Tag Archives: GDPR

 Silver LiningWhen your customers move to cloud apps like Office 365, you need a plan to replace those revenue streams. Backup and cyber-security are in the frame.

The cloud is shaking up the IT services market.

Attracted by low costs, on-demand capacity and off-premise simplicity, businesses - your customers - are switching to cloud apps for everything from office and collaboration software (Office 365, SharePoint) to storage (Dropbox, Box) to sales and marketing (Salesforce) and much else besides.

In fact, by 2018 the typical IT department will have 60% of its apps and platforms residing in off-premise cloud systems, according to cloud research from IDG cited here, and this figure is even higher in smaller businesses with little or no in-house IT expertise.

So, with the move to cloud raining on your traditional IT services parade, is there a silver lining anywhere, and if so how do you cash in on it?

Break out the umbrellas and read on…

Earn revenue securing what cloud apps can’t

Call it a silver lining or call it an open secret, many cloud apps that are in enthusiastic business use across the world are in fact riddled with security issues.

In Office 365, for example, the security built into the application only protects against known malware – which is only about 10% of threats, according to this cloud app security information from Trend Micro.

Plus, 79% of ransomware attacks and over 90% of targeted attacks start with email – which, of course, is a big part of how your customers use cloud-delivered services like Office 365.

Put these two together and you have a recipe for (from your customers’ point of view) a GDPR catastrophe, but (from yours) a cloud that rains security revenues! This enables you to replace other IT services you became unable to deliver when your customers took their tech cloudward.

And the prospects for this market? Well, put it this way, cloud apps aren’t going away, and neither are the threats ranged against them. In fact, both are growing rapidly.

The global cloud apps market is expected to have grown from around £21.8 billion from 2014 to around £47.6 billion by 2019, according to a summary of cloud app market analysis from MarketsandMarkets.com.

Meanwhile, security vendor Malwarebytes reports in this white paper that the UK was the second-most targeted country in Europe for all types of malware in 2017!

So, time is of the essence. Go with a cloud app security solution that is rapid to deploy, requires no software or device changes or email rerouting management, is easy to manage through a centralised console, and comes in flexible licensing models enabling you to sell monthly or annually based on your requirements.

You could be putting a sunny face on your cloud app revenues sooner than you think!

Cloud data backup: stop mythmaking, start moneymaking!

But another critical cloud area you could be winning business in is cloud-to-cloud backup.

(“Huh?” I hear you say. “Isn’t data in cloud apps already backed up to, erm, the cloud? Isn’t that the point?”)

Well, that’s something of a myth. Yes, cloud apps keep backup copies, but this is not a robust or reliable backup and restore facility, simply because the data is purged - completely - after a number of days, never to be seen again.

Take the example of Office 365. Nominally, the data is backed up to Microsoft’s Azure servers – but this data is only available from the recovery folder for around 14 days. What if your customer’s data loss or ransomware infection predates that?

And what happens if data is overwritten or deleted in Salesforce due to user error or malicious insider intent, but not noticed until it’s too late?

These are huge operational and compliance issues for cloud apps users – but a great opportunity for you!

You can now deliver cloud-to-cloud backup services – that is, cloud app data backed up to an additional cloud location – to find, restore and export archived data in minutes, recover data from any point in time at any hierarchical level, and manage it all from a simple, intuitive interface (CloudAlly is a good example).

Best of all, with these solutions your customers benefit from an unlimited data retention period – so they never say goodbye to their data (and as you’re the one facilitating the backup, they might never say goodbye to you either!)

Forget silver – there’s pure gold in them thar clouds!

General data protection regulationGDPR is coming! Here’s what the security channel needs to focus on to create opportunity out of regulatory upheaval.

On 25th May 2018, the EU General Data Protection Regulations (GDPR) become law.

But despite the burden of compliance that this places on the channel, isn’t it also a major opportunity for channel partners to sell more of the solutions that help end-users to address GDPR-related issues?

Here’s what we found when we dug into GDPR, and the opportunities it potentially presents, a little further…

GDPR opportunities – 1: Greater technology freedom?

A noteworthy feature of GDPR is that it does not prescribe specific data protection technologies – like a certain encryption algorithm, for example – and, therefore, does not automatically exclude others.

Instead, it prescribes processes, meaning that partners potentially have greater freedom than before to choose from a palette of vendor solutions that can satisfy those process requirements.

It’s a growth outlook reinforced by the IT industry’s most high-profile membership and training organisation, CompTIA. They have publicly stated to IT channel partners that GDPR means “Clients will be relying on their providers to help them meet regulations, which is a great opportunity to build on your relationships, all while creating new business with current and potential end users.”

So, given that GDPR is seemingly less proscriptive on the technology front than we might have previously assumed, what are the GDPR hot topics to which security partners’ offerings need to provide a compelling (and compliant) response, if they are to make the most of the opportunities at hand?

 GDPR opportunities – 2: Data protection controls

GDPR has serious teeth, but given our background in security software distribution, and from the point of view of security partners’ offerings, we believe it bites hardest around three key internal and three key external threat scenarios, which we’ve paraphrased from this recent research:

(including employee mistakes and malicious insiders)

  • Making lost data valueless if found – in other words, encryption methods that keep data safe if a device with personally or professionally identifiable information on it is lost or stolen.
  • Remote kill and wipe, to easily remove data from lost or stolen devices, or render them unusable, no matter where they are in relation to the user.
  • Data loss prevention (DLP), to control the types and sensitivities of data that users move around or out of the organisation.

(third-parties exploiting the organisation)

  • Locking-down, to control what kind of applications can and can’t run on an endpoint
  • Virtual patching, to stop remote exploitation of unpatched vulnerabilities
  • Breach detection, to flag where a network has been compromised, and thus enable users to block attempted data theft.

Should security partners be quaking at the sound of these snapping jaws? Not a bit of it.

Security solutions are already available that enable partners to deliver many of these GDPR-focused benefits to end-users, from vendors including Trend Micro (in both SMB and Enterprise formats) and others.

Plus, a recent survey of European businesses cited in this Information Age article found that 69% of those polled are not only likely to invest in security technology as a result of GDPR, but to do so in areas including file-sharing. (This hints at a growth in the cloud app-centric security requirement space, into which, as we discussed in an earlier post, at least one vendor already plays strongly.)

GDPR opportunities – 3: The size of the market

But it’s filthy lucre, predictably, that hints most effectively at the pot of GDPR gold at the end of the partner rainbow. And make no mistake, we are talking big money here.

, for example, has predicted that GDPR will create a $3.5 billion market opportunity for security and storage vendors – in which their partners, of course, will share – as the severity of fines drives enterprises to “radically shake up their data protection practices, seeking…new technologies to assist with compliance.”

An additional push factor in the groundswell of GDPR opportunities for security partners also came with the recent comment by the European Commission's Justice Directorate, according to the International Association of Privacy Professionals (IAPP), that companies judged to have invested responsibly in security can, under certain conditions, see any fines for non-compliance reduced.

Security partners, it seems, are likely to become many businesses’ new best friends!

GDPR: What next for security partners?

This piece in ChannelPro perhaps best expresses what partners need to do, as GDPR relentlessly approaches, to turn a disruptive regulation into a profitable business opportunity:

“1. Read up on the changes and ensure they become the trusted expert on the new regulations

  1. Educate their customers about the impact of the EU GDPR
  1. Ensure they’ve got the solutions available to help customers with compliance”

From where we’re standing, point 3 looks to be the least of partners’ worries…