By Chris Doggett

malware-problem-solution

Most of your customers’ IT departments are fighting a battle against malware that is becoming more and more difficult to stop due to the proliferation and sophistication of attacks, the difficulty of responding to outbreaks, and managing complex systems in order to enforce security policy. How do you know? Just ask them.

One of the most important and powerful ways to establish the needs of your customers and identify the way that you can best create value is to ask good discovery questions. All too often, your customers are confronted with people who are trying to “sell them” on a solution, without understanding what their needs truly are. This seldom works, and results in customers being generally averse to considering alternative approaches and solutions, even if they are better.

The Search for a Better Way

On the subject of malware, it’s a safe bet these days that most of your customers have a need for a better approach. One that:

Start by asking them open-ended discovery questions and allow them to talk about how well they feel things are at present, and in doing so begin to uncover areas of need.  For example, ask them what their strategy is to prevent malware, how they are balancing the needs and desires of their end users with security, and how proactive and effective their current solution is at blocking malware.

As your customer describes the current situation for them, continue to probe and ask more specific questions about areas that they are not completely satisfied with, how they feel things should be different, and what the negative consequences of those pain points are for them and for their company.  In doing so, you will help your customer to define and quantify what the issues are that require solving now, and where the areas of highest value are that you can deliver today.

Common Challenges

On the subject of malware, common challenges IT departments deal with too often include:

Good probing discovery on topics such as these is not asking “do you have a problem with malware” (which most often will yield a simple “no”), but instead to ask your customer to describe how they deal with each of these issues when they occur.  Yes, you can assume one or more of these do at occur at some point, if not your customer is stonewalling (or you skipped a step), go back to the initial discovery questions.  Examples of this include:

Once the customer has established with you what their most pressing and urgent needs are, help them to identify and profile the highest value solution for them by asking them how things could be better and what would need to be different.  In developing this vision of the future, you are working with them to address their needs, and in doing so building credibility.  The best of all, they are selling you on the solution they need, instead of you trying to sell them on a product’s features and benefits.
When you’ve reached this point, you will have:

In doing so you will have earned the right to present your solution offerings, you will have provided the customer with valuable consulting (differentiating yourself from your competition) and you will begin negotiating in terms of value, not price.

Next Steps

In the next installment in this series we’ll take this approach further, examining in more detail:
•    the commonly required capabilities for malware protection,
•    what some of the measurements of success your customer may want to use are,
•    what some of the best-in-class products are to meet these capabilities
•    and where in the value-based process to engage your vendor partners for success

In the meantime, good selling!

Note: This article is the first in a monthly series on the topic of security and a value-based approach to solving your customers’ problems.

Chris Doggett is director, global channel sales at Sophos. Guest blog entries such as this one are contributed on a monthly basis as part of The VAR Guy’s 2009 sponsorship program.