It's no use being a bit secure. There's little more point in being mostly secure. After all, if you bolt all your doors and windows except for one, which you leave wide open, are you entitled to any peace of mind?
This is the thinking of an increasing number of end-user organisations looking to protect their systems and data from a range of threats.
Don't talk to us about a bit of security here and a bit there, they are saying. If you're not offering some sort of joined-up strategic approach to the issue, we'll simply take our custom elsewhere.
This isn't great news for resellers that have made a decent sideline in the past few years out of tacking on a firewall, some antivirus software or an intrusion detection device to their basic solution, and pronouncing it secure.
Given that only a handful of resellers can justifiably claim to be security specialists, how is the broad mass of the channel to cope with the need to offer a credible end-to-end security offering?
With security taking so many forms and covering such a span of disciplines and technologies, where do they start?
David Ellis, director of e-security at security distributor Unipalm, said: "You need to be able to present a range of solutions to the customer. But a reseller can't really be expected to be an expert in every area."
One solution is partnership. "You can, and should, outsource elements to third parties," insisted Ellis.
"Unipalm provides a number of services for resellers to pass on to customers, and will gladly go in with them to the customer as a part of their team."
Ellis urged resellers not to see themselves as simply required to supply the largest possible range of solutions. There's a lot to be said, he believes, for a more consultative approach.
"Security is a good door opener," he explained. "The user may well have some security deployed, but the reseller can still offer to come in and test it, to see what other opportunities there might be.
"This exercise will need to be repeated on a regular basis, which helps to build customer loyalty. Security needs never stand still, because companies never stand still."
Whatever the breadth of its offering, the reseller can position itself as the resource that the end-user needs most: one central point of contact to call on in all instances, according to Ellis.
"The one thing you can do as a value-add reseller is be the hub that ties everything together," he said. "And don't forget that you can include in this not just electronic security but physical security aspects as well."
A growing science, and one in which Unipalm is a pioneer, is the security audit: a prime example of security consultancy in action, according to Russ Spooner, pre-sales consultant at the distributor.
But this is not, he warned, simply a matter of going round with a checklist on a clipboard.
"The ability to offer independent security testing is important for resellers looking for credibility," he said.
"But it's also a challenge. Lots of resellers do their own testing, which is frankly not always to a high standard.
"If they give this testing to a third party of some kind, it could be a third party with a vested interest in selling security solutions too.
"If you do this through Unipalm, we can offer testing via the Open Source Security Testing Methodology Manual, which is no threat to the reseller, and is a useful additional service that's also independent."
But not everyone agrees with the basic premise that an end-to-end security offering is what all customers are clamouring for.
Bernie Dodwell, marketing director at security distributor Allasso, said: "It all depends on the customer. An SME, for example, will expect all security in one go. There are a number of products at this end of the market that will do the job."
Dodwell feels that with the upper, blue-chip end of the market more the property of the major management consultancies, it's the middle market that offers the reseller the right balance of margin and feasibility.
"Considering it's unlikely that resellers are going to be asked to provide security for HSBC or Shell, it's the middle bit of the market where the challenge is," he explained.
"And it's the lower end of this middle market where the growth really lies, with lots of companies going online for the first time."
The reseller scanning the security market, and looking for toeholds on the face of a complex escarpment, should remember that the obstacle looks equally daunting from the user's side.
For them, security is a moving target: something they have no time at all to get used to before it shape-shifts into another challenge altogether.
As Harry Gostling, country manager at SonicWall, puts it: "Enterprises constantly face new security challenges.
"At the moment, for example, there are increasing numbers of branch offices and staff accessing the corporate network from home.
"These workers need cost-effective, scalable, enterprise-class internet security and virtual private network [VPN] solutions at the edge that are integrated into the existing corporate security infrastructure."
Resellers that want to be a part of solving this ever-evolving state of crisis need to evolve from their old product- and price-led way of thinking.
If they can manage this, they will find themselves working with customers, and not simply facing them down over the counter, claimed Gostling.
"Resellers must respond by adopting new business models that are not based on competitive pricing and instead focus on increasing and retaining a loyal customer base through services," he said.
"With managed services, resellers can reduce their exposure to price-based competition and increase customer loyalty.
"Managing services such as firewalls, VPNs and antivirus protection transforms the reseller into an indispensable business partner."
There is, of course, a product element to most security sells, but so much the better if that product comes with a little built-in intelligence.
"The latest entry-level firewall systems are equipped with integrated security management capabilities," said Gostling.
"For an outlay of as little as £5,000 a reseller can acquire a comprehensive security management system for up to 25 firewalls that optimises hardware, space and labour resources. Moreover, it will scale to support a rapidly growing customer base."
He insisted that resellers should be thinking about taking advantage of these capabilities to offer ongoing remote management of their customers' firewalls and VPNs.
Configuration, vulnerability scanning, network antivirus enforcement and updates, content filtering, Public Key Infrastructure (PKI) authentication, and detecting and responding to intrusions can all be provided remotely from the same management platform.
SonicWall has just appointed Ideal and its parent company, Bell Microproducts Europe, as distributors of its offering throughout the UK and beyond.
