Security

Peak‘Apex One’ – it’s difficult to think of a more confident, self-assured name for a new brand!

And it’s a brand on a mission, too – to take the burdensome management out of security. As the Apex One developers put it in their blog, this is about “detecting and blocking as many endpoint threats as possible, without manual intervention.”

This, in turn, translates into less pressure on security teams, lighter workload for security service providers, and less costly time and effort involved overall.

But is this a solution the channel will want to sell? Is it easy and profitable to deploy and manage? And what makes it different from (and better than) what went before?

You can read the full solution brief on our website, but meanwhile here’s our take on it.

Single agent: a game-changer?

Trend’s existing XGen technology already automates threat detection across security layers and endpoints, including PC, Mac and VDI.

But where even the most automated threat detection capability stumbles is the need to use multiple agents to deliver across different kinds of customer deployment – like cloud, on-premise, and hybrid.

Here, Apex One plays a blinder. It has a single agent that is consistent across all customer deployment types, significantly diminishing deployment and ongoing management overheads, and reducing the risk of automation being devalued by interruption.

Given the high proportion of enterprise clients who have complex hybrid environments, this has to be a winner!

Detection and remediation: all done for you!

But security channel partners and in-house security teams alike also need to be sure that what is being automated is the most effective way for dealing with the broadest possible range of threats. Inadequate protection delivered automatically is not a value-add!

Apex One appears to be well ahead of the curve here, however, because it focuses its automation not on preventing threats (an impossible aim), but instead on detecting and removing them.

Unknown or fileless threat? Machine learning and behavioural analysis will spot its threatening characteristics and take action.

Operating system vulnerability? Apex One creates its own virtual patches to prevent zero-day exploits from making it onto any endpoint.

And if you’re hearing echoes of EDR (Endpoint Detection and Response) at this point, it’s true that Apex One offers upsell potential into both Trend’s full EDR and MDR (Managed Detection and Response) solutions - but it’s also important to understand that what Trend have built here is in fact something quite distinct.

Whereas EDR tends fundamentally be a noisy and manual process to manage (as we explained in this earlier post) automated detection and response - which is what Trend call it - neatly does much of it for you.

Manage, visualise, investigate – all in one place

The more you can understand about a threat, the more effective the measures you can take against it.

But the challenge is in corralling all the threat information – including user-based visibility, policy management, and log aggregation - into one place, in a way that makes sense of it.

Apex One has created a centralised console that enables exactly this, so although for some more detailed analysis a connection to an optional EDR dashboard is necessary, visualisation, investigation and reporting are already built into its standard configuration, adding an inbuilt layer of insight that other solutions don’t have.

Conclusions: is Apex One the peak of security for channel partners?

Everyone likes a great name and a strong story, and Apex One has got both in spades – not least because it is in fact essentially the new brand name for the existing Trend endpoint security solution within its Smart Protection Suites solutions family.

But this is not some kind of rebadging exercise to revive a flagging solution – because Trend’s endpoint solution isn’t flagging. Just the opposite, in fact: it has received high praise from industry analysts like Gartner year after year, including in 2018.

But coupling it with a single agent shows that there’s a strategic endgame in mind: to make Trend’s endpoint security solutions as effortless as possible to use across every client environment – and therefore very hard to displace.

For end-clients and channel partners alike – and particularly existing Trend Micro Office Scan users, who will receive Apex One as a regular update at no additional cost - that’s a rebrand that will deliver far more than just a new name and a shiny logo.

Lock Hottest SecurityWhich security trends are hottest, as seen by resellers and service providers themselves? As the sun blazed, we asked our network to pick some shining examples.

What’s hot and what’s not? In the recent heat, it seems like the answer has been “everything” and “nothing” respectively!

So, as the air-con went into overdrive, we decided to cool down with a quick summer straw poll of some of our resellers, MSPs, staff and consultants on what they believe to be the security trends of the season.

“Layered security is smokin’!”

This is how one partner responded, and his opinion is echoed by commentators in the industry media.

This CSO Online article, for example, urges businesses to “create multiple layers of security in order to address a wide variety of security concerns.”

IT ProPortal, for its part, includes in its predictions for IT changes in 2018 “the urgent need for continuous visibility and layered security…”.

