Last week, I spoke with Victor Villegas, v.p. of business development and supplier alliances at Santa Clara, Calif.-based data security solutions company Computer Media Technologies (CMT) Inc. We talked about how his data security solutions company managed its relationships with vendors like Symantec Corp., VMware Inc. and NetApp Inc. when they made big moves with acquisitions.

I asked him a lot of questions, including:

• What kinds of challenges do acquisitions present from a certification perspective?
• Where do you need the most assistance from an acquiring or acquired vendor?
• What’s the best way to make sure your support teams get up to speed on potential new technologies?
• For a partner, where can acquisitions go wrong?

Let me know what you think.

That may be surprising since many of these solution providers aren’t necessarily located in Massachusetts. There was a definite sense, however, that the resellers and consultants needed to be aware of compliance regulations, that new laws may spring up in other states, and that their customers will be held accountable.

I asked Richard Mackey, vice president of consulting at SystemExperts, about the current compliance landscape:

• What kinds of laws and requirements should we expect to emerge from individual states?
• How are laws like 201 CMR 17 beginning to impact organizations that never had to worry about regulations like PCI or HIPAA?
• For channel professionals working with customers across different states, how can they position their security practices so that their clients are ready for any emerging regulations?
• What are the technical and risk-based measures that are must-haves, and that appear in laws like 201 CMR 17, and will likely be used to meet other state data protection requirements?
• If organizations already have security programs that address regulations like SOX , HIPAA and PCI DSS, will customers be in good shape regarding the Massachusetts law? What changes may be needed?

Listen to the podcast below, and let me know what you think.

Last week, I spoke with Randy Cochran, vice president of channel sales, about Symantec’s activity: its acquisitions of PGP and GuardianEdge, its step away from consulting and its move toward more partner specializations.

Here’s an excerpt from our interview. As Symantec leaves the consulting business, I asked him if partners will need additional certifications to become consultants.

In this edition of “Patrolling the Channel,” see why the designation of “business associate” has given McDonald additional compliance challenges. The executive VP talks about the technical and non-technical controls being implemented for HIPAA’s sake. He also shares why he thinks solution providers may be behind the curve when it comes to compliance with the healthcare regulation.

Here’s an additional clip from our interview. I asked Chris about what programs are in place to help partners secure their customers’ cloud-based services:

• What qualifies as a “service?”
• Where do you start?
• What ongoing steps need to be taken to maintain a portfolio?

Later we moved on to what kinds of emerging security services will be seen in today’s portfolios, and what services go well together. Desktop management and intrusion detection and prevention, for example, may mesh with a security solution provider’s current offerings.

Finally, make sure you know when it’s time for a particular security service to go.

Jim Reavis, co-founder and executive director of the Cloud Security Alliance, recently sat down with SearchSecurityChannel.com to discuss compliance and the cloud. In this podcast, you’ll hear about the major compliance concerns that every security solution provider should consider, plus what kinds of technologies best address compliance and the cloud, and finally what the future of the cloud holds for compliance.

Listen to this podcast now, and be sure to leave your questions or comments in the section below!

In this edition of Patrolling the Channel, Matt Bossom and Travis Watson of Accuvant discuss the security issues that need to be considered for secure remote access. Find out what technologies work best for secure remote access as well as what telecommuting security services to offer customers.

Listen now to learn how to take advantage of this frightening, but very real potential opportunity. As always, if you have any questions or comments, please feel free to leave them in the comments section below.

In this podcast, Daniel P. Wallace, a Detroit, MI-based information security consultant explains how solution providers can help customers create a social media policy. Such a policy would allow companies to take full advantage of the business benefits of social media, while also keeping their company’s information safe. Listen now to find out how you can take advantage of this opportunity.

In this edition of Patrolling the Channel, Allen Zuk, president and CEO of Sierra Management Consulting LLC, an independent technology consulting firm in New Jersey, talks about how security plays into disaster recovery, and how you can get your company involved in this potentially lucrative revenue opportunity.

Listen to this podcast now: