5 Channel Ops: Security Roundup, Ingram Micro Shows Partners The Money
Cloud Partners paid off in new product announcements — and for military families.
September 25, 2015
Lots to cover today, seeing as last week’s roundup was preempted by a very successful Cloud Partners event here in Boston. There were many highlights, but a particular shout out goes to Telecom for Change. The group held its third major fundraising event, Casino & Cocktails, in tandem with the show and raised $75,000 for Fisher House Boston, the local affiliate of a nationwide charity that supports military families and veterans seeking medical treatment in nearby hospitals. That represents a lot of hard work by volunteers, and a lot of generosity within our channel community.
“This was a record-breaking event for us both in terms of attendees and donations,” says Angie Tocco, co-founder of LanYap Networks and an event organizer. “One year ago this month Telecom for Change hosted its inaugural event in New Orleans. Now, after three large-scale events and several smaller ones in between, we have raised a total of $162,000 for grassroots charities. With each consecutive event, our momentum grows exponentially. The word is getting out within the channel community, and both partners and carriers are increasingly approaching us with interest in getting involved. In an industry that can often seem contentious, it was moving to witness carriers, agents and master agents alike coming together for a common good.”
The group’s next big event will coincide with the Channel Partners Conference & Expo in Las Vegas.
Black Duck Makes Security Waves
Besides hosting this year’s show, the Boston area is home to some hot technology firms. News hit during the event that Black Duck Software received the 2015 Innovative Security Technology of the Year award from the Massachusetts Technology Leadership Council. Earlier this year, Black Duck named Kevin Bland channel director. Previously Bland was Citrix’s director of channel and alliances in northern Europe. The company also announced an initiative to increase enterprise adoption of containers by solving some of the security problems that have held the technology back.
Containerization can benefit partners in three main ways (for a technical overview, check out Azure CTO Mark Russinovich’s blog).
First, realizing cost savings for customers — it’s likely that open-source containers will do to proprietary VMs what server virtualization did to hardware vendors. No wonder VMware and Microsoft are putting forth plans; vSphere Integrated Containers and Photon and Windows Server Containers and Hyper-V Containers, respectively. Even Cisco is on board via a deal with Red Hat. And it’s not just software licensing; containers use physical resources much, much more efficiently than VMs because they share an OS kernel.
Second, you know all those legacy applications that you keep nursing along? In its 2Q15 enterprise application software report, Gartner says that by 2020, 75 percent of enterprise apps will be custom-built instead of COTS. For digital businesses, code is a differentiator. When the time finally comes to replace a customer’s circa 2002 application, ensure that it will run on public or private cloud infrastructure or a mix. Containers can do that. And finally, containers are flexible. You really can write once and run anywhere. They continue the job of disaggregating software from hardware that VMs started. Still, as with VMs, adoption has been held back by security worries, particularly the concern that container isolation isn’t as strong as among hypervisors. Container-hopping could happen if an attacker penetrated the host OS or another container, for example. That’s one reason VMware’s Photon allows individual containers to run in a micro-VM with a thin OS, thus trading some size efficiency for security. Container sprawl is also a real possibility.
Back to Black Duck. The company’s Hub product automatically finds all of the open-source code running in a customer’s infrastructure and detects known security vulnerabilities. It also alerts on newly discovered flaws that impact inventoried code. CEO Lou Shipley said in a statement that in recent weeks Black Duck’s engineering team has done extensive security testing on scores of containers and “the results in terms of the known open-source vulnerabilities we found show that enterprise wariness is justified.”
The company launched a site — www.securecontainers.com — on which it will share content around container security. “Over time we envision the site being a clearing house for valuable information that will enable delivery of secure containers,” said Shipley.
I asked channel chief Bland how Black Duck is attracting partners. He pointed to more use of open-source software in an increasingly dangerous and regulated world.
“Managed service providers and resellers looking for a unique value proposition, and a differentiator to their competitors, have the opportunity to educate their customers on how they can take full advantage of the benefits of open source and still ensure excellent application security,” he said.
Besides standard upfront product margin and services-revenue opportunities, Black Duck has a deal-registration program that reward partners who proactively work with customers.