The reason layered security is moving rapidly up the temperature gauge is because it’s being driven by unstoppable usage that puts many day-to-day IT processes outside the traditional security perimeter (cloud applications, home and mobile working, the use of often unauthorised personal devices, etc.)

So, there now has to be dedicated defences and threat analysis at the level of each IT layer - including web gateway, endpoints, email, applications, and more.

It’s worth mentioning that within this layered security space, we’ve seen a pronounced emphasis on the Endpoint Detection and Response (EDR) element recently.

Bitdefender alone has launched two new endpoint protection platform solutions for resellers that feature EDR components (GravityZone Ultra Suite and GravityZone Elite), with MSP variants (GravityZone EDR and GravityZone ATS) also available.

Machine learning: red-hot and very cool

As a human, when it’s hot, the last thing you need is large volumes of unnecessarily repeated activity.

Yet this is how many security solutions have typically functioned.

Got multiple layers you need to secure? Then investigate the threats to each one in isolation, using a layer-specific security solution, every time.

Want Endpoint Detection and Response? Then manually sift through a constant tidal wave of alerts and false positives.

None of this is fun, which is why machine learning scored so highly as a hot topic in our poll. It introduces intelligence that simply makes security easier, and that’s cool.

Take the example of a threat or malware variant that can target multiple layers simultaneously. What machine learning makes possible is the sharing of security information across those layers, so that the characteristics of attacks that move between layers can be spotted early on, in one single, efficient process across the entire business or enterprise (Trend Micro’s Smart Protection Suites – SPS - are a great example).

Machine learning has revolutionised EDR, too, enabling it to neutralise even unknown threats at pre-execution stage (Bitdefender again). This vastly reduces the traditionally ‘noisy’ levels of alerts, essentially making EDR usable at long last!

Protecting data: an incendiary topic!

GDPR has made many businesses’ blood boil in recent times, so it’s not surprising that our poll respondents thought this topic to be an on-trend firestarter on many fronts!

Smouldering amongst the responses were how to protect data in email, how to stop sensitive data exiting an organisation, how to get data back when it’s been hacked or held hostage by ransomware, and how poor patching affects data security.

Perhaps the greatest issue of all, at least as seen by some of our contacts, is that no one security vendor appears to have an all-encompassing data compliance offering.

However, there are some interesting and effective solutions now available, as we recently explained in our GDPR Knowledge Brief series.

Ease of management: a burning priority for MSPs

Finally, when it comes to business performance, the heat is always on – which is why many of our MSP respondents wanted to raise the issue of how easy (or otherwise) it is to actually manage security solutions as a service.

From where we’re sitting, the trend here is encouraging. Security vendors are increasingly offering a ‘single pane of glass’ approach, in which their security services can all be managed, and in some cases deployed, from one centralised management console.

For service providers, this means less management and admin time needed, and therefore keener margins, as well as better quality of service delivery and, ultimately, higher customer satisfaction levels.

This article explains more, and draws the conclusion that “A unified platform that can manage all enterprise endpoints – virtual or physical – should be more than just ‘nice to have,’ but an actual ‘must have.’

Plenty there, then, to stoke up a real security debate, whatever the weather!

But if you don’t agree with any of it, don’t get all hot under the collar – just get in touch and talk to us about it.

(We’re a pretty chilled bunch here…)

 Silver LiningWhen your customers move to cloud apps like Office 365, you need a plan to replace those revenue streams. Backup and cyber-security are in the frame.

The cloud is shaking up the IT services market.

Attracted by low costs, on-demand capacity and off-premise simplicity, businesses - your customers - are switching to cloud apps for everything from office and collaboration software (Office 365, SharePoint) to storage (Dropbox, Box) to sales and marketing (Salesforce) and much else besides.

In fact, by 2018 the typical IT department will have 60% of its apps and platforms residing in off-premise cloud systems, according to cloud research from IDG cited here, and this figure is even higher in smaller businesses with little or no in-house IT expertise.

So, with the move to cloud raining on your traditional IT services parade, is there a silver lining anywhere, and if so how do you cash in on it?

Break out the umbrellas and read on…

Earn revenue securing what cloud apps can’t

Call it a silver lining or call it an open secret, many cloud apps that are in enthusiastic business use across the world are in fact riddled with security issues.

In Office 365, for example, the security built into the application only protects against known malware – which is only about 10% of threats, according to this cloud app security information from Trend Micro.

