Managing security services in a recession
Resellers need to overcome their fears and embrace managed services more than ever, says Dave Abraham
Abraham: Secure your future with managed services
There is a general view that investment in IT security will hold up. That is good news for security resellers. In fact, most organisations accept that they need to be more vigilant to avoid exposure to increased attacks and exploitation.
Add to this the growing burden of compliance and legislation and it is difficult to see how budgets can be reduced without compromising security.
Having said all that, resellers cannot simply rely on selling more products or systems. IT directors will find it increasingly difficult to get security spending plans that require significant up-front investment signed off.
But there is another way for resellers to turn a problem into an opportunity: hosted or managed services.
For resellers, the regular, ongoing revenue stream and the chance to stay close to the customer are compelling in themselves. With minimum installation and deployment costs and fixed monthly fees that can be scaled according to requirements, a managed service makes it possible for resellers to deliver better security and protection without imposing the up-front pain.
For end users, a properly managed service eliminates the need to employ specialist in-house skills, and frees up staff to focus on core business challenges.
However, using managed services means customers are putting their trust and reputation in the hands of the service provider.
If something goes wrong, the buck may well stop with them. Although many end user organisations have embraced hosted software, outsourcing security in particular can worry the boardroom.
Managed Security Service Providers (MSSP) have to provide the highest levels of security, reliability and control. It is now possible to put together a complete security solution combining well-proven managed services from different providers.
For example, you can take web and email filtering and email archiving from Webroute or Messagelabs, intrusion detection and vulnerability testing from Qualys, or laptop disk encryption from AlertSec.
Today, a new services channel model is emerging; one that accepts that the integrator is central to delivering integrated managed services to the mass mid-market.
The shift is away from traditional system integrators that deliver solutions built from hardware and software products, to service integrators that integrate a complete suite of in-house and third- party services and offer end users a complete, fully managed service-based solution.
As a result, many systems integrators such as 2e2, Serco and DataConnect are increasingly becoming service integrators that can concentrate on meeting customer needs while relying on the MSSP to build and deliver reliable and secure, non-stop 24x7 services.
In the case of delivering a two-factor authentication managed service, this means not simply running the service infrastructure but also providing all the automated, 24x7 policy-based procedures, logistics and support that are essential to keep remote users happy and the customer satisfied and secure.
There will always be customers who want to do it themselves. But for those who see the true benefits of outsourcing specific security functions to specialist providers, there is a real opportunity for resellers to deliver managed solutions.
And with no immediate end to the lack of credit facing many businesses, managed services help companies that realise they simply cannot afford to compromise on security.
Dave Abraham is chief executive officer at Signify