little bit easier and allow people to grow organically and naturally over time” because they can pay only for what they need, said Charlie Koehler, Optiv’s Aruba enterprise architect. He added he thinks the separation will allow Aruba to put the Profiler in the cloud, making it even more accessible to customers.
Koehler said that Optiv recently used ClearPass to do device segmentation and profiling within healthcare telemetry environments. Apart from healthcare, he added education and retail are poised to be strong vertical opportunities for Aruba IoT technology.
The Universal Profiler will be available in the first quarter of calendar year 2017, with pricing starting at $150 for profiling up to 100 devices, Aruba said.
In addition to the Profiler, Aruba launched its “IoT-ready” 2540 Switch Series, which “fills out” the Aruba’s switch portfolio, Gilby said, allowing the HPE Aruba partner community “to build a solution across large campuses as well as distributed enterprises.” The switches offer user- and port-based wired traffic tunneling to an Aruba Mobility Controller so an organization can apply policies, extend advanced services and encrypt traffic to secure the LAN.
The 2540 Switch Series is available now with pricing beginning at $2,589.
The vendor today also rolled out enhancements to ArubaOS-Switch, which works together with the 2540 switches to support unified role-based access across wireless and wired networks with capabilities for identifying and assigning roles to connected IoT devices.
To get an idea of where channel trends may be heading next year, take a look at where distributors are investing and hiring today.
Ingram Micro Inc., for example, is putting time and money into training programs. The company this week obtained Authorized Learning Partner status from Cisco. That designation means Ingram Micro can deliver Cisco Authorized Training as part of the networking vendor’s Global Learning Partner Organization.
According to Cisco, Learning Partners are authorized to educate and train other partners within the company’s partner ecosystem, focusing on “Cisco products, technologies, architectures and solutions.”
Ingram Micro‘s training investment is part of a broader trend. Distributors are diversifying, cultivating a range of services in addition to their traditional role in product fulfillment. According to the Global Technology Distribution Council, distributors, as a group, now offer more than three dozen service lines — including education and training. Continued »
Most organizations have developed cyber security measures for battling today’s mounting threats, yet many admit their businesses remain seriously at risk.
That’s according to new research published last week by NetEnrich, an IT infrastructure and operations management services provider. NetEnrich collected data for its study in October, polling 150 IT professionals on their companies’ cyber security measures for handling potential strikes. While the study revealed 82% of the companies have a plan for handling attacks, about a third of the surveyed respondents noted critical vulnerabilities in their hardware and software systems.
“I always say, ‘Security is not a sprint; it is a marathon,'” said Vikram Chabra, solution architect at NetEnrich, based in San Jose, Calif.
Although NetEnrich found that cybersecurity readiness plans were prevalent among respondents, the objectives of these plans varied. Half of the respondents said attack prevention was the main goal of the plan, while the other half cited a mixture of recovery of loss from attacks, organizational response to attacks and business continuity throughout attacks.
The research findings also highlighted that companies are trying to safeguard their organizations against multiple threat sources. The most likely instigators of cyberattacks were employees, rogue or otherwise, according to 53% of respondents. Additionally, 18% cited non-employees working as part of a “group” as a likely source of cyberattacks, while 15% pointed to non-employees working alone. Four percent indicated state-sponsored organizations as potential threats.
In addition, more than 40% of respondents said they have been victims of a cyberattack, a finding that Chabra said stood out.
The causes behind these breaches were wide-ranging. The top three causes that respondents indicated were stolen or weak passwords, cited by 26%; followed by testing and monitoring systems failure (21%) and advanced persistent threats (15%). Respondents also attributed breaches to employee error, cited by 14%, and lost equipment such as laptops and mobile devices, by 7%.
When NetEnrich asked respondents if the attacks could have been avoided, respondents identified a few different measures they would have taken. Forty-three percent said a better cyber security policy would have thwarted the attack, while 37% cited better tools and methods for testing and monitoring. Twenty-one percent believed they could have prevented the attacks if they had better communicated security policies to their employees.
One of the drivers compelling organizations to adopt cyber security measures, the study suggested, may be the high costs of falling victim to cybercrime. The majority of the survey-takers said the average cost of a breach today is between $50,000 and $100,000.
Other findings of the NetEnrich study included that 66% of organizations contract with third-party consultants or managed security service providers to develop or implement security plans. Sixty-nine percent said the services were “very helpful.”
Chabra noted that companies may have some cyber security measures for managing attacks but many aren’t thinking beyond prevention. Companies should increasingly focus on continual monitoring and detection, he said.
Additionally, he advised that all channel partners, whether value-added resellers or IT service providers, ensure they include security capabilities in all their offerings.
The rise of software turned out to be a key theme at last week’s Cisco Partner Summit 2016.
Indeed, software is at the center of Cisco’s push to virtualize traditionally hardware-based functions and provide more complete offerings through its channel partners. Offerings such as the Cisco ONE Software licensing program bundle a range of capabilities that customers can switch on as needed. Channel partners can consult with customers on Cisco ONE’s software components and deployment. Other Cisco software moves include cultivating relationships with ISVs and encouraging developers through its DevNet program. Coverage of those developments is available here.
But that’s not the entirety of Cisco’s software gambit. Antone Gonsalves, news director for TechTarget’s Networking Media Group, covered a different software angle in his Cisco Partner Summit coverage: network automation tools. The article, Cisco pledges a quicker rollout of network automation tools, discusses Cisco’s bid to have software absorb the day-to-day networking chores that many companies currently undertake manually on hardware. Continued »
Cisco is changing up its professional services delivery, a move company executives said will give partners more selling options and lessen the potential for channel conflict.
The company’s Cisco Services organization provides a range of offerings, including optimization, advisory and support services. Cisco partners can sell those services to their end customers.
Joe Cozzolino was named senior vice president of services in June 2015 and has been restructuring the group since then. “There’s been a lot of work [and] lots of changes,” he told attendees at Cisco Partner Summit 2016.
Those changes include an updated roster of optimization services. To wit, Cisco has built upon its well-established network optimization services to now include security, data center and collaboration optimization services. That expansion puts more items “in the bag for everyone to sell,” Cozzolino said.
In another expansion, Cisco has increased the number of solution support SKUs offered via Cisco Services from 12 to 22.
But while Cisco adds services, it is has also decided what service businesses it doesn’t want to pursue. Cozzolino said a decision was made about a year ago to not participate in the business process consulting space and emphasize technical advisory services instead.
Overall, Cisco Services has modified its approach to professional services and will refrain from “going everywhere” with its services, Cozzolino added.
“My goal is not to be a systems integrator or a large managed service provider,” he said.
Instead, Cisco Services will focus on providing specialized capabilities around its architecture, while looking to scale through its channel partners.
And to keep everyone on the same partnering page, Cisco is in the process of updating its partner engagement policy for its sales force. Cisco officials suggested that’s a timely step, given the integration of Cisco service and product sales in the field.
“This is really to educate our sellers on those policies and give a clear governance path,” said Wendy Bahr, senior vice president of Cisco’s Global Partner Organization.
The revised partner engagement policy will be out by the end of November, Bahr said.