Security integrators and resellers are being challenged by the constantly evolving threat landscape, and at times find it difficult to satisfy a customer's security needs. The threat environment requires more depth than traditional endpoint or Web gateway protection provide, in most cases.
Channel partners can provide an important value-add by helping customers first understand which threats are relevant to their business, and then combat those threats with the proper mix of endpoint, gateway and data protection products.
This checklist can be used to help determine what threats are relevant to your customer's business:
Is the customer currently doing, or planning to do any of the following:
- Maintaining credit card or patient health records: If so, the customer should be thoroughly familiar with the Payment Card Industry Data Security Standard (PCI DSS) for credit cards or the Health Insurance Portability and Accountability Act (HIPAA) for health records. In both cases, achieving compliance is not the end of the story. Since both standards are continually updated, channel partners specializing in customers with PCI DSS or HIPAA requirements can be a valuable resource and
Requires Membership to View
To gain access to this and all member only content, please provide the following information:
By submitting your registration information to SearchSecurityChannel.com you agree to receive email communications from the TechTarget network of sites, and/or third party content providers that have relationships with TechTarget, based on your topic interests and activity, including updates on new content, event notifications, new site launches and market research surveys. Please verify all information and selections above. You may unsubscribe at any time from one or more of the services you have selected by editing your profile, unsubscribing via email or by contacting us here
- Your use of SearchSecurityChannel.com is governed by our Terms of Use
- We designed our Privacy Policy to provide you with important disclosures about how we collect and use your registration and other information. We encourage you to read the Privacy Policy, and to use it to help make informed decisions.
- If you reside outside of the United States, by submitting this registration information you consent to having your personal data transferred to and processed in the United States.
- keep customers informed of upcoming changes and tightened requirements, while helping them plan required upgrades.
- Moving some processing to the cloud: Cloud computing imposes a new set of security challenges. Review issues, such as data protection, access control and vendor management, with the customer and plan for how to address them.
- Using virtualized servers and networks: If so, applications and data that formerly resided on a restricted set of devices may now be moving from device to device as processing loads vary. Network security tools must be upgraded to deal with the increasing complexity.
- Has virtualized end nodes: Most customers maintaining wireless networks have already upgraded to WPA2 and understand the need to scan periodically for rogue APs. But now the move to end node virtualization creates another avenue for hackers. Virtualization features such as Windows 7's Virtual WiFi Adaptor enable an end node to function simultaneously as a client and an AP and act as a bridge from a hacker's node into the enterprise network. Customers need to upgrade to wireless protection devices that can detect this type of attack.
- Is publically traded or about to go public: Public companies understand the need to strictly limit access to financial information. But an idle remark on Facebook, such as, "We've been working overtime for weeks, got a big flood of orders." can reveal that the quarter will exceed expectations. Employee training is the key to avoiding these situations.
- Provides website access to internal records: Any site with an interactive interface to sensitive internal data must maintain an intrusion prevention system (IPS) to guard against attacks such as cross-site scripting and SQL injection. A site that provides only public information, such as descriptions of products, does not need to install an IPS but may still require defense against denial-of-service attacks.
- Allows remote access by employees: Do employees take laptops out of the building? Remote access, whether from employee-owned workstations or company-owned systems requires VPN software on workstations and on the internal host receiving calls. A network access control (NAC) solution is also required to protect against viruses picked up outside the company network.
- Has replaced traditional phone service with VoIP: A customer with an internal Voice over Internet Protocol (VoIP) PBX must defend against eavesdropping and theft of service. Theft of service is the greatest danger. Hackers gain access to the PBX to make expensive phone calls that will be billed to the customer. In addition to measures to keep attackers out of the PBX, audit software should be in place to detect unusual patterns of calls. Overseas calls to places where the customer does not do business are an obvious tipoff.
- Is in a highly sensitive security environment: Defense contractors developing plans for new weapons are being continually attacked by extremely sophisticated hackers, possibly representing foreign governments. There are no specific compliance standards for defense data, but customers must deploy a variety of defenses and possibly most important, continually train employees to carefully limit access to websites while at work and to keep work and personal email completely separate.
- Is concerned about statements posted on the Internet: Channel partners can consider adding additional services such as scanning the Web, blogs and social networking sites for customer employee statements about their employer. Consider also offering to send targeted spam or make phone calls that would lead an unsuspecting employee to answer with non-public information.
Review evolving security threats with customers
After identifying and addressing the relevant threats, maintain an ongoing relationship with
customers. Periodically review the latest threats and develop plans to address them. Review how
changes in technology affect security. Employees who previously logged in from laptops via a VPN
may now prefer to log in from their smartphones. Can the same VPN solution be used? If not, what
are the alternatives?
Review changes that have taken place in the business or legal environment. For example, the recent health care law extends HIPAA requirements to business associates of health care providers. A firm providing data processing services to a medical office may not be aware that it is now subject to HIPAA compliance. Another data processing firm may previously have had no need to be aware of HIPAA, but now has taken on a medical office customer.
Review security procedures and staff training. It's easy to gradually relax the level of vigilance. Someone from outside the organization may be more effective in noticing that incidents are no longer being thoroughly reviewed or logs are not being kept up to date. New employees may not have been trained, and existing employees may not have received training on new product versions.
Opportunity knocks. The expertise you will develop in reviewing customer requirements and installing products can open the door to new services. While channel partners must today provide customers with more than endpoint protection, there is tremendous opportunity to broaden your skills, while dramatically increasing revenue potential and enhancing customer relationships.
About the author:
David B. Jacobs of The Jacobs Group has more
than twenty years of networking industry experience. He has managed leading-edge software
development projects and consulted to Fortune 500 companies as well as software
start-ups.
This was first published in September 2010