When it comes to locking down your customers’ networks and critical data, the end goal is to prevent any intrusions or information loss. Obviously, with all the nefarious characters wreaking havoc on the Internet and sharing ideas on how to penetrate the various security measures that businesses (and individuals) employ, that’s objective is getting harder to accomplish. For every new threat prevention method, the bad guys seem to create multiple ways to get around them. It’s more than a game to them, it’s a mission.
Practically every process and technology employed in the average business exposes it to some sort of vulnerability, from the collection of customer contact information to accessing the companies systems from a remote location. Just a single change in an organization’s policies (such as its record retention periods) or revision to its network protection could negatively affect their ability to meet certain industry or statutory compliance requirements. Many small businesses don’t have either the knowledge or ability to deal with those issues, and often struggle to implement the appropriate security procedures to minimize their exposure and related liabilities. That challenge, while formidable, creates a number of business opportunities for an appropriately prepared solution provider.
Though security is such a vital part of every business, VARs and MSPs have to balance protection measures with their clients’ multifaceted operational needs. The old method of locking down the data system doesn’t work in today’s mobile society, as companies shift their workforce to remote locations and open their infrastructure to allow greater collaboration. While BYOD and cloud services create new operations efficiencies for small businesses, each creates a new layer of vulnerabilities that have to be addressed. Either the organization has to hire or train their IT department to support these new technologies and their related security measures, or contract with a solution provider with those advanced skills.
Training Options
How can IT channel businesses get the training, knowledge, and tools they need to build a formidable security practice? Several options are available to meet the varying needs of VARs, MSPs and other industry contributors, including:
- Vendor training: these programs typically address the technical aspects of the company’s proprietary security solutions, though some have expanded to cover greater protection needs. Participation in the organization’s partner program may be required, and fees may be involved, but the value of the acquired skills typically offsets any costs.
- Distributor programs: may augment or complement vendor training courses, including business training courses offered by industry professions (either facilitated by the organization itself, or through an intermediary such as CompTIA).
- Association/community education: member-driven organizations typically offer comprehensive training programs, encompassing everything from technical instruction to classes on building a security business practice. CompTIA IT Security Community members helped create a number of vendor-neutral education sessions and workshops, allowing solution providers to create and refine their own services portfolio. These IT channel courses have also been extended to the vendor and distributor community, allowing their partners to get the onsite training they need in a number of remote locations.
Create an Advanced Security Practice
In addition to practice-building tools and education, the community was instrumental in creating the CompTIA Security Trustmark+, an IT business credential which identifies solution providers who have met a prescribed list of industry standards. The application and validation processes involved in acquiring the designation also helps companies recognize potential regulatory compliance gaps and address problem areas in their policies, processes and plans. The Trustmark allows solution providers to not only refine their processes and skills, but to promote their advanced capabilities to their customers and prospects using the program’s marketing materials and accreditation logos.
Members of the IT Security Community continue driving the creation of new business building resources, with several great discussions on tap during their next face-to-face meeting, August 3rd during the CompTIA ChannelCon 2015 conference in Chicago. The group’s agenda is loaded with discussions around the latest protection concerns, industry initiatives and a number of compliance issues.
ChannelCon has a number of IT security training sessions available as well, including Executive Certificate courses for those looking to not only advance their expertise and improve their professional standing with prospects and clients. Be sure to register and get your travel plans in place today!
