Seize the middle ground

It is the channel's responsibility to kick-start the security education process among mid-sized customers most in need of its expertise, argues Ian Morris.

Recent surveys show that, although chief information officers are allocating less capital expenditure overall to IT, security remains a priority.

The message seems to be getting across that antivirus software and firewalls simply cannot provide adequate protection for most networks.

This is certainly true of large enterprises, which are most likely to be targeted by hackers. Hence their interest in intrusion detection, public key infrastructure and intrusion prevention.

The channel has been quick to respond to the booming demand for security among large enterprises, as shown by the plethora of specialist resellers and integrators that have emerged in the past few years.

But is the channel doing enough to address the security concerns of medium-sized companies?

All too often, specialist resellers court the blue chips with the biggest security budgets, while smaller resellers and integrators focus on offering low-margin products such as antivirus software and firewalls to smaller companies.

This leaves middle-tier companies out on a limb, unaware of the technologies they need to secure their networks and, more importantly for resellers, representing a huge opportunity gone to waste.

With large businesses deploying the most sophisticated technologies, and smaller businesses escaping hackers' notice, it is medium-sized businesses that in the past two years have suffered the most website security breaches.

Rather than employing a chief security officer, these companies tend to put network security under the remit of an IT director or network manager who often lacks the skills to implement a reliable security strategy.

These companies will turn to resellers and systems integrators for expert advice.

This is good news for the reseller, but even better is the fact that selling security opens up a wide range of consultancy and services that can be offered on top of the product, from vulnerability assessments to fully managed security services.

There are clearly big opportunities here for resellers to sell solutions and also offer real value-add by assuming the role of consultant.

It is time for the channel to stop chasing after the big banks and legal firms, and kick-start the security education process among the mid-sized customers most in need of its expertise.

Ian Morris is the founder of equIP Technology.