Security on the rise

By David Binning on May 16, 2005 3:19PM

Rapid profileration of affordable bandwidth throughout the home and businesses coupled with the surging ranks of online crooks and vandals has created a global security headache that was unforeseeable even two years ago. These days, for instance, it’s assumed that an unprotected computer has only a few minutes alone on the internet before being visited by something or someone with less than good intentions.

And while large organisations are spending more and more to protect themselves, the lower tiers of the business world are still trying to understand what the threats actually are, let alone develop proper strategies to counter them. For the Australian channel, these factors have created enormous opportunities to develop more services-oriented business models for valuable new annuity streams.

According to Wendy O’Keefe, managing director of LAN Systems, the security market presents massive opportunities for growth, provided suppliers know how to handle it properly."We’re in security because it’s a growth environment -- 50 percent of CIOs say that they’re spending money on security."

She adds, however, that unlike most other sectors of the industry, security is all about interdependence between different partners and different technologies and that striking the right balance here is the key differentiator of success. "It’s like imagining all the skittles in bowling -- you need to have all 10 in place before you start," O’Keefe says.

RSA Security, long viewed as a leader in identification and authentication, sees security as being as much about improving productivity as anything else.

RSA Australian channel manager Chris Wood says the veritable explosion in passwords and user names that individuals and their employers now need to manage presents great opportunities for companies to develop a broader understanding of their clients’ needs beyond just telling them what they need to fear. "Single-sign on, for instance, is purely a productivity tool and an example of security as an enabler, rather than being -- as most people tend to think -- another bolt on the door and another key that they have to carry," he says.

A major area of concern, especially within the corporate market, Wood adds, is the development of more sophisticated authentication systems.

"Companies need new layers whereby people’s identities are actually verified rather than merely recognising a registered entity," he says, adding:"There’s no point in having all these checks and balances if you have weak authentication."

Wendy O'Keefe
LAN's O'Keefe: Security about interdependence between partners and technologies

David Stevens, managing director of Sydneybased reseller and ISP SecureTel, believes that one of the biggest misnomers about security in the channel is that the supposed kudos attached to any particular vendor or product will actually translate into business. "One of the great myths that exist in the channel is that you can create trust in some sort of magical fashion when really it’s about doing a great job and developing strong relationships.

"I don’t think hanging your shingle on the door [which says] 'Buy a secure connection here' is going to cut it."

This fact, he says, has created a fair degree of tension between vendors and suppliers in this highly competitive space.

"You get the trust relationship by selling the client what it wants, not what the vendor wants," Stevens adds. "But vendors don’t really want this because it takes the focus off the technology."

SecureTel started out as an ISP and also acts as a reseller for services like PBA’s (Personal Broadband Australia’s) iBurst.

On the security side, the company offers a wide range of technologies that form part of an overarching managed service, configured so as to appear transparent to the user. "We’ve made security like a utility: it’s a plug in the wall," Stevens says.

SecureTel hopes to see big opportunities with the growth of wireless communications in Australia, especially in non-proprietary, therefore riskier areas such as Wi-Fi.

According to Scott Frew, director of Firewall Systems, the channel has an opportunity to take a second bite of the security cherry in Australia, having learned that the business does not need to be as complicated, or more importantly capital intensive, as once thought.

"Resellers that were security experts have gone by the wayside over the past five years," he says."They failed because they built these huge operations centres but weren’t able to get a return on their investment."

Also, the fact that smaller businesses are increasingly exposed to the same threats as larger organisations has created new opportunities for channel companies to develop clever solutions that are not prohibitively expensive to buy or deliver.

Chris Wood
RSA's Wood: Develop a broader understanding of client's needs

"History shows that companies have been just dropping firewalls in then walking away, when it is known that vulnerabilities can appear literally in minutes," Frew says.

"What we’re trying to say is build services and products that protect the network against things that haven’t been invented yet."

Chris Howells, founder of Australian modem company NetComm and now director of network access and security newcomer NetLeverage, agrees that there are huge opportunities in the small to medium business segment, especially given the rapid migration to broadband services like ADSL.

"You’ve got the situation whereby larger companies can afford to pay top dollar for top IT experts while the smaller companies can’t afford them and their directors don’t want to get involved," Howells says.

