5 Channel Ops: Be ‘Resilient,’ Watch Security in 2016
Traveling abroad for the holidays? Verizon this week announced TravelPass, a service that allows you to use an existing talk, messaging and data plan while traveling abroad for $2 per day, per line in Canada and Mexico, and $10 per day in the other 65-plus TravelPass countries, charged only on the days you use it. International services must be activated on the account to ensure your plan is configured to make and receive calls while overseas.
Also, have you checked out our new partnership with the 451 Alliance?
Resilient Signs Deals With IBM, HP
When it comes to cyberthreats, Boston-based Resilient Systems is firmly on team respond and mitigate rather than just focusing on prevention. Resilient has a string of “cool vendor” award wins, and cryptography and security expert Bruce Schneier is its CTO. The company has closed more than 100 new deals through the channel this year, and its channel program has grown to 40 partners in 19 countries.
This week, Resilient announced that version 24 of its Incident Response Platform now features built-in integration with IBM’s X-Force Exchange threat intelligence feed; with that, more than a dozen threat-intel sources are supported out of the box, and customers may also add proprietary and specialty feeds. To make sense of all that data, version 24 also integrates with HP’s ArcSight security information and event management system.
Resilient CEO John Bruce told me that the Incident Response Platform is suitable for all-size companies, and channel interest is growing. “From global enterprises to small businesses, resellers, partners and managed service providers, we’re quickly becoming the standard way to improve resilience to security threats and business crises,” said Bruce. “To meet growing interest and demand, it’s important for us to have a strong network of channel partners. That’s been a major focus for us over the past year, and the increasing business we’re doing through the channel reflects that.”
Other enhancements include LDAP support to manage and authenticate users from within Active Directory and a new email parsing capability that enables the IRP to extract information from emails to populate fields within the system, and then take action if needed. There’s a special focus on helping law firms develop comprehensive incident response practices.
In a nutshell, an incident-response program is all about being prepared and vigilant. Systems like Resilient’s IRP enable IT or an adviser to sketch out possible attack scenarios, taking into account compliance and vertical/industry considerations, then run drills so everyone knows exactly what to do when things get real. As the saying goes, train hard, fight easy. Once an incident is detected, the IRP system provides an automated way to assign remediation tasks, report on progress and status, and correlate data from other security tools. After the fact, it helps assess lessons learned and deliver evidence to the authorities, where appropriate.
If it’s November, it must be prediction time. Let’s look at a four new and notable 2016 outlook surveys.
2016 Threat Predictions: Buckle Up
Intel Security this week released its McAfee Labs Threat Predictions Report, in which 33 of Intel Security’s thought leaders discuss what’s coming at us next year and look ahead to 2020. The report is well worth a read; observations relevant to channel partners in 2016 include:
- Sneakier ransomware: Researchers predict that new stealthy variants will surface that silently encrypt data over a period of time. These encrypted files will be backed up, and eventually the attacker will pull the key, resulting in locked files both on primary storage and in the backup.
- More spending on security: Intel/McAfee expects overall security investments to rise in 2016 for most businesses. They advise organizations to spend their money not just on technology, but also on more training and awareness services and personnel.
- Employee-owned systems targeted: In 2016 researchers “expect to see at least one, if not more, major attacks that start with an employee-owned system or a company system that is in an insecure location, such as a hotel or coffee shop.” This should be a motivator for customers that have resisted mobile device and application management systems (see 5 Underrated MDM Selling Points).
The bulk of the report looks ahead to 2020 and focuses on not just threats but how the industry will meet security challenges, including difficult-to-detect attacks, exploits targeting IoT and wearables and the dark side of cloud — that attackers will target large public cloud infrastructure providers because they can jump laterally among customer workloads, and that they will use public clouds as bases of operation.
What’s the FBI going to do, shut down AWS?
Unfortunately, security pros equipped to tackle this cornucopia of misery are in high demand just as the skills shortage is coming home to roost.
Staffing: Show Us The Money?
