As back-to-school shopping levels off, your retailer customers’ thoughts inevitably turn to the holiday season. If your base includes local chains or specialty shops, check out this article by Evan Schuman on the best way for bricks-and-mortar stores to take on Amazon. TL;DR version: Exploit its two weak spots, delivery and live customer experience.

Security is also on consumers’ minds, and retail is one of the verticals we’re discussing in our Cloud Partners session titled “The Cloud Specialists Are In.”  Verizon’s chief security evangelist, Mark Rasch, will join a panel of your peers, moderated by me, to discuss the challenges around PCI and much more.

Sharing Is Good for Security

Speaking of retail and security, this week I spoke with Wendy Nather, research director of the nonprofit Retail Cyber Intelligence Sharing Center, or R-CISC for short. Membership isn’t limited to just stores. Airlines, telecommunications companies with retail locations, hospitality firms, casinos, fast food chains — the list goes on.

“Just about anyone who does a commercial service where there’s a transaction involved might qualify to be a member,” says Nather, who was previously research director of the information-security practice at 451 Research and a CISO in both the private and public sectors.

While there are currently no MSPs or MSSPs among the R-CISC ranks, Nather says the group is open to applicants, and that benefits flow both ways.

“Channel partners can obviously contribute a lot from what they see working with retailers, she says. “But it’s also a chance for them to learn about specific security concerns that retailers have.” Membership could help partners expand into that market or better serve existing customers.

Sharing is a vital and growing trend in security circles; the defense and financial services industries have been trading data on joint threats and attacks for years. Given the current security landscape, a group of top retailers threw money in a pot and said, “We need to do this too,” said Nather. Retail members include J. C. Penney, Lowe’s, Nike, Target and Walgreens. The center has working relationships with the Financial Services Information Sharing Analysis Center (FS-ISAC) and major retail industry groups as well as government agencies, including the FBI, Department of Homeland Security and DOJ.

“They can help reassure legal departments that it really is OK to share threat intelligence information,” said Nather.

She points out that sharing requires trust, and that trust tends to happen when people connect — a lot like partner/customer relationships. To that end, R-CISC sponsors for members live events across the country, webinars from security vendor partners on topics like POS malware, and workshop calls where members can talk frankly about specific challenges and share best practices.

“Our challenge is to get organizations to trust each other based on the relationships individuals have,” says Nather. In addition, she helps generate research and educational resources for members, including benchmarks and repots on emerging techs.

Besides charging a fee that starts at $2,000 and rises based on company type and size and membership level, the group encourages members to contribute intelligence as best they can.

“They’re at different levels of maturity and different levels of comfort in terms of what they can share,” said Nather. “For example, they may share something they are seeing but say ‘don’t attribute this to us.’ Members can submit anonymously. Analysts will remove data, like IP addresses, that might reveal who they are. In other cases we have very sophisticated retailers who are sending full threat intelligent briefs, almost branded with their name, on a daily basis.”

Right now the group, which is based in Washington, D.C., employs three dedicated security operations analysts who process data coming in from members as well as from federal agencies and a range of other threat intelligence sources. For information, drop Nather a line at [email protected].

Dell Touts Security Partner Progress

At its annual North American Security Peak Performance conference in Las Vegas, Dell announced strong growth in network security channel sales and introduced some deals for partners. The event drew more than 650 channel partners from North America and Latin America and was co-sponsored by Dell distributor partners Ingram Micro, Securematics, Tech Data, D&H Distributing, and SYNNEX.

Some numbers out of the conference: The number of deal registrations increased by 7 percent to more than 4,100 per quarter, while the number of partners submitting deal registrations rose by 12 percent, to 1,300 per quarter. Attendees saw 40 percent year-over-year growth and 33 percent quarter-over-quarter growth. In fact, upwards of 83 percent of more than 100 Dell partners participating in a recent survey say they’ve experienced an increase in sales of security solutions in the past year.

“It’s clear from our SonicWALL channel partners’ continued success that demand for network security solutions is stronger than ever,” said Marvin Blough, executive director of channels and alliances, Dell Software Group, in a statement. Larry Cecchini, chief executive officer of Dell partner Secure Designs, said SonicWALL revenues for his business increased by more than 650 percent in the past year.

Dell also used the conference to deliver its five best practices for securing the Internet of Things, saying IoT gives Dell channel partners an opportunity to strengthen relationships with customers by helping protect the organizational data created by connected devices. The common-sense steps, outlined here, focus on ensuring data is secured and encrypted, understanding devices and who owns the collected data, gauging the impact of IoT traffic on networks, setting up network segments or VLANs, and educating customers.