Plus, 79% of ransomware attacks and over 90% of targeted attacks start with email – which, of course, is a big part of how your customers use cloud-delivered services like Office 365.

Put these two together and you have a recipe for (from your customers’ point of view) a GDPR catastrophe, but (from yours) a cloud that rains security revenues! This enables you to replace other IT services you became unable to deliver when your customers took their tech cloudward.

And the prospects for this market? Well, put it this way, cloud apps aren’t going away, and neither are the threats ranged against them. In fact, both are growing rapidly.

The global cloud apps market is expected to have grown from around £21.8 billion from 2014 to around £47.6 billion by 2019, according to a summary of cloud app market analysis from MarketsandMarkets.com.

Meanwhile, security vendor Malwarebytes reports in this white paper that the UK was the second-most targeted country in Europe for all types of malware in 2017!

So, time is of the essence. Go with a cloud app security solution that is rapid to deploy, requires no software or device changes or email rerouting management, is easy to manage through a centralised console, and comes in flexible licensing models enabling you to sell monthly or annually based on your requirements.

You could be putting a sunny face on your cloud app revenues sooner than you think!

Cloud data backup: stop mythmaking, start moneymaking!

But another critical cloud area you could be winning business in is cloud-to-cloud backup.

(“Huh?” I hear you say. “Isn’t data in cloud apps already backed up to, erm, the cloud? Isn’t that the point?”)

Well, that’s something of a myth. Yes, cloud apps keep backup copies, but this is not a robust or reliable backup and restore facility, simply because the data is purged - completely - after a number of days, never to be seen again.

Take the example of Office 365. Nominally, the data is backed up to Microsoft’s Azure servers – but this data is only available from the recovery folder for around 14 days. What if your customer’s data loss or ransomware infection predates that?

And what happens if data is overwritten or deleted in Salesforce due to user error or malicious insider intent, but not noticed until it’s too late?

These are huge operational and compliance issues for cloud apps users – but a great opportunity for you!

You can now deliver cloud-to-cloud backup services – that is, cloud app data backed up to an additional cloud location – to find, restore and export archived data in minutes, recover data from any point in time at any hierarchical level, and manage it all from a simple, intuitive interface (CloudAlly is a good example).

Best of all, with these solutions your customers benefit from an unlimited data retention period – so they never say goodbye to their data (and as you’re the one facilitating the backup, they might never say goodbye to you either!)

Forget silver – there’s pure gold in them thar clouds!

PatchingPatching is critical in defending your customers against vulnerabilities in everyday applications. It can now be automated from within security software, making it easier than ever to manage.

Think of all those vulnerable third-party applications your customers’ businesses basically run on. Can you rely on your humans to keep their patches up to date?

According to those involved in the recent Equifax debacle, for example, no! Break the human protocol, and the whole patching process falls apart. That’s terrifying when it’s been estimated that, overall, software exploits that target unpatched vulnerabilities account for 85% of all attack angles!

So, automating the patching process seems like a great idea, taking the cost, effort, disjointedness and sheer human fallibility out of keeping users protected against one of the most insidious forms of cyber-attack.

And, indeed, system management software (like the RMM solutions explored in this post) have arguably been doing this for a long time.

But wouldn’t it be neater, easier - and even cheaper – if this automated patching capability were simply built into the security software itself, rather than relying on an extraneous monitoring system? After all, we’re constantly being told patching is security!

Well, two vendors have listened.

Patching done the hard way

But before we look at what Heimdal Security and Bitdefender are offering , (for they are the vendors in question), let’s contemplate just a few of the manual patching challenges faced by end-user businesses and their security partners every day:

  • Slowcoaching – As the Equifax issue shows, being slow off the mark to patch a vulnerability sharply increases the likelihood of falling victim to it, but timeliness is a difficult thing to sustain when workloads are heavy.
  • Proliferation – By definition, the applications requiring patching tend to be big-name office and productivity solutions, so they are not only highly ubiquitous but also available in many different versions (including legacy products). Managing these kind of complex patching scenarios manually can create a massive drain on resources or – worse – a helpdesk meltdown!
  • Patch provenance – Obtaining patches from third-party websites is widespread practice, but does anybody seriously check the hashing of the patch with the hashing on the vendor’s website to make sure they’re downloading exactly what they think they are? Hmmm.
  • System workloads – Downloading and installing patches across large user populations can negatively impact core system workloads, ultimately resulting in disruption and loss of productivity
  • Cost – Every manual process involved in managing or deploying a patch burns through expensive admin and management minutes. Manual patching, though critical, eats readily into margins.