"This is despite the fact that the same people trying to break into Westpac are the same people trying to break into their networks."

According to Matthew McGlashan, a security analyst with emergency response group AusCERT, a key factor in smaller companies now being more exposed is that security is yet to become part of the normal evolution of a business in the same way as, say, staff naturally are.

"Many small businesses are at the stage where they need to expand their infrastructure, which presents new risks that many are not even aware of," McGlashan says."You’ll often find small businesses are much more focused on expanding their business in a business sense -- such as getting more staff -- than looking at their infrastructure issues."

There is nothing new or unusual about this but as illegal online activity continues to rise and its perpetrators become cleverer, businesses at certain stages of development may find themselves in real trouble.

"The greatest difficulty is with companies that have expanded to the point of needing more IT support and actually being able to identify problems," McGlashan says.

Hackers and the like are also more motivated by financial rewards than they used to be, which has led to a surge in activities like ‘phishing’ to illegally obtain details such as banking account numbers.

"Security is a strange market," according to Andy Solterbeck, general manager of the security division of ASX-listed technology company Senetas and IT Security Forum board member.

"What usually happens in IT is that something comes along and a whole lot of point companies develop IP before a big company comes along and tries to develop the one over-arching solution," he explains."You can’t do this in the security market."

Well not yet, and certainly not when it comes to larger companies in the finance industry.

Solterbeck says that the main concern at the big end of town is developing security strategies that are aligned with corporate compliance and other standards, but that this is not a simple task.

"The challenge for financial institutions is how to build a security environment that allows them to meet their security compliance obligations while trying to build best-of-breed solutions -- they are going to find this quite difficult."

David Stevens
SecureTel's Stevens: You get the trust by selling the client what it wants

There have been some startling examples recently of the sorts of threats facing larger organisations, not least of which are cybertracking devices that have been found on points of public and private communications infrastructure in the US.

These devices are capable of reading data directly from cables and can be bought on eBay for as little as US$1000.

"Suddenly the ability to encrypt at high speed with no latency has come to the fore pretty quickly," Solterbeck says.

But while the big private organisations have been the major targets of illegal online activity, other segments of society and the economy are finding that they too are being infiltrated, AusCERT’s McGlashan says.

For instance, it is expected that the expansion of online services throughout the public sector will present a whole swag of new IT security challenges for government departments as they struggle to manage and secure swelling amounts of sensitive data. 

"It [hacking] is not just happening to customers of banks; it is increasingly happening to customers of other industries," McGlashan says. And hackers are getting a lot smarter. "Organised crime has worked out 'Why bother attacking companies directly -- just work out their weak spots'."


How creative

According to Andrew Trickett, founder of IT security consultancy CyberInquest, there is a degree of complacency on the part of organisations that having a security product will keep them safe.

He says that proper security strategies should be built on the assumption that the ‘cleverest’ threats are likely to be the most creative.

Scott Frew
Firewall's Frew: Companies have been dropping firewalls in and walking away

"Some of the best hacks that have been done have exploited things that just weren’t considered beforehand."

One emerging area that organisations should consider,Trickett believes, is the security of VoIP calls.While cautioning against the need for any ‘mass hysteria’, there are cases where large organisations especially should take care to ensure that calls are not able to be intercepted within their own network architectures.

For instance, it is quite easy to intercept a VoIP call using only a simple packet-capture tool, providing the hacker is on the same LAN as the caller. This could present problems to organisations with thousands of staff making VoIP calls.

"It’s certainly very easy to intercept an unencrypted VoIP call by someone actually on the network, and then store and play back that call," Trickett says."In the same way that organisations should try and protect sensitive data or emails, they should also take steps to secure VoIP."

Internet Security Systems (ISS) Australia managing director, Kim Duffy, says that his company was one of the first in the intrusion detection game and is currently moving towards perfecting what it calls ‘The Universal Agent’, a solution for detecting vulnerabilities before the hackers do, so that threats may be more effectively pre-empted. "Before the Slammer worm appeared, we knew it as 'vulnerability x'," Duffy says.

In common with most of its peers, ISS also sees the channel as an essential component in the marketing of IT security solutions.

