The never-ending security challenge... How do resellers stay on top?
In the constant battle to keep resellers out of customers' networks, how do resellers stay on top? Heather Wright talks to the experts about the future of security for resellers.
Security seems to be a constant journey with no end-point, always evolving as the baddies find new methods to try and extract information – and money – while vendors and the channel push to find new ways to secure customers.
And just as securing a physical building fully against burglars is not always completely possible, so it is with protecting your customers' networks – particularly when trends such as BYOD, mobility and the Internet of Things, are thrown into the mix.
“It only ever gets worse,” says Kevin Swainson, Connector Systems general manager for security and telecommunications. “You solve one issue with a patch until another one comes along. It's a moving target.”
“Securing the enterprise is never easy,” adds Klasie Holtzhausen, Symantec Pacific senior director for channel and commercial. “Fuelled by the heightened number of attacks and an ever changing threat landscape, this challenge has reached new levels of complexity.
“Given the rise in the BYOD movement and the proliferation of smart machines creating an Internet of Things environment, security is a buzzwod and a spending focus for many this year,” he adds.
“An increasingly complex online security landscape has emerged, due to the consumerisation of smart devices and data aggregation of connected devices.
“This is especially significant in New Zealand as we have a large appetite for mobile gadgets and data consumption. The lines between business and personal use of these mobile devices has blurred as more and more consumers use their personal mobile devices – PCs, laptops, smartphones, tablets – for work-related activities.
“What is alarming is that users aren't recognising the importance of safeguarding their mobile devices. The security threat is further exacerbated when companies do not have policies in place around the use of personal mobile devices, putting both employees and companies at greater risk,” Holtzhausen says.
He says the channel plays a critical role in helping businesses identify and mitigate those risks. And for those who can, there is money to be made.
A recent IDC New Zealand Asia Pacific (excluding Japan) mobility survey, which showed that 87% of New Zealand organisations are investing in mobile solutions to improve their customer experience, also showed that security remains the top concern in mobile deployment.
Adam Dodds, IDC New Zealand IT services research manager, says security is the highest area of focus regarding the enablement of mobility solutions, with a particular focus on network security, access and identity management.
"Organisations will live and die by the value of their information and how it is protected from others.
“Customers are willing to share more information about their location, preferences and needs but will act with ferociousness if this is not treated with due care," Dodds says.
At RSA's recent Asia Pacific and Japan Conference 2014 Asia Pacific and Japan, mobile security was also a hot topic.
RSA says statistics it has collected show in 2013 27% of all transactions originated from mobile devices – a 54% increase year-on-year - and nearly 32% of all fraudulent transactions recorded by RSA originated from mobile devices in the first half of 2014.
Richard Booth, RSA fraud and cybercrime prevention business manager, says companies are facing challenges through accelerating adoption of mobile, in how to ensure trust in the mobile channel.
“The ecommerce and financial verticals in New Zealand beat Australia to the punch with faster payments, or real time settlements, but the pressure on business for fraud protection is pretty huge.”
He cites the APWG Phishing Activity Trends Report, which says the first quarter of 2014 saw the second highest number of phishing attacks ever recorded in a Q1.
“While you get more advanced attacks like mobile malware, phishing is still a threat too.”
Year of the mega breach...
Meanwhile, Symantec's 2014 Internet Security Threat Report shows 2013 was a watershed year in breaches, ushering in the era of 'mega breaches', or breaches exposing more than 10 million identities. While only one such breach was reported in 2012, that number jumped to eight in 2013.
“More than 552 million identities were breached in 2013, putting consumers' financial information, birth dates, government ID numbers, home addresses, medical records, passwords and other personal information into the hands of cybercriminals,” Holtzhausen says.
He says the change in the threat landscape can be attributed to an evolved approach by cybercriminals, in part due to the potential and significant payout of mega breaches, with one breach possibly worth 50 smaller attacks.
