PAM vendor Osirium overhauls channel as UK demand increases
Osirium partners with Distology and begins hunt for UK resellers
While the number of shiny, innovative cybersecurity vendors coming out of Silicon Valley and Israel is well documented, one UK-based privileged access management (PAM) vendor has been quietly waiting in the wings for UK businesses to catch up with the technology.
Based just outside of Reading, Osirium was founded in 2008 by a team of ex-Integralis management including former Integralis sales and marketing director David Guyatt, who is Osirium CEO.
The vendor launched its IPO on the London Stock Exchange's AIM market somewhat under the radar last year, raising £8.8m at admission. It currently has a market capitalisation of £11.95m.
Channel strategy
PAM is the concept of monitoring and controlling what users with high-level authorisation can do in a computer system.
The concept is not especially new, but Osirium claims that it is now starting to see demand from firms in the UK, which is resulting in the channel starting to access which PAM vendor to partner with.
With this in mind Osirium has overhauled its partner programme and strategy, and has partnered with Distology - a distributor with a specific focus on growing the channels of emerging vendors looking to conquer the UK market.
Sales director Tim Ager joined the vendor last month to head up the channel restructuring and told CRN that, while Osirium has always had a "working relationship" with the channel - particularly larger systems integrators - the decision was made last year to make a complete commitment to the channel and stamp out all direct business.
"It is not an aim [to go 100 per cent channel], it is an existing commitment," he said. "I joined the company on 3 January, on 4 January we appointed Distology and on 5 January we launched the partner programme so all of our business will be fulfilled by a traditional two-tier channel model with Distology being our distributor."
Ager explained that Osirium's offering should be considered by traditional resellers looking to branch out into services, and consultancies who might not necessarily sell Osirium's products directly but can include it in a wider services offering.
He said he is looking to recruit around 20 partners to the new programme in the first half of this year.
Security reseller Cygnia has revived its business with Osirium this year, having previously had a relationship with the vendor a few years ago.
Matt Locker, sales and marketing manager at Cygnia, said a combination of impressive appointments at Osirium along with growing market demand letdto the reformed partnership.
"We were engaged with them quite a long time ago and probably the timing wasn't right then for us and PAM," he said.
"We've just recently reignited with them this year so it's a new vendor in 2017 and two big parts are a couple of known quantities. Tim Ager has moved over to Osirium and we know Tim - he's a good guy in terms of looking after the channel - and they have signed Distology which is one of the distributors that we work with.
"What we see with new vendors is they can be around for a while, but it is waiting for that message to get through to end users and for those end users to realise they have a problem.
"Perhaps GDPR is something else that is driving it. For organisations it's about making sure that they have secure passwords and they've not left back doors open for contractors and other people to come in which is where this type of solution would fit in."
Distology
Osirium recently partnered with Distology as its sole distributor, with a focus on growing the partner base on its new partner programme.
Ager said the appointment of Distology may be considered quite unusual by some - with Distology typically focusing on younger vendors looking to make a name of themselves in the UK - but said that the rapid increase in interest in the PAM space has given Osirium the feel of a start-up.
"On paper it seems like a bit of a mismatch but actually for me it's a match made in heaven for a couple of reasons," he said. "PAM has historically been one or two large vendors that were doing it and did it successfully, but actually the rest of the market has caught up.
"Distology for me are what I would class as an absolute proper value-added distributor. They are not a fulfilment channel for us, they are not sitting there processing orders at five per cent, they are helping us to drive meaningful channel relationships based on a very clear strategy which is hopefully going to minimise competition and maximise reseller profit margins.
Hayley Roberts, managing director at Distology, said the distributor started to think about a PAM solution last year, when a number of its reseller partners started to ask questions about the technology.
"We're seeing a lot of our resellers ask about privileged access in the past year and at the time we were thinking ‘we haven't really got anything', but we were starting to see it because they were starting to have their customers ask about it - so this comes hand in hand with some of the identity issues that companies are facing," she said.
"Who is checking the guys that we give rights to? Who is checking the senior guys and who is checking the senior users?
"It's trying to work with solutions that will bring [those answers] to the table and I think Osirium have got a cracking solution in terms of the technology but the market perhaps wasn't quite ready for it. Now it seems to be waking up and without us doing a massive amount we have a lot of partners very interested in working for them and they like the fact that they are a UK company as well."
What the analysts say
Felix Gaehtgens, analyst at Gartner, explained that the UK, Europe and the Middle East is behind the US in terms of adopting PAM solutions.
He said that in the US enterprise adoption is well under way, with mid-market companies now starting to enquire, driven by the number of high-profile hacks on large corporations.
"Home Depot, Sony, Target - you hear about these hacks and the lack of management of privilege was a major contributor to these issues," he said.
"You can have a tank and barbed wire outside your building and put a guard there, but if you leave your back door unlocked or the window at the back open then what sense does it make?
"Many organisations have been very much clamping down on controlling access by regular users and they haven't really done the same level of job protecting privileged access.
"Privileged access very often by-passes regular security controls because you're logging in as the administrator or a super-user and if you don't control that really tightly then the risk is potential much higher."