Harry Bhullar, Ideal's technical security manager, pointed out that too many resellers, faced with the need to not simply bundle security with their products but to provide something altogether more wide-ranging and expert, shrink from the challenge.
"Resellers have called us up and asked us to supply a small network for a customer," he said. "We say: 'What about security?' and they say: 'That's nothing to do with us, we've only been asked to provide the basic system.'
"They have basically decided that it is too complex for them and don't realise that it is something they can do."
Bhullar wants to encourage resellers to call upon Ideal to add security value to their solution so that they can, in turn, pass that value on to customers.
"The added-value possibilities of security are more or less endless," he explained. "It's pretty much a continuous educational process. It's also great for repeat business, and for selling the same basic solution into different places.
"I was speaking to one of our resellers recently who has managed to sell a secure laptop-based network into several different police forces."
Resellers which resolutely believe that security is not for them should wake up to the reality that they may have little choice in the matter.
Scott Rivers, product manager at 3Com, believes that security is not merely an issue that runs from one end of an enterprise to another; it's also becoming integrated into other solutions at a fundamental level.
"There are some VARs that focus on security, but most are specialists of a different sort," he said. "What these resellers need to realise is that security is not just a product any more; it is part of every bit of the whole solution.
"Users do not want a load of point solutions; they want security integrated into the solution. They want proper policy-based control that delivers security and measures performance levels as well."
Resellers at the other end of the spectrum - those that have fully absorbed the message about an integrated, end-to-end security offer, and are keen to get out there and sell it - should not go at it like a bull at a gate, according to Gary Clark, vice-president of sales and marketing EMEA at Rainbow Technologies.
"Security is fundamental to any business but resellers must avoid bombarding customers with a multitude of products that do not suit their specific needs," he explained.
"Going back to basics and making security simple is the key to ensuring that customers are provided with solid measures to protect core areas of business such as the network, user authentication and communication via the internet."
Clark suggested that the key is taking each customer one at a time. "Each organisation has its own security challenges, and it's only by assessing individual needs and taking on a more advisory role that resellers will succeed in satisfying customers and increasing revenue streams," he said.
And don't worry: it is not going away. Whatever its complexities, or deceptive simplicities, the market for security solutions is here to stay, unlike many a more faddish gold rush.
Ian Tickle, UK channel manager at Tripwire, predicted: "As long as risks exist, there will always be a need for security, and it will always be a good bet for resellers.
"Ultimately, resellers can maximise their potential when selling security by identifying exactly where the real threats lie."
As threats become more advanced, security solutions must be sophisticated enough to measure up, providing a constantly evolving opportunity for the channel.
But not all resellers will be able to benefit from this renewable source of margin opportunity.
"It is vital to know exactly what is going on in your network to protect it," said Tickle. "Implementing a firewall is no longer enough to protect business, and those resellers offering such traditional solutions will find themselves lagging behind the competition."
SECURITY ACCORDING TO THE MARKET
The security market is attractive to the channel because it is a complex space with considerable opportunities to add value and consultancy.
It involves a range of different technologies - from intrusion detection to encryption, to virus control and VPNs - which means that a complete security package needs to be integrated to best fit a purchaser's needs.
But it is hard for resellers to view such a broad market in manageable pieces. Security vendor Entrust, which provides encryption, access control, application, email and wireless security, advises resellers to try to see security in terms of particular growth markets.
Here are its top three recommendations:
Analysts' reports from both Ovum and IDC predict that public sector IT spending will be one of the first areas where restrictions will lift.
The e-commerce minister has made very public statements about the need for information security, and the European Commission is in the process of setting up a rapid reaction force to counter cyber-crime.
So much of the information that governments handle is confidential that security is a must-have investment.
Wireless local area networks have a number of vulnerabilities and the increasing availability of wireless internet access through public hotspots makes this a more pressing issue.
However, the security risks are not insurmountable and the technology to counter these threats is available, offering a good opportunity for the reseller market. Another topic to consider is security for wide area networks.
Many businesses want to automate their processes and are deploying web services internally. However, if you are hoping to integrate the systems of external suppliers, partners and customers, security becomes more important.
XML has resolved the problem of differing systems, so security is the biggest hang-up for web services.
With so many different methods for authenticating users, from biometrics to passwords and smart cards, you cannot expect an existing web service application to cater for all of these solutions.
The problem is compounded as more companies interact with each other, hence the need for a single platform. Over the coming year this is likely to offer new opportunities to vendors and resellers of security solutions.
Unipalm (01638) 569 600
Allasso (0118) 971 1511
Ideal (020) 8286 5000
SonicWALL (020) 8286 5000
Rainbow (01932) 579 200
Tripwire (01189) 737 397
3Com (01442) 438 000
Entrust (0118) 953 3000
Today saw 14 of the UK IT channel's biggest hitters come together to determine the winners of CRN's WiC awards. But what does being a WiC judge actually involve? Doug Woodburn reports
'Smaller firms may struggle to keep up with Microsoft's innovation with Dynamics' says CEO Stuart Fenton after acquiring assets from Profile Enterprise Solutions
Pete Peterson admits the firm hasn't always been the 'easiest company to do business with'
New chief exec Aaron Painter says 'longer-term strategy' could see firm tackle the Asian market