Business-driven security may help channel unlock innovation

Channel partners can expect to see business-driven security become a key theme for forward-thinking customers pursuing digital transformation; more news from the week.

Security, once considered a barrier to progress, could paradoxically prove the key to unlocking digital innovation.

Recent studies, including two released this week, point to security as a top concern for IT professionals as they look to transform their businesses and adopt computing approaches such as multi-cloud environments. Addressing security from the earliest stages of such projects not only allays management fears, but could contribute to the overall success of the initiative, industry executives contended.

The upshot for managed service providers (MSPs) and other channel companies: Be prepared to offer security as part of the package of technologies and services you provide on complex projects. Partners should also be ready to work with organizations that see security in a different light than what was typical of previous years. Indeed, a business-driven security philosophy has started to take root among forward-thinking enterprises.

"Ten years back, security was viewed as a cost center; it was viewed as slowing initiatives down," said TR Kane, cybersecurity principal at PwC and U.S. strategy, transformation and risk leader at the firm. "What we have seen … is really a monumental shift."

That shift is making cybersecurity personnel part of project teams, while the instinct of IT groups and business leaders may have been to work around the security team. Kane said CISOs are placing security team members from areas such as identity and access management, threat and vulnerability management, and security architecture into digital transformation projects "in which those cybersecurity areas are foundational to protecting the data or enabling a product or a service."

Security concerns

TR KaneTR Kane

To gauge the weight organizations now assign to cybersecurity, consider the following:

  • A report published May 15 by PwC pointed to cybersecurity as the top risk organizations face as they invest in digital transformation to modernize and build new capabilities. PwC's Digital Trust Insights survey polled more than 3,000 executives and IT professionals.
  • Data security and privacy emerged as the No. 1 digital transformation challenge in an Insight Enterprise Inc. survey of 400 IT professionals that was released May 13.
  • Cloud is at the forefront of many digital transformation projects and also serves as the foundation for AI initiatives. But security concerns persist. The 2019 SANS State of Cloud Security survey, released earlier this month, cited an increase in unauthorized access into cloud environments or assets.

The overall pattern illustrates how integral security has become to meeting overarching business objectives. The PwC report points to "business-driven cybersecurity" as the remedy. But organizations taking this tack represent 25% of PwC's survey respondents.

The majority of enterprises, meanwhile, may struggle with security-business integration.

Business-driven security challenges

Mike SprungerMike Sprunger

Mike Sprunger, senior manager of cloud and network security at Insight Enterprises, pointed to the example of the cloud, where organizations grapple with identity and access management and securing containers. He said organizations may misconfigure containers, leaving them "wide open with pretty sensitive data inside."

Sprunger said the business units that subscribe to such cloud services are often to blame. "They're not putting in enough effort upfront to see how their security architecture extends into the cloud," he said.

More often than not, a business unit develops cloud environments outside of IT or the IT group performs the cloud work without talking to the security team, Sprunger explained. The security group is seen as too cautions or a roadblock, he added.

The business units, Sprunger suggested, should work with security to make sure business data and applications are protected. But security teams need to change as well. Ideally, "the security role is receptive and a good partner to the business as opposed to being the department of no," he said.

The task ahead for consultants and service providers is to help the majority of enterprises catch up with the top 25% when it comes to embedding cybersecurity in business. Injecting security into projects, however, isn't the main obstacle in the path of business-driven security.

"That, tactically, is not hard to do," Kane said. "The biggest challenges we see is a cultural shift."

Intermedia intros co-branded reseller model

Intermedia, which sells cloud-based communications and collaboration through channel partners, has introduced a co-branded option for resellers.

Ten years back, security was viewed as a cost center; it was viewed as slowing initiatives down. What we have seen ... is a really a monumental shift.
TR KaneCybersecurity principal, PwC

The co-branding program is available for Intermedia's Unite product, a phone and communications system combining web and video conferencing, team chat, file sharing and backup, among other features. The company said the co-branding model adds another go-to-market choice for Intermedia resellers, which until now have had a private-label option. Intermedia said it also engages partners as commissioned advisors/agents, providing recurring commissions to companies that help Intermedia close deals.

"We are hearing from a lot of our partners that as they are getting into larger deals, they want to expose Intermedia and bring [its brand and credibility] into the deals to support them," said Jonathan McCormick, COO and head of sales at Intermedia, headquartered in Mountain View, Calif.

