Chicken, Egg or Omelette?

Just how distinct are security and compliance from each other?

Written by Jonathan Mepstead

CRN, 25 Feb 2008

Let us be honest, you do not refuse to drive 110mph on the motorway just because you have a fear of crashing; that consideration does not register anywhere near as highly as being pulled over, fined £500 and having nine points put on your license. In the same way, it’s not just fear that drives customers to seek protection for their applications and networks. Yes, they demand solutions that keep any bad stuff out and all the good stuff in, but what are they really concerned by? I would be inclined to wager that the desire to meet regulatory compliance is at least as strong as the need for security.

It is time more resellers understood that achieving IT security accomplishes little more than personal satisfaction for your clients if they cannot prove it to their external auditors. Trends have turned 180 degrees. It’s as if compliance earns more brownie points that IT security. An IT manager that achieves his 1000th successive day of suffering no intrusions will hardly be thrown a tickertape parade on his way out of the office. But if his actions put a tick in the right box on a compliance matter, then the chief executive might become his personal friend, take him out to lunch, laugh at his jokes…

Security and compliance are completely distinct, or are they? If security is the driver, then compliance will end up rearing its head. On the flipside, if compliance auditing seeks visibility and ends up highlighting a lack of security control then – hey presto - a security project with an available budget and an urgent timescale will likely arise. Is this one of those ‘chicken and egg’ situations, or could it be an omelette?

Now that compliance and security seem inexorably linked, the benefits of one solution over another are no longer just how much it can save your customers’ time, and your customers’ money. Now it’s about saving your customers’ neck.

The real question is, how can security and compliance work together without processes and resources being replicated? Since separation of duties and audit independence are also important issues, when should they be kept apart?

Resellers need to demystify the convergence of security and compliance, and explore winning strategies that will enable them capitalise on a market worth hundreds of millions of pounds. Every vendor touts a wordy datasheet or two about the role their technology plays in meeting PCI, Basel II and MiFiD etc., though little of it makes this challenge any easier. Instead, what will be critical to resellers are solutions that address security and compliance on a unified front and that simplify the issue in the minds of customers, whatever their priorities.

Jonathan Mepsted is managing director EMEA at Imperva

  • Have your say
  • Send to a friend
  • Share
  • Print

See also:

reader comments

related articles

latest news

Lenovo targets HP partner base

Vendor looks to expand reach and looks to rivals' channels to achieve its aims 03 Jul 2009

VMware rakes in 700 service provider partners

Virtualisation giant claims VSPP programme has gained significant traction in short space of time 03 Jul 2009

Compellent hits out at debate snub

Storage vendor writes open letter to prime minister in protest at being left out of £1bn stimulus debate 03 Jul 2009

More news

poll

Feeling secure?

Feeling secure?

Is offering standalone security still a viable business model?

View poll results

boxing ring

CRN Fight Night 2009 bouts now LIVE!

It is time to relive the craziness that was CRN Fight Night 2009

Eddie Pacey and Nitin Joshi

In The Studio with CRN: Credit in the Channel

CRN Editor Sara Yirrell chats to two of the industry's credit stalwarts - Nitin Joshi and Eddie Pacey

More CRN TV

events

East Sussex golf resort and spa

CRN Golf Challenge 2009

Join us for the premier golf event in the channel calendar

CRN Channel Conference 2009 logo

CRN Channel Conference 2009

A one-day conference dedicated to the needs of businesses in the UK technology channel

More Events

Newsletter signup

Sign up for our range of FREE newsletters:

Existing User

Newsletter user login:

Advertisement

White papers

Search white papers

Top categories

Primary Navigation