Jason Holloway of ExaProtect shows how you can increase your customers security stance and gain incremental sales without the car salesmans sheepskin jacket, bunting and portakabin
A journalist once asked Peter Ward, the former CE of Rolls-Royce motor cars, who the companys competitors were. Rather than naming another marque of cars, Wards answer was boat makers, builders and estate agents. He knew his market: the typical Rolls buyer would not seriously consider any other make. However, they would delay the purchase of a replacement Rolls in order to buy a boat or invest in a property instead. In other words the market sector that Rolls-Royce competes in, isnt limited just to cars.
Its a little like the security market. At any of your customers, theres a great deal of competition for IT budget allocation. The key question they will ask of you is: will a new solution really enhance my security stance and add value?
Its a fair question. For many enterprises, the real issue is being able to effectively monitor, assess and respond to what their current security products are telling them, not whether they need to add further layers of security. Lets take a closer look at why this is so.
Journey to the centre
Corporate IT teams typically manage a range of core business systems, security devices and solutions. This means using a range of different management consoles and dashboards, because each system usually has its own special language of event logs and rules.
This constant chatter of events and updates from each corporate system and security product can blur the IT teams vision of the companys overall security stance. And if IT staff cant cut through the chatter, security threats will get lost in the background noise and a breach made before the IT team can mount an effective defence.
The analyst firm Gartner Group estimates that the corporate systems in companies with 1000+ users can generate an average of 200 security events per second enough to overwhelm any IT department. This makes ensuring the security of core business assets hard, because IT teams are constantly sorting fragmented events into a coherent security picture.
Adding more tools to existing layers of unmonitored security products doesnt necessarily increase security; merely the complexity of the monitoring problem.
So how do companies better manage the deluge of security data from their internal systems, to protect the business IT assets that matter? And how do VARs add further value and gain real incremental sales from existing customers?
The answer lies in inverting the way companies traditionally approach information systems security, and approaching the issue from the inside out. This way, you can give customers an alternative that helps them make the best use of what they already have.
The new approach is based around core security event management (CSEM) solutions. CSEM unifies security management for both traditional point security products and core internal systems, helping fight the battle on two fronts.
CSEM integrates the muddle of consoles and reporting formats to simplify management. This gives IT staff a clearer view of events at any point on the network as it occurs, and improves response times by drastically reducing the log traffic generated by multiple systems. It also gives an end-to-end view of network activity, reporting on any changes to business assets and data where security is most needed.
CSEM aggregates and correlates all data and event logs from core business systems and security devices into one central engine. It overlays multiple reports and data streams, giving IT staff a single-console view of key security events identifying and putting in context irregular activities or attempted attacks that are otherwise invisible. CSEM also gives incident handling and resolution features, helping IT staff deliver the best response. As well as highlighting any deficiencies in the customers overall security strategy helping you to identify further sales opportunities it goes without saying that it also plays a key role in corporate compliance. Which is a topic thats on many CEOs and CFOs minds at the moment.
The driving force
So what does this mean to VARs? First, it gives the chance to revisit existing corporate customers and offer a strategic, end to end approach to security which protects their true business assets not just another point solution with ever-shrinking margins.
Second, it also gives the opportunity to get closer to customers and add real value to your ongoing relationship, by helping them get better value from their security solutions, both now and in the future.
Remember the Rolls-Royce maxim sometimes taking another view of the market you work in can yield real insights. By helping your customers look at security from their core systems outward, you can both benefit.
Jason Holloway is UK MD of ExaProtect. ExaProtect a market creator and leader in Core Security Event Management (CSEM) monitoring, interpreting and reporting on the security of core business systems and the corporate information they contain. ExaProtects solutions gather security information from all enterprise systems and combine this information with business process rules. This intelligence gives the organisation a realtime, end-to-end, prioritised view of the behaviour and security status of key business assets. It gives companies a complete, auditable solution for analysing and responding to any unwanted changes or attacks on core systems and information.