If you see a lot of new faces at customer sites – or in your own offices – blame that skills shortage. The 2016 Harvey Nash Technology Survey analyzes data from 2,959 IT pros from 30 countries in specialties ranging from software engineers (10 percent) to C-level technology leaders (nine percent). This is the fourth year for the survey, and salary is now the No. 1 motivator for changing jobs, cited by 77 percent; work/life balance falls to second, with 72 percent. Globally, 53 percent of technology hiring managers reported skills shortages in 2015, up from 51 percent the previous year. Four in 10 technologists surveyed changed jobs this year, and 37 percent received 10 or more inquiries from headhunters.
“The IT skills shortage is dire, and we are seeing companies compete more than ever for this talent,” said Harvey Nash USAPAC president and CEO Bob Miano in a statement. “The technology career is changing rapidly: it’s mobile, flexible and entrepreneurial. The companies that embrace these shifts will attract and retain the best talent and successfully ride this technological wave.”
For partners, this represents both opportunity and risk — new CIOs may want to bring in their own partners, and entrepreneurial former wage slaves represent competition.
However, for most, a dearth of expertise opens up profitable possibilities for solutions providers with skilled people and the ability to keep them. Fortunately, Michael Bremmer, CEO of TelecomQuotes, says retaining staff is about more than money.
“If you’re ‘buying’ people with salary, that is bad policy because they’ll just go to whoever offers them more in the future,” says Bremer. “What you really want are the ‘lifers,’ people who you pay well and who believe in and love their jobs. It’s much less expensive to create a culture that retains people who want to stay for more than money.”
And in fact, work/life balance was only a few percentage points behind salary in the survey. As Bremer points out, “all the money in the world doesn’t get me to my little girl’s recital or my son’s baseball game. Create a culture that allows that flexibility and salary demands won’t be as much of an issue.”
2016 Trend Watch: Mobility & NFV
Red Hat this week released some results from its October mobile maturity survey of 200 IT decision-makers from private-sector organizations with at least 2,500 employees across the U.S. and Western Europe. Most respondents, 90 percent, say they’ll increase investment in mobile application development within the next 12 months, and not by a small amount — the average projected growth rate was 24 percent. Respondents plan to develop, on average, 21 custom apps each over the next two years.
What dev skills do you need to capture some of that business? One-quarter (26 percent) of respondents plan to primarily use Node.js as their language for back-end development within the next two years, while 15 percent plan to primarily use Java and 19 percent favor .NET. Currently, 71 percent of respondents primarily use Java, while 56 percent use .NET.
OPNFV and Light Reading surveyed over 200 telco and service-provider professionals to see how the platform is helping advance network-functions virtualization projects. AT&T, Cisco, Dell and IBM are among OPNFV’s platinum members, with CenturyLink, Spirent, Sprint, VMware and others also on the roster. The poll results are positive overall: Eighty-six percent of telecommunication professionals surveyed either strongly or somewhat agree that OPNFV will accelerate the adoption of NFV in the industry. The biggest benefits cited are easier integration (74 percent) and more rapid development (62 percent). Nearly 60 percent are actively exploring NFV, with 19 percent indicating their organizations are in full NFV deployment.
Striking another blow for standards, the Telecommunications Industry Association announced that it will launch in early 2016 avendor-neutral interoperability testing lab for NFV technology.
CenturyLink isn’t waiting. It’s pushing ahead with software-defined networking (SDN) and NFV, announcing this week that it’s selected Nuage Networks to provide networking functionality for the CenturyLink Programmable Services Backbone (PSB) network architecture, an open, software-enabled platform for delivering services to CenturyLink’s enterprise and SMB customers at any time regardless of their location. In the coming months, the company will begin deploying a range of virtualized data and voice infrastructure services, including customer premises endpoints.
Bill O’Brien, director, network strategy and development for CenturyLink, told me that the long-term intent is to allow partners to consume network services similarly to how customers consume any cloud service, via robust APIs and portals. “The API capabilities will grow over time, enabling partners to compose and adapt network services,” said O’Brien. “We’re very interested in working with partners to help identify and prioritize these capabilities.”