"They represent one of the fastest growing areas of the market therefore we want to be involved -- we have found that the knowledge within the channel has been increasing very rapidly."

"The reason why security has become so serious is because more and devices have become connected to each other," says Ross Fowler, Australian managing director of Cisco Systems.

As the company that owns most of the networking equipment behind the internet, Cisco takes its responsibilities very seriously, spending around 10 percent of its entire $US3 billion annual R&D allocation on security.

"The way that threats are evolving means that organisations have less and less time to respond," Fowler says.

Cisco’s response to this problem is a strategy it calls the ‘Self Defending Network’, which is designed around the concept of automated, end-to-end systems rather than a series of point solutions.

The company has also invested heavily in educating it channel partners about issues such as how to align security strategies with international standards such as ISO17799 at the corporate level.

Also, no less importantly, how to actually use the equipment. "We often find that there are key security settings that customers haven’t even turned on," Fowler says.

The industry’s other giant, Microsoft, says that it is ramping up its efforts to improve security as well as awarenes of security amongst its customers and channel partners in Australia.

According to Microsoft’s head of security awareness in Australia, Ben English, the company is spending around half of its $US6 billion annual R&D spend on security. "What we’ve seen is that the number of vulnerabilities in the code is decreasing fairly rapidly -- the ability to exploit them is more difficult," English says.


Two by two

Network Box director Andrew Tune views the security space in terms of what he dubs the ‘Noah’s Ark’ syndrome whereby a security supplier inevitably ends of up having to manage their solution alongside its predecessors.

"We’ve even heard stories of managed service providers looking after more than 30 clients with as many different applications," Tune says.

Andy Solterbeck
Seneta's Solterbeck: Concern that strategies are being aligned with corporate compliance

It is this chaotic approach to IT security that Network Box markets itself as solving in the Australian marketplace, largely through a dedicated and remote managed device/services model that requires very little if anything from the customer while they are left in little doubt as to what exactly they are getting.

"Clients often believe that when a company says it will take care of their firewall, it means all of their IT security," Tune says, "when this may not really be the case."

The nature of internet threats today means that probably the most important part of any IT security strategy is to secure the network perimeter, continues Tune. The regularity of threats is such that managed services are often the best option for companies, especially those smaller in size. But the risk is often that a provider may only be checking a client’s network two to three times a week, often because they do not have a proper remote management facility.

"There are some very competitive players in this market but there are some cowboys as well, which is why there are so many opportunities here," Tune says. IT security device vendor SONICWall claims to have revolutionised the network security space with its Global Management System (GMS). The company now has  around 600,000 GMS devices in circulation throughout the world that are able to be managed simply and remotely by its 700 or so global channel partners.

According to the company’s director of product marketing, Sugata Sanyal, one of the greatest drivers of innovation for the company has been through the constant analysis and tweaking of solutions throughout the channel.

"Over the past 18 months, 75 percent of changes to GMS have come from the channel," Sanyal says.

Sugata Sanyal
SONICWall's Sanyal: Innovation through tweaking solutions throughout channel

Rich Hlavka with US-based Patchlink boasts that his company enjoys a very strong relationship with its channel, helped by the fact that the company models its approach on trying to be like Wayne Gretski [American ice hockey player]. "He doesn’t skate to where the puck is, he skates to where it’s going to be."

Patchlink maintains one of the world’s largest databases of software patches (currently around 6000) spanning Windows, Linux, Mac, Unix and several other operating systems.

Helping to keep things up-to-date, over half of the company’s 200 staff are engineers.And because the service is subscription based, Hlavka explains, the company’s channel partners gain access to the most current patches, enabling them to develop strong ongoing annuity streams while looking like heroes to their customers.

"We can almost be an annuity to our channel with ongoing selling opportunities and recurring revenues," Hlavka says.

Scott McKinnel, Australian managing director of Israeli-based security company Check Point, says that the industry must move away from the old pattern matching techniques that characterised the early days of IT security, and that until very recently still defined the offerings of most of the major players.

"The degree of sophistication amongst hackers today is such that we are now dealing with threats that can attack actual applications," he explains.

