Spotting trends in security and adjusting accordingly can help security solution providers survive and even thrive....
In this podcast, we interviewed Jerry Jalaba, vice president of channel sales at Boulder Colo.-based Webroot Software Inc. Jalaba discusses his company's top three predictions that will impact security solution providers, and suggests two strategies that solution providers should be doing now to grow their IT security business in the next 12 months.
Read excerpts from our interview with Jerry Jalaba, below, or listen to the full podcast.
You must have Adobe Flash Player 7 or above to view this content.See http://www.adobe.com/products/flashplayer to download now.
Download for later:
Predictions guide strategic advice for successful IT security business
• Internet Explorer: Right Click > Save Target As
• Firefox: Right Click > Save Link As
Your first prediction that will impact security solution providers is that mobile devices will be an attractive target for attackers. That sounds like a good opportunity for security solution providers to expand services in their IT security business. How should security solution providers approach the project of managing the risks to their customers' mobile devices?
There is a great opportunity for value-added resellers to help their customers understand all the types of risks to their mobile devices. I don't think customers really have a good appreciation of this. Nor do they have the expertise to understand what the implications can be for their environment. The opportunity is to help customers put together a comprehensive solution to protect the mobile devices in their organization.
Having depth and expertise
in one area helps
security solution providers
get more visibility.
With desktops and laptops, you could put in an endpoint solution and get reasonably good protection, but that is no longer the case with mobile devices. The hackers are so much more sophisticated and the malware element is getting so complex that many customers are having a difficult time getting their arms around it.
Your second prediction is about increased security problems related to social networking by employees at work. What's the opportunity for security solution providers here?
One of the interesting things we're seeing is that most devices in an organization, whether desktops, laptops or mobile devices, are serving a dual purpose now, by employees using them for work, as well as for personal business. What we saw was that companies tried to block the social applications. But blocking them is no longer an acceptable avenue, because many of these applications have become business tools. Because of this, there's a great opportunity for the VAR to help customers understand the threat landscape and guide the right level of protection.
Your third prediction is really a prediction about the solution provider community itself. You're predicting consolidation in the security solution provider industry. What can you tell us about this?
We're seeing a number of more successful VARs have been able to continue to grow their business. This has to do with providing services up-front to help the customer understand their threats. Some of the companies have gotten much better at it, and have also looked at other strategies for growth. We've seen consolidation at the top. Some of the larger VARs have acquired smaller companies that are actually doing well on a regional level. It's more of a partnership than an outright acquisition. There was a myth that a lot of the smaller companies were undervalued and struggling. But what we are actually seeing is the larger solution providers that are acquiring smaller ones are really being very selective and looking for focused, very successful companies that, combined with their company, gives them much greater skills and a broader set of services.
If a solution provider is not planning to be acquired, or does not want to be acquired, what should they do to survive and grow this year?
There are two things that security solution providers can do to grow and enhance their business. First of all, the more successful solution providers we have seen have become much more consultative and have made more of an investment in understanding security assessment. They really try to focus more on being a consultant to the client, providing more consultative work. Some do this as a fee-based service, some do it as a preamble to them going back later and selling tools.
The second area is providing a specific specialty area of expertise, where they are an inch wide but a mile deep. You can be a generalist as a security specialist, but having depth and expertise in one area helps security solution providers get more visibility. They can market their skills at various events and build up a little name recognition for that area of expertise.