“The potential for huge paydays means large scale attacks are here to stay,” he adds. Holtzhausen says there has also been a distinct shift in the behaviour of cybercriminals.
“In 2013, targeted attackers shifted away from the common 'spray and pray' approach toward longer and more targeted attack campaigns.
“This means that attack methods are conducted in a 'low and slow' approach, a sign that user awareness and protection technologies have driven spear-phishers to tighten their targeting and sharpen their social engineering.”
Holtzhausen says the average attack campaign can now last three times longer, contributing to the overall efficiency of the attacks.
“To increase the rate of success, attackers also consider the impact of real world social engineering, which combine virtual and real world attacks.
“The channel plays an important role in helping businesses identify and mitigate security risks across their business as the security threat landscape continues to evolve.”
Swainson says a key trend being seen at the moment on the technology side, is the move to put 'more and more services into one box appliance'.
“Larger organisations of 1000+ or even 500+ might have multiple appliances and servers doing different things, but there's definitely a move to bolt more services in the one appliance [as a next generation firewall].
“It's something we've been seeing for the last three or four years.”
Swainson notes that a multi-layer posture for security is 'still the best practice'.
He notes too, that many companies are still needing education about security practice, and cites the example of a 150 seat customer with a fairly complex network which had 'some absolutely fundamental security flaws in opening up parts of their network'.
Of course, some vendors say the 'best of breed' approach remains the best option, rather than putting all your eggs – or your customers to be more specific – in the one basket.
“It's six of one and half a dozen of the other,” Swainson says. “If you have two appliances from two vendors, you've got two different things that can fail and two different people to speak to to sort out things when something does fail.
“But if you've got a single device and it fails... So you've got to make sure whatever solution is in place is built with a full understanding of what your customer needs and what's most important to them.”
Swainson says with the increasing complexity of the security landscape, there is a move to – and a need for – more specialised resellers.
“They need to be fairly tech savvy engineers, not generalists, and there definitely are more specialist security resellers now where all they do is security.
“One of the challenges is to have in-depth knowledge, and it can be difficult making sure staff are skilled up and have the knowledge and ability to recommend the best solution for a customer. It's like virtualisation as a technology segment. Not everyone is specialised enough.”
Swainson says just because a reseller doesn't have specialist security services shouldn't rule them out. Instead, he advocates resellers – who often have very strong relationships with their own customers – partner up with security specialists to bring in the necessary skills as required.
Swainson says there's also plenty of opportunity for resellers who carve out a niche in security to offer a fully managed security service.
“It takes away all the pain and grief the end customer doesn't want to know about, and in a way their business can afford through monthly charging. It's a huge opportunity.”
He says one of Connector System's partners now manages 1000 discrete connections for customers.
“If you can build the framework of expertise and get the right price point you can carve out the right model.”
While trends such as mobility, BYOD and cloud may be presenting security challenges, they're not alone. Swainson says increasing network speeds are also driving up the ante.
“Very high speed networks, such as VDSL or, if you're lucky enough fibre, offer great capacity to do remote offerings, whether cloud or data centre, but also opens up a huge challenge,” says Swainson.
“As customers get bigger set of pipes, they are opened up to more and more data, more and more diverse applications, social media left, right and centre and a raft of cloud services. And with that, comes lots of potential to come into contact with people who want to take advantage,” he adds.
Even on the home front, customers are facing increased threats as improved speeds – driven even more by UFB – see increasing data consumption.
Swainson cites his only family as an example, noting their data consumption is now almost one terabyte a month.
“And there are a lot of nasty things out there. The only safe network is one with no connection with the outside world,” he notes. Of course, that voids much of the point of a network, so balance is critical, he adds.
So how do you strike a balance? “You need to monitor customers and be constantly reviewing their security. You can't be paranoid, but you also can't be complacent.
“Security is an ongoing challenge. Some companies think 'oh, we put in [our security] a year ago, so we're ok. But it needs constant reviewing.
“The reseller opportunity is huge, with ongoing support, maintenance and management.”