Technology

It’s that time of year when the industry pauses and reflects on what trends have emerged, what new technologies have arrived on the scene, and how business models have evolved. In the spirit of the season, here are three areas that I see continuing to positively impact the IT channel in 2016:

1. Optimism surrounding future of the IT channel and managed services will remain high.

CompTIA’s 5th Annual State of the Channel report, released in October 2015, found that 66 percent of those surveyed were “generally optimistic” about the future of the IT channel. Respondents cited new opportunities presented by cloud computing; robust customer demand for managed services; the continued desire for the IT channel to have “trusted advisor” status; and the broader use of IT by all types of end users.

Based on these findings, I believe that in the coming year the channel will continue to increase its relevance for IT organizations of all sizes. I also believe that IT solution providers will be able to further enhance their ability to drive revenues and sustain their businesses by specializing in technologies such as cloud computing or security, or vertical markets including financial services, healthcare, and the public sector.

2. Vendor consolidation will continue.

To remain competitive in an increasingly crowded marketplace, vendors often look to consolidation, which is currently driving a high level of M&A activity throughout the technology industry, as evidenced by the Dell-EMC announcement earlier this year of a planned merger. The fact is, where an IT solution provider’s portfolio is concerned, less is always more. I would encourage solution providers to continually evaluate their vendor portfolios, especially in light of increasing vendor consolidation. This will help to ensure that they are representing best-of-breed solutions that are both solving their clients’ business challenges and providing them with the opportunity to leverage synergies between their vendor partners to grow their businesses.

3. There will be greater emphasis on protecting data, applications and infrastructure, regardless of location.

Countless high-profile data breaches have kept security top-of-mind for consumers and businesses alike. With an increasing number of organizations relying on the cloud to support their everyday business operations, greater emphasis will continue to be placed on protecting critical data, applications and infrastructure, regardless of whether they’re in the cloud or on-premise. Two areas of data protection that solution providers need to be aware of are:

As a services provider, you face a number of evolving challenges heading into 2015. Customer demands and expectations, such as constant uptime and flawless connections, haven’t gone down in the slightest, even as cyberattacks and overall security concerns reach a fever pitch. Your customers can’t afford even a second of a downtime in the digital economy, and the slightest latency extension or shortest outage can devastate their business for some time. Provider-driven security has become an expectation. As such, you need to integrate distributed denial-of-service (DDoS) protection and network monitoring tools into your solution portfolio immediately. These are no longer luxuries for you or your customers.

The evolving role of security as a function of service providers is an opportunity for you to differentiate yourself from the competition. Delivering a higher level of security, insight and transparency to aid customers makes it clear your company is committed to the long-term health and success of customers. The key for service providers now becomes identifying the right security partners to offer the breadth and brand of security most likely to appeal to your customers while fitting into your mold for the ideal partner.

MSPs Must Identify The Best Partner For Them

Your customers already expect assurance. But they also need performance from the security platforms built into your portfolio. They need the intelligence and analytics of modern security tools with the added capability of expanded performance visibility. The challenges presented by cyber criminals in 2015 demand DDoS protection providers that get in front of attacks to block them and eliminate malicious traffic before end users deal with any problems. With a properly protected network, customers get the availability they need, so their end users receive the predictable and exceptional service they expected. The right DDoS partner will also help your customers reduce bandwidth consumption and enable global monitoring to leverage analytics that improve preventative security measures.

A security partner’s delivery model is equally significant. It must be flexible enough to fit into your portfolio as needed. In some circumstances, this will mean a private model for those who prefer a purpose built, on-premises infrastructure deployed at the edge of a network. It can also call for a cloud option for quick deployment and limited capital expenditure. No matter the preferred model — on-premises, cloud or, even, hybrid — both the DDoS provider and services provider need to understand the activities end users run on their networks to deliver the right service and make necessary adjustments along the way. The right partner will provide a platform that fits into your stack and can evolve to your end users’ needs.

Even further, though, is power. Modern attacks come in greater frequency and numbers. Cybersecurity partners need to maintain global scrubbing centers capable of dealing with the largest attacks. Moreover, DDoS vendors in 2016 have to be able to do more. The threat matrix is multifaceted, so the defenses must be, as well. Your customers and their end users need cloud-based Web application firewalls and the ability to prepare for additional incursions.

Making A Partnership Work For All Parties

Better performance of your solution stack takes the right partner. Identifying the right company to work with means finding a vendor whose technology complements yours. However, there’s a similarly significant need for any partner to deliver real value to your business to encourage short- and long-term success. Here is a list of questions to ask to ensure you enter into relationships that work for everyone: you, your partners, and your customers.

1. Are there up-front costs associated? The offering should be able to be delivered under your own brand as a value to your customers.


2. What is the revenue-sharing model the partner is offering? The true partner believes in the mutual opportunity of the partnership.


3. What is the speed to service? Customer satisfaction and operational efficiency are measured in minutes, not hours or days.


4. What industry track record and service reputation does the partner actually add to this partnership? Remember that even in the most challenging and complex attack scenario, your partner will be carrying your name and your reputation with them.


