That’s the position many businesses are in when it comes to cloud and security services. The prospect of accessing and backing up critical business systems via the Web seems contrary to previous network safety warnings. Cloud and mobility services go against everything they’ve been taught when it comes to security, yet the benefits from these technology delivery systems are so compelling, more and more companies are willing to take the risk. That’s where solution providers can profit, by alleviating some of the angst and many hazards.
That discussion was prevalent at this week’s RSA Conference, with experts and vendors touting the latest options and methods available to ensure a secure cloud services experience. Creating a safe virtual computing environment requires the implementation of a series of innovative cyber defense measures, from intrusion prevention to proactive remediation options. These security steps need to be implemented by both the businesses that offer cloud solutions and the companies that use them. Though the vendors’ responsibilities may be higher, ensuring they follow industry standards such as SaaS 70, the consumers of these services need to ensure their networks and systems are properly protected as well. That’s where solution providers can help, which were highlighted in several reports from the RSA Conference.
Traditional Security Measures Will Fail
Even when businesses employ a full suite of antivirus and intrusion protection applications, their infrastructure and data may not be safe. As outlined by RSA’s Executive Chairman Arthur Coviello in his keynote address, today’s security technologies must be multi-faceted and significantly more proactive than the systems used just a few years ago. Even if risk can’t be eliminated completely, solution providers can manage the greatest threats through frequent assessments and prioritization. After identifying the true concerns for their specific clients, VARs and MSPs can adjust their current security practices or adapt new technologies that address those potential issues. Risk-based management helps providers focus on the particular threats concerning their customers, rather than a ‘one-size-fits-all’ approach that could leave serious gaps in protection.
Coviello made several other suggestions to companies (and solution providers) that are adding cloud and mobility to their infrastructure.
- Employ a single security platform. Using a central dashboard or management portal makes it easier to monitor and defend multiple client sites, as well as cloud and mobility solutions
- Reduce complexity. Eliminate "patchwork systems" that don’t provide active intelligence, such as trends in specific intrusions and network alerts.
- Proactive monitoring. Employ context-awareness measures that look for specific activities, such as network anomalies and unusual user behaviors (which may appear harmless).
Sell Support, Not Fear
Solution providers don’t prosper by scaring their clients, but by offering them the options to properly secure their businesses, as CRN’s Kevin McLaughlin pointed out in one of his RSA articles this week. The media covers hackers and security lapses on a continual basis, so business owners are typically aware of the threats. By addressing their specific company’s concerns or industry compliance issues, providers can have a good conversation without looking desperate for a sale. That not only builds trust, but often leads to a more successful long-term client relationship.
Security technology is complex enough without making the sales process more difficult. The IT Security Community will surely be discussing issues like this during their group session at the April 10-12 CompTIA Annual Member Meeting. If you’re interested in improving your security practice through best practices and access to new business building tools and education, this is place to be.
Brian Sherman is founder of Tech Success Communications, specializing in editorial content and consulting for the IT channel. His previous roles include chief editor at Business Solutions magazine and industry alliances director with Autotask. Contact Brian at [email protected].