Practically every process and technology employed in the average business exposes it to some sort of vulnerability, from the collection of customer contact information to accessing the companies systems from a remote location. Just a single change in an organization’s policies (such as its record retention periods) or revision to its network protection could negatively affect their ability to meet certain industry or statutory compliance requirements. Many small businesses don’t have either the knowledge or ability to deal with those issues, and often struggle to implement the appropriate security procedures to minimize their exposure and related liabilities. That challenge, while formidable, creates a number of business opportunities for an appropriately prepared solution provider.
Though security is such a vital part of every business, VARs and MSPs have to balance protection measures with their clients’ multifaceted operational needs. The old method of locking down the data system doesn’t work in today’s mobile society, as companies shift their workforce to remote locations and open their infrastructure to allow greater collaboration. While BYOD and cloud services create new operations efficiencies for small businesses, each creates a new layer of vulnerabilities that have to be addressed. Either the organization has to hire or train their IT department to support these new technologies and their related security measures, or contract with a solution provider with those advanced skills.
Training Options
How can IT channel businesses get the training, knowledge, and tools they need to build a formidable security practice? Several options are available to meet the varying needs of VARs, MSPs and other industry contributors, including:
- Vendor-specific training: these programs typically address the technical aspects of the company’s proprietary security solutions, though some have expanded to cover greater protection needs. Participation in the organization’s partner program may be required, and fees may be involved, but the value of the acquired skills typically offsets any costs.
- Distributor programs: may augment or complement vendor training courses, including business training courses offered by industry professions (either facilitated by the organization itself, or through an intermediary such as CompTIA).
- Association/community training: member-driven organizations typically offer comprehensive training programs, encompassing everything from technical instruction to classes on building a security business practice. CompTIA IT Security Community members helped create a number of vendor-neutral education sessions and workshops, allowing solution providers to create and refine their own services portfolio. These IT channel courses have also been extended to the vendor and distributor community, allowing their partners to get the onsite training they need in a number of remote locations.
Create an Advanced Security Practice
In addition to practice-building tools and education, the community was instrumental in creating the CompTIA Security Trustmark, an IT business credential which identifies solution providers who have met a prescribed list of industry standards. The application and validation processes involved in acquiring the designation also helps companies recognize potential regulatory compliance gaps and address problem areas in their policies, processes and plans. The Trustmark allows solution providers to not only refine their processes and skills, but to promote their advanced capabilities to their customers and prospects using the program’s marketing materials and accreditation logos.
Members of the IT Security Community continue driving the creation of new business building resources, with several great discussions on tap during their next face-to-face meeting, July 30th during the CompTIA Breakaway conference. The group’s agenda includes work on several current and prospective initiatives, including new collaborative partnering opportunities and a number of compliance issues.
The latest technologies and services demand a secure and powerful network, connecting cloud solutions and other services to the people who use them. That growing reliance on internet connectivity and application availability increases the value of IT security professionals with the knowledge and skills to keep them connected. Solution providers, regardless of the vertical markets they support, need to up their game (beyond AV and basic security) to better protect their most valued asset: their clients. Are you up to that task?
Brian Sherman is founder of Tech Success Communications, specializing in editorial content and consulting for the IT channel. His previous roles include chief editor at Business Solutions magazine and industry alliances director with Autotask. Contact Brian at [email protected]