Malware: Turning a Problem into a High-Value Solution
As a solution provider, your business is solving your customers’ problems in the best possible way, generating the highest possible value for them and in turn, for your firm as well. Today there is a pervasive challenge that is once again becoming increasingly painful for your customers: protecting against malware. The question to ask yourself is: are you proactively helping them address this in a way that creates value?
Most of your customers’ IT departments are fighting a battle against malware that is becoming more and more difficult to stop due to the proliferation and sophistication of attacks, the difficulty of responding to outbreaks, and managing complex systems in order to enforce security policy. How do you know? Just ask them.
One of the most important and powerful ways to establish the needs of your customers and identify the way that you can best create value is to ask good discovery questions. All too often, your customers are confronted with people who are trying to “sell them” on a solution, without understanding what their needs truly are. This seldom works, and results in customers being generally averse to considering alternative approaches and solutions, even if they are better.
The Search for a Better Way
On the subject of malware, it’s a safe bet these days that most of your customers have a need for a better approach. One that:
- is more accurate and effective,
- delivers more value while drawing on fewer resources,
- addresses one or more areas that are not adequately protected currently.
Start by asking them open-ended discovery questions and allow them to talk about how well they feel things are at present, and in doing so begin to uncover areas of need. For example, ask them what their strategy is to prevent malware, how they are balancing the needs and desires of their end users with security, and how proactive and effective their current solution is at blocking malware.
As your customer describes the current situation for them, continue to probe and ask more specific questions about areas that they are not completely satisfied with, how they feel things should be different, and what the negative consequences of those pain points are for them and for their company. In doing so, you will help your customer to define and quantify what the issues are that require solving now, and where the areas of highest value are that you can deliver today.
On the subject of malware, common challenges IT departments deal with too often include:
- cleaning up outbreaks,
- deploying and updating updates and protection,
- identifying and mitigating vulnerabilities, and
- maintaining compliance with policies and regulations.
Good probing discovery on topics such as these is not asking “do you have a problem with malware” (which most often will yield a simple “no”), but instead to ask your customer to describe how they deal with each of these issues when they occur. Yes, you can assume one or more of these do at occur at some point, if not your customer is stonewalling (or you skipped a step), go back to the initial discovery questions. Examples of this include:
- Describe your last malware outbreak, what happened?
- How quickly were you able to resolve it?
- How did your key stakeholders react during this time?
- What did it cost you in terms of time and resources?
- Were there other impacts to the business as a result?
- What would the impact to your team if it happened again?
- Are you personally at risk if things get worse?
Once the customer has established with you what their most pressing and urgent needs are, help them to identify and profile the highest value solution for them by asking them how things could be better and what would need to be different. In developing this vision of the future, you are working with them to address their needs, and in doing so building credibility. The best of all, they are selling you on the solution they need, instead of you trying to sell them on a product’s features and benefits.
When you’ve reached this point, you will have:
- identified an explicit set of needs to address the customer’s malware problem,
- built credibility with the customer by focusing on them and understanding what their situation is,
- and you will have set the stage for you both to map this to the best solution.
In doing so you will have earned the right to present your solution offerings, you will have provided the customer with valuable consulting (differentiating yourself from your competition) and you will begin negotiating in terms of value, not price.
In the next installment in this series we’ll take this approach further, examining in more detail:
• the commonly required capabilities for malware protection,
• what some of the measurements of success your customer may want to use are,
• what some of the best-in-class products are to meet these capabilities
• and where in the value-based process to engage your vendor partners for success
In the meantime, good selling!
Note: This article is the first in a monthly series on the topic of security and a value-based approach to solving your customers’ problems.
Chris Doggett is director, global channel sales at Sophos. Guest blog entries such as this one are contributed on a monthly basis as part of The VAR Guy’s 2009 sponsorship program.