Adding Security to Managed IT

Security is the most important part of your managed program.

Last Thursday I spoke to resellers in Atlanta, sponsored by Check Point Software.  This all day event included several important updates for resellers on what to consider in your managed program.  Keeping patches up-to-date and backing up data is important, but just about any reseller can do this.

What Small and Medium Size Businesses are Missing is the Ability to Detect Security Issues  

Following my session, was an excellent overview on how Check Point manages security at the end node. Small businesses are not going to stop their people from using their own phones and tablets for work (BYOD).  So how will these companies stop all the mobile device malware coming out?  This is a perfect role for the future SMB MSSP.  Can your company detect when a mobile device has been compromised? Are you able to help your clients make sure unauthorized users are not connecting to their wireless network? What about monitoring their IPS or correlating their events and providing reporting to show attacks you are blocking?  It’s all about intelligence. Helping small businesses (the businesses most targeted by today’s hackers) detect when someone is trying to access their data, and then responding to stop it.

It’s Not Just Technology – Marketing Science I Needed

In my session I showed how resellers should market and sell this. Not all business owners immediately see the need. As an example, the event I did last week in Richmond had over 30 attendees – every attendee (with the exception on one person who left early) signed up for an assessment provided by the hosting reseller. But I can tell you, not all of these attendees thought they had a need when we started the meeting. It was only after they heard the message.

This is the place to start.  These attendees where business level people, interested in keeping their businesses safe and growing. Assuming they are pretty safe, their focus is on profit and growth.

They may not all need more security, but the assessment process we are using is designed to uncover urgent issues such as compromised end nodes. If we don’t find problems, they should just keep checking. But we almost always do.

I spoke with one reseller yesterday who performs several assessments every month. While just about every assessment shows urgent issues, his assessment-to-project conversion is only about 15% (Which is average for our industry). Something is wrong here. If all of the assessments reveal urgent issues, why is the conversion rate so low?  It’s the assessment process. It’s designed to uncover vulnerabilities, but not designed to convert clients.

In my session I reviewed how to move business people from thinking they are fine, to understanding the truth about security. From there, we talked about how to assess and convert, to help businesses take the right actions to keep their data secure. Once things are under control, the MSSP offering should be designed to maintain an acceptable level of risk.

Providing this to your customers will make you one of their most important strategic partners.

© 2015, David Stelzl

P.S. if you’re interested in selling more security, consider the Security Sales Mastery Program – contact us to see if your company is eligible for training sponsored by Check Point Software, or one of several other well known security manufacturers.