Now let’s consider the alternative.

Automatic patching = business as usual

Between them, what Heimdal and Bitdefender have done is to turn pesky patching (reactive, unpredictable, requiring extraordinary resource) into everyday ‘business as usual’ practice.– simply by automating it.

At a stroke, they have shifted third-party application security into the security layer (where it rightfully belongs), but in a way that it is easy (dare we say profitable?) to manage.

Here’s a snapshot of what this delivers:

  • Automatic patching of apps including Microsoft, Acrobat, Java, Flash and many more, with zero setup - and scheduling also possible.
  • Constant, instant protection – Heimdal checks for patches and updates every two hours and applies them from the moment they’re available
  • Non-disruptive operation – The update process happens ‘silently’ in the background whilst users carry on their work; Bitdefender also makes clever use of cacheing to maximise bandwidth and optimise performance.
  • Trustworthy patches – Updates are guaranteed authentic by automatic checking of the hash patterns against the vendors’ sites
  • Flexible legacy deployments – Updates can be set up to apply to specific software versions, enabling full coverage or legacy-specific deployments

Needless to say, none of this requires the additional cost of an RMM solution, either, but the financial benefits don’t stop there. The Heimdal solution, for example, is available with monthly aggregated billing, so upfront costs are zero and average margin rises with every additional seat.

(Bitdefender are currently pursuing a reseller model with perpetual upfront licensing, but an MSP variant is expected… watch this space!)

Human error: a thing of the patching past?

It’s tempting to see a miracle cure-all in solutions of this kind, but it pays to be appropriately cautious about their market viability.

Security partners can rely on their own product testing, of course – and they certainly should invest time and effort in this.

But the reality is that a security distributor with extensive experience of evaluating hundreds of solutions for sale using their own in-house technical experts is probably a more reliable source for determining the next rising star or the next puff of vapourware.

We like what we see. You should take a look too.

MSP programJoining an MSP program can work wonders with channel partners’ balance sheets, as our friends at Trend Micro explain in this blog!

We’re always keen to share compelling insight from our vendor partners, and Trend Micro have nailed it with their blog Five reasons you need to join an MSP program….today!

 So with thanks to the guys at Trend, we’ve condensed it below. (And if you like what you see, come and talk to us about the MSP solutions we offer!)

Five reasons you need to join an MSP program… today!

1. Better margins

It is not uncommon for our partners to earn in excess of 100% profit margin on the security solutions they are providing to their customers as part of their managed service agreements, which is probably a much higher percentage than what you are earning now if you are just buying annual licenses when your customers’ licenses expire.

Let me explain how in two words: aggregate pricing. Put simply, MSP programs typically offer pricing on an aggregate seat count basis, which means that you are paying for licenses based on the total number of clients you currently manage. This can be a significant difference as business grows and you move in to cheaper and cheaper seat bands. To figure out just how much margin you are missing out on ask your vendor how much it costs per seat in the lowest price band (typically five to 25 seats) vs. the cost per seat in the price band that represents your entire customer base. That number is the extra margin you are missing out on.

2. Predictable revenue stream

Compared to the feast-or-famine nature of revenue in a break-fix business model, predictability is one of the primary benefits of being a managed service provider. Joining an MSP program helps you further streamline and predict both the revenue from your customers, as well as your service delivery costs.

This one is a bit of a twofer since you can more easily calculate revenue projections and do forecasting into the future. You can also calculate cost projections and get a much better understanding of the health and future growth potential of your business. The icing on the cake is that the value of your business increases as well as your revenue streams–a critical component of your exit strategy.

3. Multiple recurring revenue streams

The great thing about being an MSP is that you are forced to heavily focus on automation and repeatability since controlling costs directly impacts your bottom line. Once you’ve joined an MSP program, you will generally have the ability to create multiple recurring revenue streams if they have a broad product portfolio. Once you have created processes and trained your staff around the tools provided as part of the MSP program it’s very easy to “turn on” any additional products your vendor may offer across your entire customer base. This can be done in a very efficient and cost-effective manner, with each of these products representing an additional recurring revenue stream and more profit.