Cohesity Helps Storage Innovation Stick Around

Last week I covered a number of innovative storage providers. This week, storage startup Cohesity released results of a survey that illustrate why customers desperately need that creativity. The study revealed that nearly half of companies are doubling their storage spend every two years but have a hard time knowing whether that money is being well-invested. Other findings:

The top complaints, as you’d expect, are complexity and staggering volumes of data. This is nothing new. Partners who can help streamline storage will have an edge, but the hard reality is that simplicity is hard to come by. Cohesity’s pitch is to extend convergence into secondary storage. The company, which just exited stealth mode and is led by Mohit Aron, a veteran of Google and Nutanix, aims to fix the fragmentation and data sprawl in secondary storage “by leveraging a Google-like, Web-scale architecture to converge these data silos for data protection, development, and analytics onto a single, intelligent platform.” Short version: Stop managing a bunch of separate storage products and get very serious about deduplication. Cohesity is currently signing up channel resellers; a spokesperson says it’s operating on a 100 percent channel model with sales teams working closely with partners.

Oracle Looks to Catch a PaaS

Oracle’s new Cloud Agility study asked 2,263 employees working for large global enterprises about how cloud computing is affecting their companies’ agility, defined as the ability to seize business opportunities and get new products and services to market quickly. As my former colleague Chris Murphy writes in Forbes this week, “81 percent of employees consider it important or critically important for their companies to be able to develop and launch applications quickly. Yet 52 percent say they don’t have that kind of IT agility.” The most-cited business fear is that competitors will move faster. Oracle’s recommendation to gain speed is its Oracle Cloud Platform PaaS offering.

PaaS sales have lagged significantly behind SaaS and IaaS, and there’s no clear market leader, so it’s a sensible place for Oracle to try and capture mindshare. For partners, this is a relatively greenfield space with potential. IDC forecasts that the global public PaaS market will grow to more than $14 billion in 2017.

A PaaS is essentially a pre-packaged set of programming languages, application servers and databases – SaaS – running on a defined back-end architecture — IaaS. Developers write code in a language supported by the PaaS vendor and throw it over the wall. The provider worries about the mechanics of infrastructure and operations (security, backup) and supporting software, like databases. PaaS could be helpful for customers who need to deploy applications quickly (that agility argument), or that are supporting many legacy applications and want to consolidate. It can also accelerate a hybrid cloud deployment by enabling app portability.

When evaluating which PaaS vendor to partner with, ask about programming languages supported, the SLAs offered for the IaaS back-end, and operational elements like security and backups, because with PaaS, all your customer’s application eggs really are in one basket.

Bits & Bytes

HP Convergence: HP announced this week at VMworld a new converged architecture, delivered as one integrated stack by certified channel partners. Convergence is a new concept for some partners, so HP offers training covering both sales and marketing (how to identify and qualify an opportunity) as well as detailed technical education on how to build, configure, deploy and operate converged architectures, possibly via custom education at partner sites. In addition, HP provides technical support for partners throughout the sales and deployment process. Partners can pull customers’ existing HP gear into the stack, offering investment protection. For example, said a company spokesperson, if a customer has HP 3PAR systems installed, a partner can assess if this storage meets the requirements for Converged Architecture 700 before spending time on the sale; certified partners will have access to a tool that validates the customer’s gear meets the specifications. HP partners already certified on servers and storage and networking shouldn’t have much trouble getting the CA700 credentials.

Want more tech news out of VMware’s VMworld conference? Check out our wrap-up and image gallery.

Cisco and Apple: When you think about, Cisco and Apple aren’t such a strange pair. Both really like to control the end-to-end ecosystem, for example. Cisco CEO Chuck Robbins makes other comparisons in a blog announcing a deal to optimize Cisco networks for iOS devices and apps and improve iPhone compatibility in Cisco voice and video environments, including Spark, Cisco Telepresence and WebEx. It’s no secret that Apple wants more enterprise cred; it worked a similar deal with IBM last year. However, the announcement was conspicuously light on detail for Cisco partners.

Microsoft vs. The Feds: Partners who deal with public-sector customers should keep an eye on the fight Microsoft, backed by Apple, Cisco and many other tech companies, is having with the U.S. Department of Justice over the ability to protect customer documents from search and seizure. Bloomberg’s Dina Bass covered the controversy this week. The outcome could affect the future of cloud services — and your earnings. In a blog Wednesday, Microsoft’s Brent Combest, director of partner profitability and compete in the worldwide partner group, pointed out a study saying Microsoft cloud partners experience higher revenue growth and gross profit.

Webinar of the Week: Check out social marketing expert Evan Kirstel’s tutorial on how to use Twitter as a B2B sales networking tool to generate leads, partnerships and ultimately customers — including how to actually measure ROI, courtesy of Penguin Strategies. Word is Evan will be attending this month’s Cloud Partners in Boston; if you’d like an introduction or to set up a meeting, hit me up in an email or on Twitter.

Follow editor in chief @LornaGarey on Twitter.