5. How flexible are the delivery models — on-premises, hybrid or cloud — that are offered? Is there the potential for costly customizations just to suit your specific business needs?


6. What are the numbers? Is your partner sharing exact numbers of in-place, purpose-built capabilities and capacities? Are there numbers around latency and availability?

No matter the region or industry you’re serving, as a services provider, you’re facing more pressure than ever to keep your customers’ companies safe and entirely operational. A few minutes of downtime can cost companies millions. Furthermore, data security problems pose even more significant issues. Making security a part of the solutions you deliver to customers is a challenge, of course, but it’s also a major opportunity. Attacks are more powerful than ever before and more diverse. The solutions and strategies for securing networks from these threats must become just as strong.

Originally published in: Business Solutions

Small to midsize businesses (SMBs) today are facing a growing list of technical challenges. They have to keep IT systems running with little or no downtime. And they need to continually evaluate new technologies — such as cloud solutions — to support their business objectives. As a result, we’ll increasingly see SMBs turn to cloud for core business functions, including payroll, email, human resources, and customer relationship management (CRM).

At Carbonite, we foresee SMBs facing various cloud-related challenges in the year ahead — challenges that will create many opportunities for IT solutions providers to expand their portfolios with solutions that enable SMBs for ongoing success. Here’s a quick look at some of the other key trends we think will shape the IT channel in 2016:

Hybrid Cloud Will Be The New Normal

SMBs are seeking ways to leverage new technologies across various business functions. The goal is to operate more securely, efficiently and in a way that’s budget friendly. The rising cost of downtime — which for SMBs ranges from $8,220 to $25,600 per hour, according to the analyst firm IDC — will prompt small-to-midsize companies to focus on deploying disaster recovery solutions that are powerful, yet flexible.

SMBs will be reluctant to deploy a 100 percent public cloud-based solution and will opt instead for hybrid deployments that ensure the security of local (on-site) storage with the convenience and extra layer of protection that the cloud provides. This presents a great opportunity for partners to deliver cloud-based disaster recovery solutions that support the shifting needs of the modern business. With the typical SMB today using three or four different products to cobble together disaster recovery, their partners can act as the advisor and problem solver who can be nimble and offer a comprehensive solution set to help them with their cloud journey.

Security Concerns Will Keep SMB IT Pros Awake At Night

Data loss will continue to be one of SMB IT professionals’ greatest fears. While external threats are abundant, internal threats, such as a virus, malware or ransomware event caused by an employee, will become common occurrences. Mitigating security threats will be a critical practice in the New Year, and this urgency provides IT solutions providers an occasion to review their clients’ security policies to refine their security postures. This process should include both educational exercises, including security awareness training sessions, in addition to thorough analyses of technical solutions. As the threat environment increases in complexity, it will be critical that IT solutions providers help their clients implement and update their backup software within an end-to-end disaster recovery bundle, which should also include updated antivirus software and ongoing support services.

Compliance Adherence Will Become An SMB Priority

As security and privacy issues propagate, a greater number of SMBs, particularly those in highly regulated industries, will focus on meeting regulatory mandates such as the Healthcare Insurance Portability Act (HIPAA) and the Payment Card Industry Data Security Standard (PCI DSS).

IT solutions providers who are looking to introduce their services to businesses within highly-regulated industries must be able to help their clients figure out how to obey the laws of the land when it comes to the confidentiality, integrity, and overall security of business data. Channel partners themselves must also remain compliant under certain mandates. As more business shift to the cloud for data storage, it’s imperative that IT providers offer their clients technology solutions that include airtight security measures — from offsite backup for disaster recovery, to encryption of customer data, to physically secure data centers.

Originally published in: Business Solutions

When it comes to cybersecurity, IT management in most organizations has heard it all from executives and bean counters — from “no need to worry about it,” and “too expensive” all the way to an unachievable “eliminate every vulnerability.” These attitudes create a budgetary and priority climate that increases the risk of an information security breach, by either failing to provide adequate resources for this important task, unnecessarily expending resources that would be more effective elsewhere, or by not commanding the board-level or senior management-level attention that will empower the IT and security teams to choose the most appropriate actions to support all the organization’s goals, including reducing risks to long-term profitability.

But there is hope — some companies are moving forward with sensible plans that align security measures with real business objectives. These efforts serve as good models for more companies to balance two conflicting objectives; on the one hand, restricting access to information and software to avoid the crippling consequences of a security breach, and on the other, providing extensive access and tools across a distributed workforce so that the firm can quickly and easily make plans and decisions, thereby taking advantage of new business opportunities.

The details of the best security plan for each business vary, but based on extensive research in this area, we’ve found that there are common themes — keys to success — that apply to every organization. These five keys can provide a framework for formulating and implementing an appropriate security infrastructure to meet your specific organizational needs.

The five keys to success are:

1. Network Segmentation. Networks should have internal perimeters that align with their functional areas, and reflect the data sensitivity and access requirements for those areas.
   
   Many breaches originate in one segment of the network, where the attackers find an exposed vulnerability for the easiest entry, then propagate to other unrelated segments of the network as the attack progresses. Without internal perimeters, attackers are able to use the easiest entry they can find to then access areas that are much more protected from direct outside attacks.
   