4. Moving from CapEx to OpEx

There may be some tax and accounting benefits to joining an MSP program and moving from purchasing annual licenses upfront for your customers to paying for licenses monthly or quarterly — or moving from CapEx to OpEx. The main benefit is the ability to recognize deductions completely in the current period vs. recognizing them over the useful life of an asset (that is, if you buy a three-year license and deduct it over those three years).

Disclaimer: We are a cybersecurity company, not tax experts. Therefore, we highly recommend discussing this with your accountant or tax professional to weigh the pros and cons and how it may affect your business specifically.

5. Elimination of renewals

Lastly, a good MSP program will give you complete control over license management and provisioning from a self-service portal. This allows you not only to provision licenses when you need them (think evening or weekend deployment when you forgot to place an order three days in advance), but also to eliminate all the hassles, complexity and costs associated with renewals. In essence, since you have complete control over the licenses, an expiration date is no longer necessary–you can simply cancel the license when you need to.

If you’ve never figured out what it costs you to track disparate expiration dates across your entire customer base for every product, to request quotes from your vendors, to create invoices for your customers, to follow-up on payments from your customers, and to submit payments to your vendors just to renew a product, then you probably should! Most partners we  meet who go through this exercise are shocked to find out they often lose money on smaller customers because they did not factor the costs of renewing into their pricing or business model.

Although there are so many more reasons to join an MSP program as soon as possible, these are our top five reasons you should be seriously considering becoming part of one…

Blue Solutions is a specialist security software distributor with many years’ experience in helping partners take their MSP security proposition to market. To talk to us about our range of MSP security solutions, get in touch.

Cloud SecurityCloud security is often as nebulous a term as the word ‘cloud’ suggests! We look into its various meanings and identify where it can add value to channel partners’ propositions.

Cloud security is one of those terms that has morphed rapidly to mean several different things in a very short time. Result? Confusion, more often than not.

Are we talking about security solutions delivered to users from the cloud? Or security around applications that live in the cloud (like Office 365)? Or security that’s targeted at businesses that make use of public cloud services like AWS?

You see the challenge. But actually, each of these is a valid scenario and a saleable cloud security solution. Here’s more info.

1. Security services delivered from the cloud

Your SME customer has few or no IT specialists in the organisation, no money to hire them, and nowhere to store servers. Where do they turn?

To the cloud, of course. Security products are delivered to them via the internet, as a service.

They can typically choose to pay only for what they use, on a monthly ‘rental’ (managed service, or MSP) model, so there are no prohibitive upfront costs.

Their security partner (you!) monitors their networks from a centralised console, makes technical adjustments, and implements patches and upgrades, but the user can retain some control over their security settings if they wish.

But what kind of security solutions can be delivered in this way? Many.

Hosted email security, for example, works with most hosted and on-premise email systems to protect what is stilll the primary route into organisations for most forms of malware and spam.

More comprehensive business security services solutions and cloud security solutions designed specifically for MSPs provide wider protection to end-users, and also enable partners to sell into organisations who have some on-premise systems, but don’t wish to overburden them by adding security software into them.

In this scenario, end-users can run everything else on-premise, but get their security from the cloud!

2. Security for applications that live in the cloud

Solutions like Office 365 have revolutionised office processes, with powerful tools delivered to end-users’ desktops straight from the cloud.

But although the delivery mechanisms for these applications are secure, the content delivered by the applications can still contain threats that the application’s own in-built security can’t detect, as we explored in this cloud apps post a while ago.

Plugging these holes is still a big opportunity for resellers and other security channel partners – and the cloud app security solutions that can help them deliver this critical service are already ‘out there’.

3. Security for public cloud services

SaaS, IaaS, PaaS – businesses’ ability to build their entire proposition on a public cloud provider is no longer the preserve of large enterprises.

In fact, Forbes has ascribed the growth of AWS, for example, to their “Reaching out to all kinds of customers – startups, SMEs and big companies”.

It is this that has driven, in turn, a new kind of security need amongst end-users, as we explained not so long ago in this post - namely, the ability to spin up an AWS virtual server and know that server will immediately be protected by security software that has been specifically designed from the ground up for virtual environments.

We had a bit of fun defining these virtualised must-haves in this security opinion paper recently, but the message is deadly serious: if end-users are building a business on public cloud, and relying on virtual servers, security partners need to be able to reassure them that they can secure it!

