Archives For access assurance

Shooting in the Dark

February 10, 2011 — Leave a comment

Yesterday I mentioned Covey’s second habit – Beginning with the end in mind…how does this work in practice?

When planning a sales call, “the end”, or meeting outcome must be the first consideration!  Doing otherwise wastes both yours and the prospects time.  What should the call outcome be?  Almost every company I work with can tell me what tends to lead to a sale.  For instance, last week I was speaking at a software company’s partner summit.  They quoted a statistic showing that ninety percent of their “Proof of Concept” initiatives lead to a buying decision.  In another national sales meeting I spoke at, an access assurance company presented a similar statistic.  One reseller client I work with on quarterly marketing events says that he closes follow-on projects for ninety percent of the complementary assessments he offers.  With this in mind, they are generally able to quantify what qualifies their proof of concept effort, who should be involved, and how to run the program.  This is the goal, to get to this point with these people.  On the other hand, my non-scientific surveys show that companies are closing about ten percent of their proposals; even among companies who have shared their key to success as stated above.  What that tells me is we are writing the proposals before getting to that predictable key point in the sales process, or we just have not identified it yet.   If you don’t know the end goal, you’re just shooting in the dark.  If you do know it, you may be wasting great opportunities.

© 2011, David Stelzl

This time it’s a case of shared passwords…another case for stronger authentication.  SC Magazine reported late last week on a loss of data containing all kinds of information including people’s social security numbers (Lincoln National in Radnor, PA).  This type of information requires stronger protection than a simple password, yet companies just keep going with their outdated security models.  Use this article to show your clients why they need to invest in strong authentication methods using tokens, one time passwords, dual authentication,…etc.  Especially when dealing with financial institutions or health care, you can’t depend on employees to manage their own passwords, and in this case the passwords were shared – a clear violation of any federal security regulation or best practice in security.  Did the executives of this firm know this was going on?  Probably not – this is why it is essential to involve asset owners in the security discussion.  Custodians are not liable and have not been successful in getting their management to understand the issues that create security budgets for this type of thing.  Read more on the SC Blog.