Home > RSS Feeds > Security
  • A new survey from CompTIA underscores the paradox that security solution providers across the channel regularly face. While IT security is a higher priority than in the past, nearly half the 500 IT security professionals surveyed said they believe their companies' existing security products and processes are good enough. At the same time, only about half said they are satisfied with their existing IT products and technologies. That would suggest that half the respondents are at least open to considering new IT security options. However, the biggest driver of changes in corporate IT security posture is not a security breach, but rather changes to IT operations processes. For solution providers, that means the best way to identify security opportunities is to track changes to IT operations in customer environments. In the meantime, it's also clear that many IT security pros are perhaps just a little too confident in their current skills and overall security posture. Unfortunately, it's only a matter of time before many of them face a rude awakening. We look at key findings from the CompTIA study.

  • Tech Data is homing in on security with a new business unit that aims to help solution providers navigate an expanding array of security products and services.

  • The growing success rate of cyber-attacks indicates that enterprises are open to security risks in Windows environments, according to a survey by ManageEngine, a vendor of network, server, desktop and application management software. The study, based on a poll of 327 IT administrators from organizations worldwide, finds that many of the attacks are centered on Active Directory and used to control access to the network and resources that aren't secured correctly by many organizations. Although the survey finds that organizations are paying attention to security for Active Directory, "Windows environments are far from being secure, and improved overall visibility is essential, according to Derek Melber, technical evangelist for ManageEngine and microsite manager of security hardening for Active Directory and Windows Servers. Opportunities abound for companies in the channel to play a role in developing solutions to give enterprises the knowledge and tools they need to monitor and mitigate security risks in the Windows environment. Here's a look at key findings from the study.

  • On average, organizations experience nearly 5,800 suspicious activities monthly, according to a recent survey from cloud security specialist CloudLock that analyzed the daily behavior of 10 million users, 1 billion files and 140,000 cloud apps. One of the biggest challenges organizations face with thousands of suspicious or unusual activities is determining which ones hold the biggest potential threats. The research offers a methodology designed to help security professionals focus on user activities that exhibit a higher level of threat. It centers on an adaptive security model that includes threat intelligence, cloud vulnerability insight, cyber research, community intelligence, centralized policies and contextual analysis. Organizations, particularly those that don’t have the internal IT resources, can work with service providers with a strong security practice to develop a program that pulls together all of these predictive and preventive capabilities. Channel Insider examines key findings from the study.

  • Intel Security is offering channel partners various incentives for selling solutions to customers rather than point products.

  • ANALYSIS: Many executives continue to believe that achieving one automatically assures the other. Here's why this is not the case.

  • New research points to increasing concern over IT security among finance and line-of-business executives. A survey of 1,014 senior finance and LOB execs conducted by Cisco Systems finds that not only is there more awareness of IT security within the context of digital business transformations, almost two-fifths report halting a project because of IT security concerns. At the same time, nearly a third said the main purpose of IT security is to enable business growth. While there is clearly still a long way to go in terms of changing business executives' perception of investments in IT security, solution providers across the channel should be heartened to see significant progress. In fact, Cisco claims to have identified 400-plus use cases that will drive $7.6 trillion in digital value globally over the next decade. Just as significantly, the Cisco study also notes that accountability for security is now moving outside the IT department, and that is why so many business executives admit it's now much easier to get funding for IT security projects. Channel Insider looks at key takeaways from the report.

  • IT professionals should not underestimate the importance of their business partners and suppliers' security standards, and need to make investments to protect their interactions with others in their supply chain, according to a study conducted for security specialist Tripwire by Dimensional Research. A lack of security at business partners and suppliers can have a major impact on a business' bottom line, ranging from a loss of customers to lower share pricing. While the majority of the more than 320 IT professionals surveyed are confident in their organizations' ability to protect sensitive customer data, nearly half said they are not confident in the security practices of their business partners and suppliers. Yet many organizations continue to work with partners and suppliers that fail to meet their security standards, and many don't evaluate suppliers to make sure they meet their security requirements. One of the biggest reasons respondents cited is a lack of resources. This is where channel partners can work with organizations to help them select products and implement procedures to mitigate security risk in the supply chain. Here are key findings from the study that show why IT pros should take seriously the business impact of security throughout the supply chain.

  • Successful channel partners will focus on three key areas—processes, skills and products—to ensure that they are well-positioned for new opportunities in enterprise security, according to a new CompTIA survey of 400 IT channel professionals. This translates into having the right expertise, resources, skills and mix of security tools beyond firewalls and antivirus software to engage in continuous security conversations with their existing and potential customers. The study, Security in the IT Channel, finds that a security offering is more than a simple production installation and is an ongoing process, thanks to new technology models that are changing how companies address security. "Security products alone aren't enough," said Seth Robinson, senior director, technology analysis, CompTIA. "New processes—risk analysis, compliance management and cloud provider evaluation—must be part of the security mix. Education of end users, the weakest link in the security chain, also requires greater emphasis." Channel Insider examines key takeaways from the study that offer insight into why channel partners must be more proactive in customer education as well as training and service management.