Security continues to evolve under pressure, both from increasingly sophisticated threats and from changes in the IT environment that demand re-evaluation of current solutions. In recent years new threats have arisen from areas such as social networking, with more attacks being made by sophisticated criminal groups rather than by individual hackers.
IT infrastructure has, meanwhile, evolved toward virtualisation and cloud computing, both of which can have important repercussions for security requirements. At the enterprise level, these issues have led to a re-evaluation of security infrastructure. But smaller businesses, faced with the same threats, have less in-house expertise and less money. This has led to proliferation of Unified Threat Management (UTM) appliances and managed services, both of which can provide features that have come to be expected at the enterprise level, but with easier and less costly implementation.
For resellers, security is a tricky area as the requirement is inherent in every IT product and service. It can be complex and requires special expertise. However, for those entering into this sector, there are opportunities to develop a consultative relationship that will lead to continued business.
Symantec is a leading security company offering a broad portfolio of products and services designed to assist organisations to secure and manage their information. “Key security hazards for local SMBs today include maintaining the security of information and hardware against a growing variety of threats,” says Pacific region director Steve Martin.
With recent advances in the sophistication of threats, many remedies that were once adequate no longer provide small businesses with reliable protection. A recent Symantec survey showed there is a low adoption of basic security measures. Thirty-four percent of SMBs here do not have an endpoint protection solution and 53 percent don’t have a desktop backup and recovery solution.
“Antivirus security products are simply no longer adequate,” says Martin. “SMBs today require protection against new kinds of spyware, malware and spam. Multiple measures are required to ensure they are accurately identifying and addressing risks and providing consistent protection.”
New threats are beginning to emerge. “We are seeing spammers use Twitter as bait to lure victims into a phishing trap,” says Martin. “Phishing will likely continue to expand its reach into social networking and online gaming brands, as they provide an opportunity for expanded social engineering attacks. Attackers continue to shift away from mass distribution of a small number of threats to micro-distribution of millions of distinct threats.”
The global economic crisis has also been the basis of many new attacks in 2009. Attacks have included phishing and spam attacks targeting the unemployed. Social networking sites remain a popular target for phishers. Spam levels continue to rise, with malicious activity still mainly web-based. Many attacks are launched against users who visit legitimate web sites, which have been compromised to redirect users to sites that serve malicious content.
Fortinet is an international company offering UTM appliances, ranging from solutions for home office environments, through to solutions for the largest telecommunication companies and enterprises. “UTM appliances offer a single unified feature-set and include antivirus, antispam, web filtering, WAN acceleration, bandwidth management and VPN capabilities,” says South Pacific systems engineering manager Nelson Da Silva.
“Consolidating multiple security functions into a single solution is generally much less expensive, which has meant unified threat management appliances have seen a lot of interest from small businesses. Managing IT security can be a specialist task and many small businesses find it difficult to protect themselves properly. As a result, another trend is for smaller businesses to work with resellers that offer outsourced managed security services.”
Recent developments in the datacentre have resulted in “security teething issues” for some businesses implementing virtualisation. Many IT security systems that are already installed in businesses simply cannot adequately deal with the demands of a virtualised environment. In implementing virtualisation, it is important to carefully examine the way security measures will need to be adapted.
“Among current issues, email-based threats are still a major concern, but website-based malware attacks are now very serious,” says Da Silva. “There is also a much stronger likelihood of businesses facing serious threats relating to their employees accessing Web 2.0-based sites, with Facebook and Twitter already regularly being used by criminals as conduits for security threats.”
In the current environment, cost is an important factor. “When a small business has to renew separate, expensive support contracts for their firewall, antivirus, VPN and website filtering, these costs can quickly become a major chunk of the IT budget. Businesses are often able to dramatically reduce their ongoing security costs by implementing a unified solution. In some cases, the solution can pay for itself in savings in as little as six months.”
Resellers need to ensure that customers are aware of the issues and able to take appropriate action. To aid in this, Fortinet has a tiered partner accreditation programme, with additional specialisations for managed security services. “Partners offering Fortinet are able to make margin from both the initial sale and the sale of ongoing FortiGuard security subscription services,” says Da Silva. “In addition to resellers already focused on networking and security solutions, we are interested in hearing from systems integration companies specialising in software application solutions for their clients.”