Cloud security – evolving meanings, evolving opportunities

As the cloud billows ever more energetically within businesses’ operations, it drives the security agenda in many different directions at once. Cloud security is coming at us from many different angles, and is morphing into multiple meanings.

It’s a wise security partner who has got a handle on them all – and knows the security solutions that play strongest to each definition.

vaccineOrganisations in Europe and the US have been crippled by a ransomware attack known as ‘Petya’. There are claims of a ‘vaccine’ to stop it – but how credible are they?

Hot on the heels of WannaCry comes Petya – a nasty ransomware variant, based on the Goldeneye code.

It has already locked some of the world’s most prominent enterprises out of their data, including construction materials company Saint-Gobain, food giant Mondelez, legal firm DLA Piper, and advertising firm WPP.

But lo! There is a ‘vaccine’ that protects against it, apparently! Simply include the file C:\Windows\perfc.dat on the PC, and the ransomware is stopped in its tracks.

(Well, it’s stopped in its tracks on that machine – though it can still propagate to other machines on the network. So still not ideal.)

We took a look at what some security vendors are saying about Petya / Goldeneye – and whether the idea of a ‘vaccine’ is truly credible.

Bitdefender: ransomware vaccine is old news

The first thing that struck us is that security vendor Bitdefender has had a ransomware vaccine available for some time now, and it’s not just a quick fix using a read-only file.

Instead, it’s rather cleverer than that. It tricks ransomware into believing the machine is already infected, and so the attack goes looking elsewhere. In addition, it can be deployed to every machine on a network simply by ticking a box – meaning that one machine can’t pass the infection to another.

There’s little information at present, admittedly, as to whether this vaccine is effective specifically against the Petya /Goldeneye attack.

However, it has been stated publicly in the Bitdefender Resource Center that “Bitdefender blocks the currently known samples of the new GoldenEye variant. If you are running a Bitdefender security solution for consumer or business, your computers are not in danger.”

That’s pretty unequivocal. And what’s particularly interesting with this vendor is that the ransomware vaccine is standalone – businesses don’t need to have invested in Bitdefender’s suite of other security solutions to use it.

Trend Micro: decrypt it if you can’t stop it

Trend Micro has an established stable of solutions that provide layered protection against a whole range of threats, including ransomware, so they’d surely argue that a ransomware vaccine is unnecessary!

However, what they do also offer is decryptor tools that enable users to recover data even after their files have been encrypted by certain variants of ransomware.

Again, whether these solutions are effective against the most recent Petya / Goldeneye attack is not clear, although Trend Micro states here that it is “in the process of adding known variant and component detections” for Petya-related patterns “and all products that utilise them.”

So, more antidote than vaccine – but it’s worth noting that these decryption tools are free, so they could be a lifesaver (and pave the way to more proactive anti-ransomware strategies and product choices in the future).

Malwarebytes: no ransomware vaccine, but you're safe

Malwarebytes, for its part, has been less than confident about the ability of the C:\Windows\perfc.dat vaccine to stop the Petya infection – in fact, the company states that “our own tests have shown that in many cases, it doesn’t.”

Whilst Windows 10 systems, Malwarebytes says, “seem to have a fighting chance” by using this method, “Windows 7 gets infected every time.”

However, Malwarebytes also publicly says that customers using Malwarebytes Endpoint Security are protected against this specific ransomware variant – so, once again, a vaccine is – theoretically, at least – unnecessary.

Ransomware: vaccines, protection, remediation

For more of our thoughts on ransomware and what security vendors are doing to fight against it, check out our previous post here.

And remember – prevention is better than cure, so keep patching!

Read the latest helpful updates on ransomware and cloud security from our industry partners and contacts.

We like to put our partner and media contacts to good use in helping you and your customers to understand the security landscape.

This month, we bring you three helpful new updates – two guides to ransomware (and how to defeat it) and the other an interesting short article from Cloudworks on the benefits of cloud security for small and medium businesses.

Business guide to ransomware

New from AppRiver, this guide is subtitled ‘Understand, Analyze and Protect’, and is a very readable resource covering what ransomware is, how it works, how it spreads, and the best practices and employee training that can help defend against it.

Ransomware: Malwarebytes bytes back!

Another take on ransomware and how to combat it comes from security experts Malwarebytes, who major on the importance of endpoint security (keeping PCs and devices protected) in this informative and short PDF.

