IT Security: Follow Good Solutions with Good Policy

Providing reliable IT solutions from industry leading companies including Microsoft, WatchGuard, HP and others is important.  As the trusted IT provider for our clients, we deliver integrated solutions involving multiple manufacturers and products.  Our consulting services often accompany the solution.  Too often the process ends with an implementation that does not reflect the full potential of protection.  In the process of consulting, we will make recommendations that focus on best-practice security and protection of the customer environment. These recommendations need to translate to policy in the customer’s operation to deliver the final result.

This year is expected to show a continued increase of ransomware and other Internet “data attacks” that can leave a business helpless.  The end result of good security policy may be the determining factor in protecting your operation.  A typical scenario we encounter is during the implementation of a perimeter firewall.  Customers will perceive web proxy security (firewall filtering of web traffic) as a hindrance or inconvenience to their work.  They will decline our recommendations to use the proxy services which can block scripting and malicious site content.  This results in a good product followed by bad policy.

In a January posting, WatchGuard reported their results from surveying over 1,400 partners (view).  I interpret the results as an indicator many resellers face the same challenges in getting customers to adopt sound policies in their security strategy.  The survey showed 83% of resellers felt ransomware would be the prevalent concern of customers this year.  More startling is that 65% believe that some of their customers will pay for ransomware.  And, finally, 45% believe less than half of their customers have the proper resources in place to manage security alerts.  I believe this can be summarized by poor policy.

There are great security products in the market.  Our managed services program is based on 3 security principals: Network, EndPoint and Data.  Each of these areas requires top-down policy to support the capability of the tools we deploy in the customer environment.  If you want your resellers to respond more confidently about your security protection in the year ahead, listen carefully to their recommendations.  Most resellers are willing to educate customers on the features and benefits of security products.  The survey reported that nearly 80% of the resellers did not think their customers cared about the two leading types of network security products.  We have to take that as a challenge to educate and raise that awareness.  No one wants to be the next headline reporting years of data lost like a Texas Police Department (view).

Resellers, take the security conversation to your customers and translate the technology to good security policy.

Businesses, make the effort to understand the security options and think of protection in the layers relevant to your operation.