When Customers’ Security Requirements Outgrow Your Comfort Zone
How can VARs, MSSPs and other providers ensure security to their customers when requirements begin to outgrow their expertise? Learn how to overcome this challenge through strategic partnerships.
August 1, 2019
Sponsored by Fortinet
In the wake of highly disruptive and public attacks, organizations and C-level executives are paying closer attention to the level of security that exists within their increasingly distributed networks. With this in mind, cyber security spending is expected to grow by 8.7% in 2019, reaching $124 billion.
Key drivers behind this increased IT spend are the need to upgrade outdated infrastructure and increased security concerns. This makes sense, as over the past several years outdated infrastructure, be it hardware or software, has been the cause of many high-profile data breaches. This is compounded by the growing awareness of security concerns as attacks become more sophisticated and the attack surface expands across businesses as a consequence of digital transformation.
Beyond these reasons, 37% of organizations noted changes to regulations as a top factor leading to increased IT spend. While there are many business incentives to prioritize cyber security, regulators have taken it upon themselves to ensure organizations are taking every precaution when it comes to protecting sensitive consumer data. Your customers are now subject to penalties and fines if they do not comply with various rules and regulations. These may include PCI DSS, GDPR, California Consumer Privacy Act, HIPAA, and others depending on where your customer operates and within which industry.
Customers Need Guidance in Addition to Technology
To combat security concerns and maintain compliance, organizations are investing in tools and security controls. However, more than just technical investments, organizations need partners and providers that can offer support and guidance, rather than just the deployment of a tool. This is evidenced by the increase in managed services budget allocation throughout the year.
Many of your customers will have to ensure their security infrastructure is compliant with more than one set of regulations while minimizing complexity within their network. They will be looking to their technology partners and managed service providers to offer advice on which areas of their network need to be fortified, which tools allow for compliance with which regulations, and how to integrate various tools to ensure a centralized approach to compliance, rather than a piecemeal approach comprising many disparate tools that can hurt visibility.
Considering this, VARs, MSSPs and solution and service providers must have a thorough understanding of how to deploy, configure and troubleshoot network controls. They need regular insight into current attack trends that can cause shifts in where their customers are most vulnerable as well as an in-depth understanding of applicable regulations.
What to Look for In a Partner to Provide Consistent Support
For many partners, it can be a challenge to keep pace with all of these highly technical requirements and get the training that’s needed to succeed. This is especially true given the current cyber security skills gap.
The question then becomes, how can VARs, MSSPs and other providers ensure security and compliance to their customers when these various requirements begin to outgrow their expertise and comfort level?
To overcome these challenges and offer consistent support to customers, providers must focus on partnering with organizations with four key offerings:
Centralized Management: You are only making it harder on yourself if you try to report on compliance and potential security incidents using information gathered and stored across separate security tools in the network. With this in mind, look for partners that offer the ability to integrate various security controls– from endpoint protection to firewalls and beyond–using APIs. This will enable visibility into the status of your customers’ security and compliance standing from a single location.
For example, Fortinet’s Management and Analytics solutions, FortiManager and FortiAnalyzer, simplify network orchestration and response with single-pane-of-glass visibility. Furthermore, each Fabric-Ready device in the network comes with built-in regulatory reporting and compliance management features.
Threat Assessment Capabilities: Your customers are trying to determine where there are weaknesses in their network defenses that may cause compliance headaches in the event of a security incident. This can be overwhelming, especially if your customer is contending with more than one regulation. When working with a partner that offers cyber threat assessments, you can analyze where there are weaknesses in security infrastructure and cross-reference that information with what is required by applicable regulating bodies. Fortinet partners are able to run threat assessments using our Next-Generation Firewall. From there, the report offers actionable recommendations and deployment flexibility that allow you to best fit solutions to your customers’ needs, solidifying you as a trusted adviser.
Training and Certifications: Another way to continue to offer guidance as customer requirements become more complicated is to expand your knowledge base. Look for a partner that offers you the ability to regularly learn and improve your skillset with courses and certifications.
Fortinet offers an eight-level certification course called the Network Security Experts (NSE) Academy. NSE training ensures that you and your team have the expertise and first-hand experience needed to navigate complex security environments. Building these skillsets will ensure you can fully leverage Fortinet offerings to meet the individualized needs of your customers’ security requirements.
Support and Services: As your customers update their infrastructure and prioritize compliance as threats become more sophisticated, their needs will likely move beyond their capabilities and, possibly, your level of expertise. This is where it is important to work with partners who can offer support with a range of services. These services can cover a variety of modern security needs, from threat intelligence to cloud security, web filtering and more.
At Fortinet, we offer a host of Security Services through our FortiGuard Labs team. You can then offer subscription services to customers that will address their growing needs. For example, customers can take advantage of the Threat Intelligence Service to ensure tools are constantly updated with information on the latest threat trends. This will reduce the chance of being caught off guard by new strains of malware and zero-day threats. Additionally, customers can leverage FortiCASB as they move from legacy infrastructure to the cloud to ensure that security and compliance controls extend to these new environments.
Final Thoughts
Your customers are increasingly looking to you, their VARs and MSSPs, for support and guidance as they undergo digital transformation and enhance defenses to meet compliance standards. However, keeping pace with the level of support they require can be a challenge. This is why it is essential to partner with an organization that enables you to offer consistent support for security in-depth, through services, certifications, individualized recommendations and simplified visibility.
This guest blog is part of a Channel Futures sponsorship.
About the Author
You May Also Like