Reality bites: Why should resellers target small businesses for security as a service?

Advice 2010-06-28 14:45
Webroot's Ian Moyse believes customers are gradually exploring the world of security as a

According to the department for Business Innovation and Skills, small businesses with fewer than 500 employees represent 99.9 percent of all employers in the UK. As such, they are a substantial economic driver, and represent great opportunities for forward-thinking resellers who recognise the huge potential of this specific market.

As the emerging concept of ‘security as a service’ continues to mature, we commissioned an independent survey to find out how small businesses perceived web-based threats, and what measures they had put in place to help mitigate them.
Shock findings
Perhaps the most shocking finding in the survey of more than 800 companies was just how far perception departed from reality. Smaller companies in particular understood that web-based threats were a significant concern, but felt that they were adequately protected. However, anonymously-disclosed information about web-based compromises told a different story. Many respondents privately admitted to problems with various types of online attack, including viruses, worms and website compromises.

Over the past few years, the simpler, less-interactive online applications that characterised the web have given way to more sophisticated systems, collectively known as Web 2.0 applications. This software falls into categories such as social networking, instant messaging, collaborative software, wikis, blogs, along with the increasingly popular (and maliciously targeted) Twitter micro-blogging service. We have evidence suggesting that the more Web 2.0 applications an organisation uses, the more likely it is to suffer web-based attacks, with viruses or worms being the number one attack delivered via this route.
Security-as-a-Service
However, Web 2.0 was far from the only challenge facing companies worried about security. Others included unpatched client-side software, browser vulnerabilities, and vulnerabilities in the operating system.  One of the most-cited security concerns was with employees connecting remotely to corporate servers.  A quarter of the companies cited this as a worry, highlighting the challenges faced by organisations pressured to allow employees to work while on the road, or at home. Security-as-a-Service (SaaS) is one way that companies can address the need to protect systems as traditional physical computing boundaries explode.

In the last few years, companies have begun embracing the concept of deploying software solutions ‘in the cloud’.  SaaS can be beneficial as a cost reduction tool, because it strips complexity out of a customer’s organisation. Hardware and operating systems need not be purchased for local operation, which reduces capital expenditure. Operational costs also plummet, because traditional maintenance tasks are eliminated.  In the context of security, as hosted security solutions monitor incoming traffic before they ever hit an organisation's systems, the potential for intrusion and compromise of a customer's networks or IT systems is dramatically reduced.
Outlook
Despite the obvious benefits of SaaS, relatively few small businesses have deployed hosted security solutions thus far. Even though more companies could be considering security as a service deployments, the outlook is still relatively promising for 2010. Of those companies that have not already implemented hosted security services that were planning to, a significant one in three were hoping to do so in 2010, indicating that where it was a consideration at all, it was on the top of the agenda in many cases.
 
The channel should also bear in mind that the potential for SaaS-based deployment to help regulate security budgets in a time of economic recovery should be of particular interest to small businesses, which have been hit relatively hard by the economic downturn.
 
Opportunities
Web-based threats have become unquestionably prominent in the past few years, and the gradual migration of security solutions to the cloud, has made it possible for security companies to gain the upper hand over online attackers. Using cloud technologies to process customers' web traffic also makes it possible to leverage the efficiencies of virtualisation and datacentre consolidation more effectively, giving customers an order of magnitude more computing power for a lower total cost of ownership.
 
Customers are gradually realising these benefits and exploring the world of security as a service, creating the best opportunities for resellers who recognise the growing potential of this maturing concept.

Tags:
Security
Software
Security
SMB
Webroot
Web 2.0

Related Articles

Computerlinks strengthens security portfolio
Tufin and Sourcefire deals announced
McAfee names UK & Ireland VP
Ross Allen extends role to lead new territory
The Rise of the SuperVAD
Exclusive Networks' Barrie Desmond explains the concept of the 'SuperVAD' - and why he thinks resellers should harness its power