“This differs from many programs that are designed to reward the fulfillment partners, but fail to acknowledge and reward them for sales efforts and resources devoted to creating such opportunities,” he said. “In addition, Black Duck is looking to its partner network to build our products into managed service offerings.” The company is actively looking for partners with security expertise as well as code-quality partners, security resellers and managed services consultancies.
PLUS: AWS Partner Network premier consulting partner 2nd Watch has been certified for the Docker Authorized Consulting Partner Program.
Ingram Micro Offers New Financing Options
Ingram Micro, with Lending Club, outlined this week three new financial services programs designed to improve cash flow for qualified U.S. channel partners and, hopefully, shorten the sales cycle.
Ingram Micro Lending Club is focused on providing capital to partners serving SMBs. The new program offers access to an unsecured line of credit with flexible payment options and term business loans up to $300,000.
Ingram Micro NOWaccount is a capital access program that helps channel partners offer customers extended payment terms.
Ingram Micro Lease-IT is a refreshed Ingram Micro-branded leasing program that helps partners offer more flexible terms.
Ben Stiegler, VP of business dev, NorCal, for SynerTel, a division of Premier IT, told me he welcomes the new options.
“Cash flow is definitely a key enabler-slash-death threat for MSPs and IT firms that engage in any significant project work,” says Stiegler. “We have always put leasing on the table for each project we propose, making in-house infrastructure upgrades – servers, switching, storage, printers, wireless APs, workstations – closer to an IaaS model, while retaining the tax benefits of ownership and depreciation and generally offering a lower TCO than a pure IaaS offering. We try to make clear the message that we are not designed or equipped to be a bank … but we have strong partners that can help our clients manage cash flow.”
The Lending Club offering could help MSPs finance internal growth, open branch offices or purchase service vehicles or inventory, but it’s the NOW program that caught Stiegler’s attention.
“The brochure says it’s not factoring, but it looks like factoring to me – with a very reasonable rate card,” he says. “I can think of several situations where this would have been excellent to have in our tool bag over the past years.”
A keynote panel at the recent Cloud Partners show offered seven building blocks to bridge the gap to a subscription-based recurring revenue model, and other vendors and masters are stepping up. Panelist Rick Ribas, vice president of partner sales-East for Intelisys, says his company launched some similar programs a few years back and currently has just over $3.2 million on loan to its channel partners, mostly in fast capital but also via advanced compensation.
“In lieu of the partners waiting five-plus months, we pay them within two weeks, we take the risk and true it up over three years,” said Ribas. “It’s been hugely successful.”
Aspiring CSPs take note: “While these programs are geared for all Ingram Micro partners regardless of their mix of on premise or cloud practices, any program that frees working capital or increases credit capacity will benefit their business,” says Jason Bystrak, Ingram’s executive director, cloud, for North America, who also sat on the panel.
While partners can use these to plug P&L gaps in their transformation to cloud, Bystrak also pointed out programs specificly to build the bridge to cloud.
“One example is the ‘free 30 days for Microsoft CSP,’” he says. “This is designed so the partner invoices the end client starting in month one, but does not pay us until month two, creating additional free cash to improve their financial performance.”
Splunk ITSI, Enterprise 6.3 Launch
If you’re unfamiliar with Splunk, check out my recent Q&A with its channel chief, Emilio Umeoka, or ask your favorite network admin or CISO. The company is forging some interesting partnerships (Cisco, Arrow) and purchases (Caspida) and this week released an update to its flagship product as well as an IT Service Intelligence offering that’s a natural for providers that monitor customer network health and KPIs, on premises or in the cloud.
Splunk ITSI combines both high-level monitoring and deep-dive troubleshooting and analytics and is available as either software or a cloud service.
“Traditionally, the end-to-end performance of systems and apps supporting digital strategies is difficult for the business team to monitor against SLAs and KPIs they have established without bolting this view together with a variety of products,” said Maureen Fleming, vice president of BPM and middleware research at IDC, in a statement. Vodafone is a current reference customer and is using ITSI to provide dashboards and reports tailored to line-of-business management, service owners and security teams.
In addition, the 6.3 version of Splunk Enterprise is designed to be useful for developers, beyond the traditional admin team, and to monitor Internet of Things devices while slashing the volume of hardware needed for an on-site deployment. Splunk Enterprise 6.3 can be deployed on-premises or in the cloud, as the cloud service Splunk Cloud, or in a hybrid model. Among the new features are anomaly detection, geospatial maps for location-based insights, support for a standard HTTP/JSON API, custom alerts to trigger actions in business and operational systems, and data-integrity controls for customers with compliance mandates.
