IPv6 has been around for years, but has risen to the top of many enterprises IT agendas recently as experts predict the Internet Protocol address space under IPv4 could run out in a matter of months. Even though its proponents claim IPv6 offers improved security, experienced network security guidance is needed to reap the benefits, and to avoid falling victim to the IPv6 security holes that exist in some early IPv6-compatible products.
In this edition of SearchSecurityChannel.com’s Patrolling the Channel podcast, Guy Snyder, ICSA Labs Secure Communications Program Manager, discusses when IPv4 addresses may run out, what the government is doing to foster IPv6 adoption and where the security-related IPv6 opportunities are for security solution providers.
In this edition of Patrolling the Channel, Check Point v.p. Amnon Bar-Lev sat down with me and SearchSecurity.com News Editor Robert Westervelt. We talked about CheckPoint’s PureAdvantage program and where his partners need the most assistance.
If you’re not careful, communication between you and your vendors can turn into a bad game of telephone. Listen below as Bar-Lev talks about how he communicates his channel strategy to his partner reps.
Given the various mergers and acquisitions that occur in the information security industry, I thought it’d be interesting to see how the M&A activity affects a partner.
Last week, I spoke with Victor Villegas, v.p. of business development and supplier alliances at Santa Clara, Calif.-based data security solutions company Computer Media Technologies (CMT) Inc. We talked about how his data security solutions company managed its relationships with vendors like Symantec Corp., VMware Inc. and NetApp Inc. when they made big moves with acquisitions.
I asked him a lot of questions, including:
- What kinds of challenges do acquisitions present from a certification perspective?
- Where do you need the most assistance from an acquiring or acquired vendor?
- What’s the best way to make sure your support teams get up to speed on potential new technologies?
- For a partner, where can acquisitions go wrong?
Let me know what you think.
I recently had a meeting with some security channel professionals, and as we were reviewing trends, the group began to express some interest in the state data protection law in Massachusetts: 201 CMR 17.
That may be surprising since many of these solution providers aren’t necessarily located in Massachusetts. There was a definite sense, however, that the resellers and consultants needed to be aware of compliance regulations, that new laws may spring up in other states, and that their customers will be held accountable.
I asked Richard Mackey, vice president of consulting at SystemExperts, about the current compliance landscape:
- What kinds of laws and requirements should we expect to emerge from individual states?
- How are laws like 201 CMR 17 beginning to impact organizations that never had to worry about regulations like PCI or HIPAA?
- For channel professionals working with customers across different states, how can they position their security practices so that their clients are ready for any emerging regulations?
- What are the technical and risk-based measures that are must-haves, and that appear in laws like 201 CMR 17, and will likely be used to meet other state data protection requirements?
- If organizations already have security programs that address regulations like SOX , HIPAA and PCI DSS, will customers be in good shape regarding the Massachusetts law? What changes may be needed?
Listen to the podcast below, and let me know what you think.
Symantec has had plenty of news recently, including yesterday’s report that the company is set to buy Verisign.
Last week, I spoke with Randy Cochran, vice president of channel sales, about Symantec’s activity: its acquisitions of PGP and GuardianEdge, its step away from consulting and its move toward more partner specializations.
Here’s an excerpt from our interview. As Symantec leaves the consulting business, I asked him if partners will need additional certifications to become consultants.
Kevin McDonald is executive vice president and director of compliance practices at Alvaka Networks, an Irvine, Calif.-based network, security and managed services consulting firm that is both a solution provider and a “business associate” according to HIPAA regulations.
In this edition of “Patrolling the Channel,” see why the designation of “business associate” has given McDonald additional compliance challenges. The executive VP talks about the technical and non-technical controls being implemented for HIPAA’s sake. He also shares why he thinks solution providers may be behind the curve when it comes to compliance with the healthcare regulation.
I recently spoke with Chris Doggett, vice president of global channels at Sophos Inc., about certifications, managed services, new announcements and the basics of the Sophos channel program.
Here’s an additional clip from our interview. I asked Chris about what programs are in place to help partners secure their customers’ cloud-based services:
In this month’s Patrolling the Channel podcast, I talked to Michael Disabato, vice president and service director for Burton Group network and telecom strategies. First we discussed the basics of a service portfolio:
- What qualifies as a “service?”
- Where do you start?
- What ongoing steps need to be taken to maintain a portfolio?
Later we moved on to what kinds of emerging security services will be seen in today’s portfolios, and what services go well together. Desktop management and intrusion detection and prevention, for example, may mesh with a security solution provider’s current offerings.
Finally, make sure you know when it’s time for a particular security service to go.
I meet with an advisory board regularly, in an effort to understand security channel professionals’ challenges and specific needs. Last month, one concern from the panel was the lack of audit papers and checklists for cloud computing security implementations.
In this month’s Patrolling the Channel podcast, we spoke to Beth Cohen, president of Luth Computing Specialists, Inc. and contributor to Cloud Security Alliance guidelines. Cohen reviews common customer pain points and lays out the security priorities in four groups:
Listen to this podcast, and let me know what you think. What else should be a cloud computing security priority? What other specific challenges are your customers having?
In this month’s Patrolling the Channel podcast, we spoke to Kent Knudsen of K2Share, a provider of technology-based business solutions.
We discussed the following questions:
- How did the security channel fare in 2009?
- Are customers still scaling back on non-essential upgrades? Will we see more of that in 2010?
- How will SaaS, virtualized data centers, and the convergence of physical and logical security lead to opportunities in 2010?
- What other technologies will enable customers to do more with less?
Listen to this podcast, and let me know below about other security technologies that you think will offer big opportunities for the channel this year.