Riverbed Updates SteelCentral
Riverbed Technology announced this week enhancements to its SteelCentral platform, which pulls network end user and application performance monitoring into a single UI.
Riverbed is 100 percent channel, and Nik Koutsoukos, VP of product marketing for SteelCentral, told me that the new features are about improving integration across the modular platform while enhancing end-to-end application transaction monitoring. When a customer or an end user complains that “the app is slow,” the root cause could be anything from a downed server to network latency to the user’s device. Koutsoukos says SteelCentral takes a broad approach to application performance management by watching everything, all the time (short version) and closely monitoring the end-user experience.
For partners, he highlighted a few points. First, cloud gives new urgency to monitoring. Your customers are under pressure from the business to use SaaS, for savings, but IT is afraid they won’t be able to maintain service standards. Second, point tools aren’t cutting it. “Today enterprises have literally dozens of systems monitoring individual domains independently,” he says, and all that licensing money could be better spent.
In addition, it’s always better to be predictive than reactive, especially when that insight lets you sell more bandwidth and circuits. SteelCentral can analyze potential bottlenecks and warn IT before users see degraded performance.
SteelCentral pricing starts at $20,000 list and increases as the monitoring environment scales up. It’s not inexpensive, and the product is traditionally targeted at large enterprises. However, Koutsoukos says Riverbed sees professional services as an area with growth potential for channel partners. “Architecturally, SteelCentral has multitenancy capabilities built-in,” he said. An MSP could provide professional monitoring services based on the SteelCentral platform. “Any deviation from peak performance has an effect on the business,” he says. “I have seen a trend that complexity is drifting down and impacting midsize companies.”
Indeed, slow is the new down — ask JetBlue or Southwest Airlines; both had system glitches this year that brought flight delays and cancelations, and plenty of negative media attention.
Bits & Bytes
Got legacy apps? Partner-focused cloud services provider dinCloud this week announced dinApp, an application virtualization platform that it’s positioning as an alternative to Citrix XenApp, VMware ThinApp and Microsoft App-V. Pricing starts at $20 per user per month based on the number of users and is a la carte. The dinApp services runs in the cloud on dinCloud’s secure servers and can be accessed by any physical or virtual desktop or mobile device, including Chromebooks, making it an attractive option for educational settings. Features include Microsoft Active Directory integration and the ability to run multiple versions of the same application at the same time, on any endpoint. dinCLoud positions dinApp as a way to deliver legacy applications that need older versions of Internet Explorer, and partner can explore white-label options. I’m told that dinCLoud has some nice back-end technology and service model, so check it out.
If you have retail clients, check out a new post from IT services firm Workflow Studios on What the Biggest Data Breaches in Retail Have Taught Us about Cybersecurity. It delivers lots of actionable information and some nice infographics for customers as we head into their biggest season.
Hewlett Packard Enterprise this week announced hardware priced for SMB customers’ budgets as part of the HPE Just Right IT Program. The entry-level ProLiant DL20 Gen9 rack-mount server and a ProLiant ML30 Gen9 standalone unit for small businesses and home and branch offices will be available on December 1 and start at approximately $660 and $599, respectively. HPE also announced new financing options, including subscription services, technology refresh, payment deferrals and pre-provisioning, available through HPE Financial Services. Find more info at the HPE Small Business Marketplace.
Finally, ever heard of Looker? It’s a data platform that launched three years ago and now had more than 400 customers including Uber, Docker, Warby Parker, Sony, Etsy, Avant and others. Technology partners include AWS, IBM, Microsoft Azure and Teradata. This week it announced Looker Blocks for Google BigQuery. Looker allows a partner or analyst to centralize massive amounts of data, creating a “single source of truth.” Then business users can easily and quickly hit that data store to ask and answer their own questions. The idea is to make big data analysis accessible to anyone within a company — without data scientists, who cost even more than security pros. The company has a partner program and is, well, worth a look.
Follow editor in chief @LornaGarey on Twitter.