Moreover, McCormick said that the co-branding option lets channel firms from outside the voice and unified communications market position Intermedia branding in customer engagements.

Partners can select the co-branding model on a deal-by-deal basis, "depending on what they think will lead to the best outcome," McCormick added.

Panasas seeks channel sales growth

Data storage vendor Panasas this year is looking to derive more of its overall revenue from channel sales, according to a company spokesman.

The company has refreshed the Panasas Accelerate partner program to align partners with the 2019 sales strategy, wrote Philip Crocker, senior director of global channel marketing and business development at Panasas, in an email. Benefits of the Panasas Accelerate program include front-end discounts, deal registration and a demo system program to support partner-led proof-of-concept projects. Partners can also tap a 5% reward rebate for closing new accounts.

Crocker cited the release of ActivStor Ultra with the PanFS 8 file system as a source of potential growth for the company. "We are looking forward to working with our channel as we expand our global customer base and seize the new market opportunities addressed by this highly competitive product," he said.

Other news

  • Green House Data, a provider of managed cloud hosting and consulting services based in Cheyenne, Wyo., has acquired Deliveron, a DevOps development firm. The purchase lets Green House add DevOps capabilities to its cloud ecosystem and infrastructure management services. The acquisition also bolsters the company's Microsoft business. Deliveron is a Microsoft Managed Partner, while Green House is a Microsoft Gold Partner and Azure Expert MSP.
  • Arctic Wolf Networks Inc., a Sunnyvale, Calif., company that provides security operations center as a service, unveiled a 100% channel strategy and partner program investments. Selling its products and services exclusively through U.S. and Canadian channel partners will let the company capitalize on the market for managed detection and response (MDR) and vulnerability assessment, according to Arctic Wolf. The company's channel investments include a partner portal, a formal deal registration program and on-demand training.
  • 2nd Watch, a Seattle-based managed cloud provider, launched its Compliance Assessment and Remediation Service, which the company said assesses the compliance of an organization's public cloud against multiple security and regulatory standards.
  • Rackspace, a cloud services provider in San Antonio, is teaming with Telos Corp. to provide what it called affordable Federal Risk and Authorization Management Program (FedRAMP) compliance for SaaS providers. The program, Rackspace Inheritable Security Controls, uses Telos' Xacta, a cyber-risk management suite. Rackspace said the program "significantly shortens the time and reduces the cost" of obtaining a FedRAMP Authorization to Operate (ATO)." FedRAMP is a federal government program that certifies companies to provide cloud services to federal agencies. A cloud provider receives an ATO on the basis of a third-party security assessment. The process of obtaining an ATO can take more than two years and cost more than $2 million dollars, Rackspace noted.
  • D&H Distributing, a distributor based in Harrisburg, Pa., reported year-over-year revenue growth of 17% for its 2019 fiscal year, which ended April 30. Professional audio visual and cloud solutions saw the highest growth at 111% and 107%, respectively. Other expanding markets included network security, which grew 77%; PC gaming, which grew 41%; and premium notebooks, which grew 32%.
  • Distributor Promark Technology, a subsidiary of Ingram Micro, added Zadara Storage to its roster of technology partners. Under the companies' distributor agreement, Promark will offer Zadara's enterprise storage-as-a-service products to channel partners in the U.S., Zadara said.
  • WhiteHat Security, an application security provider based in San Jose, Calif., is partnering with Rural Sourcing Inc. WhiteHat will contribute its SaaS-based WhiteHat Application Security Platform, while Rural Source will provide its vulnerability remediation services. The combination addresses the challenges of DevSecOps, according to WhiteHat.
  • TitanHQ, a cloud security vendor, unveiled its new TitanShield Partner Program. The TitanShield program targets MSPs, resellers, cloud distributors, Wi-Fi providers, OEMs and technology alliance partners, the company said. Partner benefits include sales enablement, marketing support and deal registration.
  • SourceDay, a provider of cloud-based supply-chain automation products, named Emeka Obianwu as its senior vice president of alliances and channel. SourceDay also appointed Sarah Moore as its chief marketing officer.

Market Share is a news roundup published every Friday.

Dig Deeper on MSP business strategy

Cloud Computing
Data Management
Business Analytics