Five reasons why cloud security is important for SMEs

Big servers, large infrastructure, lots of IT staff – these are all security components that SMEs just can’t afford! This is why they must look cloudward – and this article from Cloudworks describes the benefits of cloud security neatly.

We’ll be back with more helpful advice soon!

Email SecuritySpam, phishing, malware – these are just some of the hazards email can carry. We’ll see more of them in 2017, so what kind of security solutions can counter them?

Following on from our recent post about business continuity solutions, another topic worth following in 2017 is email security.

So just how important is it?

Well, according to email research from the Radicati Group, the number of business emails sent and received per day in 2017 will number 120.4 billion. By 2019, it will be nearer 129 billion.

And this unrelenting growth is one of the factors driving a huge increase in email-borne cyber-threats. In fact, in the first quarter of 2016 alone, according to this piece in Infosecurity Magazine, there was an 800% increase in email-borne threats over the previous year!

What, then, should you be looking out for to protect your business (or your customers’ businesses, if you’re a security reseller or service provider) against this onslaught?

Choosing email security

We’ve identified some specific features that we believe are critical to effective email security in 2017’s threat-laden world.

1. Ease of use for SMEs

The latest Government Security Breaches Survey found that SMEs are now being pinpointed by digital attackers, according to this piece in The Guardian.

But SMEs also include many businesses that have little or no in-house IT or security expertise  - so complex on-premise email security just won’t work for them.

Instead, look out for cloud-delivered, as-a-service solutions that major on ease of use (that means, amongst other things, no-maintenance deployment, with 24 x 7 updates, patches and hot-fixes delivered automatically by the vendor).

This kind of solution has the added benefit that it can filter email inline and scan it prior to it reaching the recipient, so threats are intercepted before they touch the business’s network.

Nothing to remediate, no spam to archive, nothing to clean up – good news for resource-starved small businesses.

2. Email clients – cloud’s a must!

Smaller businesses in particular are also turning to hosted email clients like Office 365 and Google Apps, with research showing that nearly two-thirds of small business owners already have an average of three cloud solutions in place.

Combine this with the knowledge that Office 365 has known issues with its ability to detect insecure document content, though, and it’s not enough to just go with a cloud-based email security solution. You also need to choose one that is good at dealing with cloud-based email client vulnerabilities.

Get the last bit wrong and you’re still behind the SME security curve.

3. Threat coverage and awareness

Spam, malware, spyware, phishing and inappropriate content are all known risks that must of course be protected against.

But the underlying question is how the solution’s knowledge of the threat landscape evolves, since it is this process that ultimately protects users against emerging threats like zero-day exploits.

Big data and machine learning algorithms are the key features to look for in this respect, but many vendors are now jumping on this bandwagon, so look at the hard numbers to sort the aspirational from the credible.

Take Trend Micro’s Hosted Email Security (HES) as just one example: over 50 billion website URLs, email sources, and files scanned, correlated, and filtered, with over 7 terabytes of new threat data processed - daily.

That leaves little doubt (and the latest features in Trend Micro HES make convincing reading, too).

4. GDPR compliance

GDPR is never far away from our discussions thesedays, and any cloud-delivered service is now under the microscope with regard to how it protects the privacy of the data that it holds.

Look for a solution backed by data centres that have reached the most stringent privacy certifications - in Europe, these are generally considered to be ISO 9001, ISO 27001, OHSAS18001 (LHR1) and SAS 70 Type II.

5. Ease of partner management

For security partners, there is an added dimension to a choice of security solution: the ease with which they can manage it!

Solutions that are difficult to provision and manage burn through administration resource and gnaw at margins – making them potentially unprofitable.

Look instead for a single security dashboard across all customers, that also works with industry-standard platforms like Autotask, ConnectWise and Kaseya.

This will enable you, for example, to automate monthly usage and reporting management, proactively analyse emerging security threats, and provision new solutions and services more rapidly – without signing into and logging out of multiple systems and tools.

Email security in 2017 – as-a-service solutions to a growing challenge

As long as businesses keep sending and receiving emails, the bad guys will keep using them to try and attack the soft underbelly of businesses.

But to do that, the emails have to get there in the first place – and if they’re getting caught by security in the cloud first, they won’t.

Definitely one to watch for 2017.