Astaro is an international company focusing upon a unified appliance security solution. It offers a secure mail gateway, a secure web gateway and a full UTM solution called the Astaro Security Gateway.
“The SMB sector often has greater concerns than a large enterprise, because they lack the manpower and resources that a large enterprise has,” says Astaro’s vice president of sales for Asia Pacific and Japan, Guy Coles. The threats are the same for all. SMBs don’t have the manpower to manage five or six different appliances. An integrated, self-managing solution can provide a strong solution in a single appliance.”
Recent developments have included a growing emphasis upon SaaS and cloud computing, which can introduce new threats. “SaaS/cloud can complicate security as access can be from almost anywhere, rather than being controlled behind the company firewall,” says Coles. “A UTM solution that is properly set-up can minimise the risk to businesses and help to take some of the ‘haze’ out of the cloud.
“The threats continue to grow daily,” says Coles. “The biggest security hazard is to do nothing and assume that your desktop A/V is going to protect you from everything.
“For a small business, the best practice is to engage with a channel partner that specialises in security and be guided by their recommendations,” says Coles. “Unless they have an IT department full of security experts, they will find it difficult to defend themselves adequately. This provides an opportunity for resellers.”
For resellers, education is critical. “Astaro offers regular training to its channel partners to educate them so they can add true value to the customer,” says Coles. “When the reseller becomes a trusted advisor rather than just a place to buy stuff, then they add true value as well as a complete solution.”
RSA is the security division of international IT services giant EMC. “As threats to information and computer networks continue to evolve, SMBs must assess their risk and mitigate these risks by putting into place effective security measures across their IT infrastructure,” says information security specialist, Francois Marais.
“Key areas of concern continue to be the protection of business and customer information within the IT infrastructure. However, the threat from portable data devices such as memory sticks, which many workers use, is also worth reviewing for smaller businesses.”
New services have created a range of additional threats. One is cloud computing. “Unfortunately, some businesses are rushing in to cloud-based services without putting the necessary security protocols in place,” says Marais. “A recent IDG study commissioned by RSA, revealed a significant gap between the speed at which organisations are adopting new connectivity, collaboration and communication technologies and their readiness to deploy them securely.”
During 2009, there have been some large-scale threats, such as the Conficker worm. But most SMBs in this country are likely to be effected by data theft by employees, by the “back door” via data sticks and PDAs. There is also the threat from online crime that is constantly evolving. RSA runs an Anti-Fraud Command Centre that has shut down more than 165,000 phishing attacks to date.
“Resellers need to know what customers require to protect their businesses,” says Marais. “RSA can keep resellers informed about the evolution of the threat landscape and the types of attacks and trends within the fraudulent activity. We can also offer resellers the tools to sell to customers to protect them.”
Blue Coat is an international network security and optimisation specialist. “One of the biggest markets in New Zealand for Blue Coat is in secure managed services,” says ANZ channel director Peter Owen. “There are many New Zealand companies that don’t have the scale to justify the cost of purchasing and owning the infrastructure themselves, and the channel can effectively provide for this through managed services.
Blue Coat offers managed secure services and managed WAN optimisation. The managed services route provides value and lower operating costs to the customer, while also increasing profitability for the reseller.”
Within the small business area companies are at all different levels of security awareness. “Resellers that can teach customers and demonstrate the value of security tend to find they have repeat business with the SMBs, as clients go through different stages of technology maturity,” says Owen.
There are two main elements that resellers need to look at in working within this market:
The customer needs to be aware of, and understand, their requirement for security.
Once a security need has been defined, it is important to look at the details of what is required. Usually, only a few key areas need to be addressed.
“There has been a huge change in the source of threats,” says Owen. “The web has never been more untrustworthy. A particular issue to be aware of is that websites that were rated as “good” have “bad” content (malware) injected into them, so that threats are typically coming from “trusted” websites. This means the effectiveness of a secure web gateway solution is paramount.”