"We are trying to educate the market of the need to approach IT security in terms of identifying the exception, rather than employing specific pattern matching as we have seen in the past."

But while the industry is in the process of making this transition, this is something that customers themselves need help understanding.

"The biggest threat is for companies that don’t have in-house expertise and aren’t even aware of their lack of experience," McKinnel says.

"They go to a mid-tier integrator and buy ‘a’ technology based on price or based on something they’ve read in a magazine."

Trend Micro Australia managing director Chris Poulos admits that companies like his have done very well with pattern-matching solutions, but that threats such as the Nimda virus that appeared some two years ago forced a major re-think.

"Most anti-virus companies were taken by surprise by the complexity of that worm," he says.

Like most of the major anti-virus companies, Trend Micro has moved away from purely pattern-based techniques, and is now focused on what Poulos describes as policy-based solutions, whereby customers and channel partners access frequently updated documents on the company’s website.

"We see the policy document as operating like a sprinkler system when a fire breaks out as opposed to pattern files which operate like a fire engine after the fact," Poulos says.

Continuing with the fire fighting metaphor, Poulos adds that one of the big emerging opportunities in IT security is handling patch management for small companies, which would otherwise find the experience like ‘drinking from a fire hydrant’.

Trend Micro’s Network Virus Wall is designed so that users are denied access to the network if their patches are not updated, taking the pressure off network administrators to do the policing themselves.The company recently sold its IP for this solution to Cisco, for incorporation into all of the latter’s hubs and routers.

Sven Radavics
Watchguard's Radavics: No real simple solutions

More generally, Poulos says that Trend Micro has a more focused approach to the SMB market, which is reflected in the company’s channel structure.

"Previously we were all things to all people with the channel but have now decided to be more customer segmented to recognise, for instance, that there needs to be a minimum standard in which SMBs can engage in security," he says, hinting that the company would soon announce a new channel program in Australia designed to address horizontal, rather than vertical markets.

Specialists at the low end,Watchguard Technologies, claims to be the first company to have put a firewall in a box after perceiving very early on that the SMB market was being underserviced. The company’s products have therefore developed along the lines of easy-to-use interfaces, simple configurations and of course low cost.

The company’s managing director, Sven Radavics, admits that while this strategy helped the company to gain a foothold in the SMB market, the reality today is that there are no real simple solutions for IT security.

"In the early days there may have been a valid criticism that we weren’t granular enough -- but that has changed," he says.

Like Check Point’s McKinnel, Radavics believes that the trend of companies just buying something off the shelf is changing to create more opportunities for those in the channel offering more progressive solutions.

"Security is a process, not a product," Radavics says, adding that Watchguard has developed dedicated programs to help its channel partners manage the ongoing complexities of IT security.

If one thing’s for sure in this highly complex market though, there sure are a lot of experts.

"I think that if you got 10 IT/network managers together and asked them to define what a firewall does and the explain their purchasing criteria and what they thing they’d achieve, you’d get a very interesting result," McKinnel concludes. 

Multi page
Got a news tip for our journalists? Share it with us anonymously here.
Tags:
reseller secure security security special report

Sponsored Whitepapers

Westcon
Westcon
Vertiv
Vertiv
Schnieder Electric
Schnieder Electric
NinjaOne
NinjaOne
ManageEngine
ManageEngine

Events

techpartner.news Pipeline Conference 2025
techpartner.news Pipeline Conference 2025
Integrate Expo 2025
Integrate Expo 2025
Security Exhibition & Conference 2025
Security Exhibition & Conference 2025
techpartner.news Benchmark Security Awards 2025
techpartner.news Benchmark Security Awards 2025

Most read articles

Microsoft unveils FY26 changes to AI Cloud Partner Program

Microsoft unveils FY26 changes to AI Cloud Partner Program
Atturra to buy Melbourne’s Blue Connections

Atturra to buy Melbourne’s Blue Connections
Bluechip Infotech enters final stage of Goodson Imports acquisition

Bluechip Infotech enters final stage of Goodson Imports acquisition
TasPorts taps Brennan for multimillion-dollar digital transformation

TasPorts taps Brennan for multimillion-dollar digital transformation

Log in

Email:
Password:
  |  Forgot your password?