Just a few short years ago, protecting a client’s data was like building a moat around a castle. A circle of security kept all the systems locked down tight, with few things accessible outside a company’s intranet. To most, that may seem to be an extremely conservative (and naïve) approach from years past, but some organizations still follow that principle for guarding their infrastructure.
Of course, that strategy is a difficult one to defend in 2011. The onslaught of smart phones, tablets, netbooks and laptops have entered the business community like a steamroller. In addition to the advances in mobile devices, cloud computing has quickly gained acceptance in the SMB space and making rapid gains in enterprise organizations.
These advances in technology allow workers to access the information they need from virtually anywhere there’s an Internet connection—if their company’s IT policies allow it. And progress on the mobility security front is slowly breaking down the resistance of CIOs and small business owners. That doesn’t mean that organizations can just upload basic data and web protection and feel completely safe from viruses and malware. But with the aid of a qualified IT security solution provider, businesses can be assured their systems will be monitored and protected with a high-degree of confidence.
Mobility and cloud security have made tremendous strides in the past few months, with a number of significant service and program introductions recently. In this week’s news, several announcements highlighted how far the industry has come, including new offerings from Trend Micro, Symantec and McAfee. Is this a signal that these security services are reaching the point of commoditization, or does this news highlight the incredible new solution (and revenue) opportunities in the IT channel?
Laptops and the original smart phones were the first devices to breach that “organizational security moat” around business networks. In many cases, the executive team led the push for adoption of mobility devices, seeing the value of accessing and updating their information while travelling. These devices allow them to better manage their organization and make critical decisions around the clock, from work, home of on the road. But getting that access required some revisions to company security policies, which typically only happens when there’s support from above.
Only 37 percent of U.S. small businesses have employee policies or guidelines for the use of mobile devices, according to a survey sponsored by Symantec and the National Cyber Security Alliance (conducted by Zogby International). Smart phones, tablets and laptops are more vulnerable than computers located inside the organization’s firewall, but many companies are still not adequately addressing that concern—or doing anything about it at all.
That’s a great opportunity for solution providers with an expertise in mobility security, allowing them to gain a foothold with new clients. With the right portfolio of products and services, they can offer comprehensive protection for any device a company wishes to employ. That is also where new vendor offerings and enhancements to existing security platforms come in to play; they give VARs and MSPs a variety of choices to help solve the specific infrastructure needs of each of client. A number of those portfolio improvements were announced this week.
Trend Micro started off the news by introducing enhancements to its mobility security portfolio, including upgrades to endpoint security, mobile security and endpoint encryption. Without going into product specifics, each update is intended to provide greater protection of an organization’s sensitive data—no matter where it’s located. For example, Trend Micro™ Mobile Security now supports a number of consumer-oriented devices that employees (and management) have adopted, including Apple iPad and iPhone, as well as Android and Blackberry devices. Enhanced encryption methods allow solution providers to secure sensitive corporate data on laptops, USB drives and removable media as well.
McAfee announced several mobility initiatives of its own earlier in the month, including a partnership with LG to extend security technologies to a number of Android-based smart phones and tablets. On the heels of that news, the company introduced several new protection initiatives and offerings, including endpoint security management with its Deep Defender and ePO Deep Command
While mobility security continues to be a concern for small business customers, a bigger concern for many organizations is how to minimize the threats associated with cloud computing. The benefits of SaaS/cloud are just too great to ignore, but not every company is comfortable with the protection it offers for their confidential data. Solution providers may not be able to address every apprehension their clients may have to this application delivery system, but they can help minimize the network and Internet concerns.
Successful IT security firms offer a comprehensive portfolio of web and network security solutions, with complementary consulting and support services. The greatest value a solution provider can bring to their clients is a full risk assessment of their network, policies and desired cloud services. The vendors offer a number of products and services, but it’s typically up to their partners to implement and support them.
How does a solution provider get the tools and training needed to support these specialties within the security field? Consider joining the CompTIA Security Community to engage with a variety of IT security professionals who are experienced in this specialized field. Goals of this collaborative group include the development of security-specific best practices, education programs, industry standards and member-driven initiatives. Access to experienced security peers and a treasure trove of related resources is invaluable, offering solution providers a fast track to building their new practice.
Of course, if you’re ready to take your security practice to the next level, the CompTIA Security Trustmark is a great option. This business credential was enhanced for 2011 and creates a significant differentiator for those who complete the validation process. It’s one more way to help clients fill in that “security moat” and take advantage of today’s business-enhancing technologies.
Brian Sherman is founder of Tech Success Communications, specializing in editorial content and consulting for the IT channel. His previous roles include chief editor at Business Solutions magazine and industry alliances director with Autotask. Contact Brian at [email protected].