CompTIA’s Partner Advisory Council and Vendor Advisory Council met this week on March 22 at the association’s Annual Member Meeting at the Fairmont Chicago Millennium Park. A highlight of the PAC meeting was a group discussion of IT security led by CompTIA’s Ken Presti that drew a lot of passion from those in attendance.
Presti asked the PAC, “What are the more common threats you’re seeing?” Matthew Hahn with SWK Technologies immediately mentioned phishing, and recommended performing phishing tests to prevent against it, as they’re a great indication of how educated end-users are and can lead to security sales. Another attendee agreed, saying that because companies spend so much money on security systems they don’t realize how quickly the human element can undo them.
Another attendee asserted that the fastest growing, most successful IT companies today call themselves security companies, but then admitted that the idea of doing so himself frightened him. Asked why, he said it wasn’t just a liability issue; it comes down to really being able to be representative of security.
Following up on this, Hahn shared that his company works with clients on HIPAA compliance but it can’t really tell people they’re HIPAA compliant. “No one can, because a goofball might walk in and mess up the system at any time,” he said. He added that the first step to take with any customer is to have them establish a document that states acceptable use of company devices. Hahn said he tells customers, “I can’t protect you if you’re not protecting yourself.
Paul Cronin, senior vice president and partner with Atrion, agreed with this and said, “You’ll find most clients don’t have a security policy.” Joe Infante, president of Dynamic Strategies, countered, “The problem is the IT department will then go write a policy that they can’t really implement.”
Cronin said he’s seen trained engineers touch systems and leave doors wide open afterward, and for that reason he challenges companies to ask themselves if every one of their engineers knows all their proper processes and procedures. He added, though, that the end result of educating customers on security is that they will turn around and ask IT security providers how secure they themselves are; “They’ll ask you, ‘Where’s your pen test?’”
Infante capped things off by saying, “Being a security expert is like being a weatherman. It might rain tomorrow; it might not.” And it did rain the next day at AMM in Chicago, so lock down your network!
In the VAC meeting later that day, Francois Daumard, vice president of global channel sales with AVG Technologies, led the council through a SWOT (strengths, weaknesses, opportunities, threats) analysis of the vendor space. The VAC had solicited SWOT items from its members beforehand for discussion. Strengths listed included the channel’s size and breadth, its consumers’ needs and new technologies. An attendee added that vendors’ abilities in risk reduction is another strength. Cassandra Anderson, director of channel sales with Crexendo Business Solutions, cited brand loyalty as a strength, pointing out that she put an Xbox sticker over the Apple logo on her laptop, which was open in front of her on the table, because, while she obviously chooses to use an Apple machine, she is still loyal to Microsoft software such as Office.
The VAC must view vendors as pretty strong, as the group spent a half-hour discussing its strengths alone. Moving along, weaknesses listed included an aging workforce, slow adoption of new technologies and a low barrier to entry, which means customer relationships are the primary advantage. The VAC also fears vendors stuck in a break-fix model. Opportunities listed included M&A activity, selling to millennials, adoption of recurring revenue, certification and new technology. One attendee said some vendors have an advantage as a “small local hero” not competing with big companies. Threats listed included a lack of understanding of the emerging cloud and IoT market opportunities. An attendee said the channel doesn’t move fast enough in moving to capture these.
Anderson pointed out that even large telecoms can become obsolete as the market shifts, adding, “Where is MCI now?”
Indeed, this MCI commercial from the early 1990s demonstrates how long gone the telecom is; three of the eight Star Trek actors in it are now dead.