DeployManaging licensing processes can bite deep into security MSPs’ margins. But one vendor seems to make it a lot easier. We investigate…

If you’re a managed security service provider, you’ve got an awful lot on your plate when it comes to licensing.

Try to manage it all using different tools and you’ll rapidly flay the flesh from your profitability – and probably send your customer satisfaction levels plummeting, too.

Logically, the solution is to somehow combine all the licensing functions in one place, making them both accessible and easy to use. But is any security vendor actually offering this? And if so, does it really deliver on the promise?

For our money, the answers to these questions are “yes, Trend Micro” and “yes, here’s how”, respectively.

Licensing Management Portal (LMP) – cross-product pain relief

The first thing that is striking about Trend Micro’s Licensing Management Portal (LMP) is that, in contrast to some other so-called “single pane of glass” management tools, it isn’t just available for a core technology that so far only underpins one or two finished products.

Instead, it has already evolved to the point where it is common to pretty much the entire Trend Micro product portfolio

So it makes it possible for MSPs to centrally manage, from a single sign-on system, multiple instances of both “point” solutions like Cloud Application Security (a topic we discuss further in this post), and more comprehensive solutions like the Worry-Free Business Security range.

Let’s not gloss over the pain that this alleviates. It eliminates wait time associated with ordering licences, because LMP is available 24 x 7 x 365. It automates the tracking of renewals and expirations. And it eliminates the complexity and cash-flow risk associated with manual billing.

Remote Manager
LMP, Remote Manager, CLP – a powerful triumvirate of solutions that drastically reduce the costly burden of creating, provisioning, managing and billing MSP licences. More on CLP below. (Click to enlarge)

LMP + Remote Manager = automation

This capability stems in part from the fact that LMP also contains within it Trend Micro’s Remote Manager.

This radically streamlines many of the licensing management processes by plugging them into industry-standard RMM and PSA solutions like Autotask, ConnectWise, Kaseya and LabTech.

So, you no longer have to manually drive your billing process, for example. Instead, LMP can use ConnectWise to auto-issue invoices and create end-to-end billing the moment a new endpoint or device is deployed.

Likewise, there’s a lot less juggling of multiple processes in order to set customers up. LMP syncs with LabTech, so you can map customers from LMP to customers in your LabTech solution, and then, within the latter, just “point and shoot” to deploy, issue licences etc. No jumping around between applications!

LMP and LabTech sync
No jumping around between applications – LMP and LabTech sync, so that deploying and issuing licences to your customers is as simple as a mouse click. (Click to enlarge)

Service plans the way you and your customers want them

Whilst we’re on the point of service plans, it’s worth mentioning that LMP has rewritten the rulebook somewhat in this respect too, offering real flexibility.

You can activate licences into live services in any number of formats – monthly, yearly, quarterly, on receipt of PO – and you can schedule in additional features so that they don’t have to be managed manually.

For example, a new customer that has committed to your services for two years initially, but whose contract needs to revert to a monthly rolling arrangement after this initial period, can have a service plan created in LMP that will deliver this arrangement – automatically.

From where we’re sitting, it’s probably the only example of a service plan mechanism that combines customer-friendly flexibility and features with management tools that don’t place an unsustainable drain on your resources!

Powerful but flexible reporting

Of course, if you can’t easily see what’s billable, automated provisioning and service plans won’t stay viable for very long!

Here, too, LMP shines. Not only is the reporting itself automated, it provides up-to-date detail of everything that has been in any way consumed by the end-user, ensuring that consumption and billing are always in step with each other.

At the same time, the automation allows a window of manual adjustment to cope with cancellations, error correction, atypical deployment scenarios, and other exceptions.

In essence, LMP has enough automation to make the majority of billing scenarios far easier – and far more economical – to manage.

CLP: Convenience for the end-user

But what’s really innovative in LMP, in our view, is that it enables the end-user to manage some of their own licensing, giving them the convenience of direct control, whilst also (let’s be candid) fattening your margins by reducing your workload!

This is because LMP contains a Customer Licensing Portal (CLP), which enables customers to manage licence keys for selected parts of their security estate, based on role. That partial autonomy and flexibility works for them, which makes you look good.

But the fact that the CLP can also carry your own branding will do your business profile no harm at all, either!

“Nobody does it better”, goes the old song. And at the moment, our Trend Micro team seems to be singing it around the office quite a lot. Funny, that.