Hardware, software and services are, at their very core, merely tools to enable an end-user to perform his/her vital functions. But dealers are not merely tool chests of the physical and virtual variety, and security solutions fall even farther outside the chest. But as security goes, so does enablement.
The earliest iterations of security software certainly constitute tools. But the growth of cybersecurity intrusions has elevated management above all else. Herein lies the point of differentiation that fuels a true security solution. The more heightened the vigilance, the better the odds dealers can deliver on the managed security value proposition.
We’ll open September’s State of the Industry report on security with an overview of how dealers have been able to set themselves apart from their fellow providers.
The ability to respond to threat vulnerabilities on a 24/7 basis is the foundation for an effective security platform, notes Scott Anderson, senior vice president of IT for Kelley Connect, based in Kent, Washington.
“You have to be able to respond to known and unknown vulnerabilities, the things that endpoint security software doesn’t stop,” Anderson said. “The biggest differentiator is having a 24/7 security operations center behind the scenes that can respond to threats and vulnerabilities, and provide threat hunting. It has to be more than a tool or software installed on a device. That’s what we’re focused on, wrapping our services around our clients with the ability to respond real-time should any threats occur.”
Line of Business Leaders
Demonstrated expertise goes a long way, and that is one of the calling cards for St. Cloud, Minnesota-based Marco. The dealer was an early adopter in establishing a dedicated security team, driven by its desire to develop expertise in the myriad of vertical markets it serves, including health care, financial, state and local governments. The intricacies and regulatory requirements of a given vertical preclude a one-size-fits-all approach to security.
According to Marco CISO Mike Burgard, establishing those competencies helps foster confidence when the company pitches its value proposition. “When we’re engaging with a new client or prospect, one of the things we can do is pull in that expertise and have conversations about how we solve real problems in a cost-effective manner, and actually check the boxes in a meaningful and impactful way,” he said. “Not that we think we can check the boxes, but we know we can. We made the right partnerships, the right alignment, and we’ve focused on having our expertise.”
The ability to bundle the leading security solutions into a single package that is unparalleled in its markets has produced optimal results for Elevity, the managed IT arm for Gordon Flesch Company of Madison, Wisconsin. According to Paul Hager, director of solutions, Elevity’s superior technical capabilities are combined with a team of strategists, architects and vCIOs who are among the most talented in the industry. That has been validated time and again via positive feedback from its customers in the field.
One of the keys for Elevity is providing guidance to enable their end-user partners to meet cybersecurity regulatory requirements. Having depth in experience from a vertical standpoint ensures the partner can graduate through an often complex process.
“Security compliance is especially important for our manufacturing clients that supply materials to the U.S. Department of Defense,” Hager said. “The new cybersecurity maturity model certification (CMMC) applies to any company manufacturing a component that goes into products made for the DOD. Small- and medium-sized manufacturers don’t have the same resources to throw at becoming compliant that larger companies do, so they turn to us for help. We help them understand what they’re missing and develop a plan to fill in those gaps.”
Getting Ahead of Issues
Taking a proactive approach to the customer’s environment and associated security is a critical differentiator for Les Olson Company, based in Salt Lake City. According to Keith Adams, vice president of IT, many systems are inherently designed to be reactive in nature, logging information that may be referenced for “after the fact” analysis of an event.
The Les Olson Company approach seeks to get in front of events before any significant damage can occur. “We try to focus on the immediacy of these situations and employ tools that can help us address these issues as they occur and provide us every opportunity to intervene before the event becomes something of significance to the customer or our team,” he said. “We also try to ensure that we have an approach that is tailored to the customer’s business goals, industry standards and individual risk tolerance.”
When it comes to the subject of managed IT, security provisions act as a leadoff hitter in any conversation engaged with Impact Networking of Lake Forest, Illinois. The dealer’s package includes mandatory elements such as KnowBe4 for end-user training and next-generation endpoint security, and could also feature Cisco umbrella for DNS protection.
“Two key categories that traditional IT typically does not include are detect and response,” notes Jeff Leder, director of managed IT security services for Impact Networking. “That’s sort of the area where IT operations traditionally end and cybersecurity begins. With the cybersecurity program, the monitoring and toolsets that we deploy, the SOC is able to do things like proactive threat hunting within the user’s environment. That is a full-time job, where they’re monitoring notifications and alerts, and searching for any indicator of compromise or activity that could indicate an attacker has compromised that environment. That’s their entire role within the SOC, to monitor and respond to those sorts of incidents. It’s certainly an extension beyond your traditional IT approach.”
Reminder: Please be sure to submit your 2020 Elite Dealer nomination form before Sept. 13 for the chance to be among the nation’s top dealers honored in the December issue of ENX Magazine!