For security-focused partners, Splunk also released this week Splunk User Behavior Analytics, which uses machine learning and behavioral analytics to detect hard-to-spot security issues, such as insider threats and compromised credentials, and Splunk Enterprise Security 4.0, which uses analytics for breach detection and response.
Microsoft Officially Releases Office 2016
If you work with Microsoft and don’t yet offer its products in an as-a-service model, expect a renewed round of … encouragement. Office 2016 is all about online collaboration — and ongoing subscription revenue. The litany of new features, from better Skype integration and real-time co-authoring in Word to integrating the Cortana virtual assistant with Outlook, drive that point home. In his blog announcing the release, Satya Nadella cited a variety of business drivers, including one large U.S. metals company that implemented Dynamics CRM Online and Office 365 and saw lead conversion rates grow from about 2 percent to 30 percent.
Microsoft is pushing hard for partners to sell cloud and subscriptions; Redmond Channel Partner runs down the carrots being offered to partners, including throwing in free e-mail migration for new Office 365 customers with more than 150 seats. There are sticks, too — notably extending incentives to Microsoft’s own consulting teams.
If it’s migration complexity holding you back, we’re working on that. Watch for an announcement on Channel Partners’ first live learning lab, which will give attendees at our March 16-18 Big Show a chance to tuck into multiple migration tools on a standard testbed, with real-world data. If you want more details, drop me a line.
NTT Joins AT&T, Verizon In IDC Leaders List
I had an opportunity this week to ask Kevin Goodman, NTT America’s Senior Director of Strategy, and NTT America Channel Lead Rob Westervelt about the progress of the company’s Global Solutions Channel Partner Program, which just marked its one-year anniversary, and how the program will evolve in its second year. Watch for more on our interview next week.
One success for the company, announced as Cloud Partners kicked off, is its placement in market research firm IDC’s new MarketScape assessment of 10 global enterprise WAN data service providers. IDC positioned AT&T, BT Global Services, NTT Communications, Orange Business Services and Verizon as leaders in the space for 2015. CenturyLink, Level 3, Tata Communications, Telefonica and Vodafone Group Enterprise were identified as major players. IDC said in a statement that this MarketScape is the industry’s first evaluation of global communications service providers’ advanced enterprise WAN data services, such as Ethernet and MPLS VPNs, and newer services such as enterprise cloud connect and data-center interconnect. IDC also considered how CSPs are adopting SDN and NFV technology and their global coverage reach.
Partners looking for service providers that can help them serve customers with locations outside the United States may want to check out the report for buying criteria.
Dell, Effortless Add Security Tools
Though barely scraping through math for liberal arts majors thwarted my destiny as an infosec engineer, I admit to being a security nerd. Luckily, channel-friendly vendors are able to find that expertise:
Dell released this week version 7.0 of its One Identity Manager. Identity and access management programs have a lot of moving parts: user authentication, employee provisioning and prompt deprovisioning, password management, single sign-on, allowing access based on role, federation with suppliers and other partners, integration with directory services, auditing for compliance. And it all must be done in a way that supports business processes and plays well with HR and legal. Sounds like a job for a trusted business technology adviser. The One Identity Manager product will generate reports for auditing the resources in customer environments, who has access, and why that access was granted and terminated. End user, governance and admin business stakeholders get an improved Web UI with HTML 5 support. The product is available now; partners attending the Dell World Software User Forum, Oct. 20-22 in Austin, can get a demo.
Cloud tech firm Effortless Office made two security announcements at Cloud Partners. First, its flagship product is now compliant with SSAE 16, SOC 1 Type II (indicating a history of compliance); that certification attests that its controls, including around client setup and maintenance, physical and information security, transaction processing and reporting and more, live up to financial services industry standards. The product was already HIPAA and HITECH compliant. The company also debuted its standalone agentless Effortless Defense security offering that combines threat monitoring, email encryption, sandboxing and a dashboard showing malware threats by prevalence and geography. Sales of Effortless Office products are through the channel only, and the company partners with agents, VARs and MSPs.
Follow editor in chief @LornaGarey on Twitter.
Read more about:
AgentsAbout the Author
You May Also Like