Security: A Cuber's Paradise

By Tara Seals

No longer a simple question of adding a firewall to an Internet connection, network security has exploded into a multimillion-dollar market with more variations than a Rubik’s Cube. Solve the puzzle, and you could be on your way to lucrative opportunities.Threats to corporate networks are becoming more sophisticated, and simply installing firewalls and running antivirus software on the PCs wont cut it. Plus, with the widespread introduction of wireless cellular data connections at network speeds and prices that made them attractive for the first time to business users, the danger has snowballed. By 2006, two-thirds of U.S. employees will be mobile in nature, often working while on the road or from the home, according to IDC Research.Thus, a multilayered approach to security that goes beyond the network borders increasingly is in demand. The network no longer defines how information is accessed and secured; rather, the applications and users dictate how communications are conducted, says Matthew Kovar, Yankee Groups security solutions and services analyst, in a research note.To fully take advantage of opportunities in the market, resellers and service providers would do well to become security deployment specialists. Organizations are often on their own, selecting a range of point defenses available from a whole slew of vendors. Partners can light the way, laying out the safest path.The flagship area of Internet security from the beginning has been firewalls, and intrusion detection and prevention. If the firewall is the lock on the doors of the bank, closed circuit camera surveillance and recording is intrusion detection. Meanwhile, intrusion protection systems are the security guards in the bank that can walk over and stop threats.New intrusion detection signatures are being developed every day by hackers. Viruses constantly are changing. That means a basic challenge is maintenance a good consultative area for the enterprising VAR.Internet security content filtering, e-mail scanning and spam is another practice area. CPE at the customer site for centralized monitoring, software that runs on client devices and e-mail security appliances that combine virus, spam and content filtering in an all-in-one product are all options.Remote workers also can be threats. Teleworkers with unrestricted access to the Internet could unwittingly download a virus. Or, if a worker uses a home PC to do some weekend work, she may not have a VPN to connect to the corporate network, or she might not have updated the virus definitions often enough, resulting in corrupted files.More and more, mobility, too, is important. Infected smart phones, Wi-Fi form factors and other data-enabled wireless devices can spread a virus across the network through the terminal connection. Plus, the hacking community recognizes that the end device is the new key to gaining access to the enterprise network. A particular area of vulnerability is public hotspot Wi-Fi, where usability is the byword. From the providers perspective, tight security only makes it more difficult for users/buyers of their access to get connected. Thus, the local network within the hotspot is prone to data capture through tools, available off the Internet today, on a hackers PC. Further, if the device itself has shared drive or VPN access with auto-sign-in, the hacker could potentially gain access to corporate networks, proprietary information or intellectual property.To address any of these areas, solutions providers can take a single-vendor or best-of-breed approach, provide hardware or software-based solutions, or sell a managed offer. Forecasted by the Yankee Group to be a $3.7 billion market by 2008, managed security in particular offers a significant market for channel partners. This outsourcing option also provides for monthly residual income from the subscriptions. And, its a play that applies to a wide swath of organizations, from small to large. It simplifies daily security maintenance and updating for the business, and allows solutions providers to focus on layering in other functions and applications.There also are ongoing security assessments and professional services such as audits to consider offering. The Achilles heel for nearly every enterprise remains the potentially exploitable vulnerabilities that are not addressed by [network security perimeter defenses], writes Yankee Groups Kovar. Unpatched, outdated and misconfigured software is the choice target of hackers. A continuous assessment of not only external but also internal network and application infrastructure is necessary to identify vulnerabilities and mitigate them in a timely manner.Whether a small to midsize company with limited resources, or a large enterprise with various systems and thousands of users in multiple locations, businesses see security as a top budget item. And that means the decision to offer security is no puzzle for the savvy channel partner.