   It is essential to implement a hierarchical network infrastructure whereby different network areas can enforce unique data and access requirements, and to ensure that data flowing between segments is appropriately scrutinized. For example, employees in a call center environment should not need access to development environments, hence this activity should be restricted via access control lists (ACL) and administrative segregation of functions between environments.
   
   In addition to network segmentation, organizations must ensure that system administration functions are conducted from specific subnets and segregated networks. This allows more granular control of who may perform administrative activities, and from which network segment they are authorized to be conducted. Administrators are a favorite target of attackers for the level of access their accounts can provide.


2. Malware Detection And Prevention. Signature-based antivirus solutions are an essential first-line defense but are not sufficient to stop real-world malware threats on their own. Organizations must also consider monitoring network and email traffic for behavioral signs of malicious activity.
   
   Based on an analysis of the past few years, we estimate that signature-based antivirus solutions catch only 46 percent of the viruses in the wild. This is very important, because malware is often used as an initial attack capability to penetrate a network, leveraging a combination of both technical and human vulnerabilities. Additionally, malware often disables antivirus solutions to help increase its survivability.
   
   Organizations should consider implementing technologies which also scrutinize network and email traffic for signs of malicious activity related to malware. Including multiple points of detection and visibility, for example by investing in both host-based and network-based detection and quarantine capabilities, greatly increases the chances that an intrusion will be detected.
   
   Of course, to be even 46 percent effective, an antivirus solution must be installed on servers and end points, must be regularly updated, and must employ constant scanning. Many of our incident response engagements reveal systems and end points with outdated or no antivirus software installed. Which leads to the third key:


3. Patching And Configuration Management. Organizations must extend their attention beyond central resources and protect every distributed device that could give an attacker access to the network.
   
   Most breaches analyzed by NTT Group in 2014 included the compromise of systems that were missing security patches or did not have common security configuration hardening applied. In 2014, 76 percent of unpatched vulnerabilities with available patches were more than two years old — and almost 9 percent were more than 10 years old. Malicious attackers seek out systems with unpatched vulnerabilities as a means of gaining an initial foothold into a system or network.
   
   Configuration and patch management are not new concepts, but something most organizations are still doing poorly. Many organizations place attention on patching critical and public facing servers; however, most attacks today are focused on end-user and third-party applications, exploiting desktop software like document viewers, Web browsers, and their plug-ins which are less frequently patched by many organizations. Implementing an active, aggressive patch management program can greatly reduce the risk of these common vulnerabilities.


4. Monitoring. A determined attacker can usually breach a network’s perimeter, so detection and immediate action is essential. Only an ongoing monitoring program covering system communications can detect anomalous activities that can indicate an ongoing breach.
   
   Some of the breaches analyzed by NTT Group in 2014 had been in process for months or longer, discovered well after the initial compromise and after data had already been lost. Attackers often conduct a patient attack campaign, extending their initial access to increase their control through the victim’s environment while avoiding detection. Some of these breaches had even been reported by malware and intrusion detection systems (IDS) systems but either went unnoticed by security personnel or were treated as false-positive alerts and ignored.
   
   To be effective, monitoring must include not only system logs and alerts, but also ongoing behavioral analysis, that can detect anomalous activity in an environment. For example, if systems which had never communicated before are suddenly exchanging large amounts of information, that could be an indicator of a breach. Security engineers can help your organization identify the logs, devices and systems which provide the most value and context. Consider logging at the network layer and the application layer, and in cooperation with a security engineer, consider logging externally facing IDS/IPS (intrusion prevention systems), firewalls, Web application firewalls (WAFs), but also consider directory services, antivirus, file integrity monitoring, databases, Web applications, proxies, and data loss prevention (DLP). Outbound traffic is often overlooked but can provide a key indicator of a breach as the goal of most attackers is to exfiltrate data from a compromised network.


5. Incident Response: Surveys of organizations indicate that most have no functional incident response plan. In the event of an attack, the lack of an actionable plan extends the duration and losses associated with an attack.
   
   Companies should prepare an incident response plan that covers these common questions, based on observations of many organizations after an incident occurred:
   
   
   • Was the organization actually under attack?
   • Did the alerts actually indicate a breach?
   • Who from the organization should respond?
   • Is the organization primarily interested in retaining evidence of the breach, restoring service, protecting data, or is there another priority?
   • What systems and/or data should receive the highest response priority?
   • Who are the organization’s third-party vendors (their ISP, for example) and who are the contacts (with contact phone numbers) at those organizations?
   By considering each of these five key control areas, organizations can align their efforts with their business objectives and create a strong security foundation. And, should an attack or breach occur, they will be in a much better position to detect it, mitigate the effects of it, and recover from it more efficiently and with a better long-term outcome.

Originally published in: Business Solutions

Moving at the speed of business today means providing immediate access to critical business data and applications, regardless of whether workers are on-site or working remotely. It also means enabling workers to respond quickly to customer and partner requests via e-mail and instant messaging, and leveraging cloud computing to support instant collaboration between workers, customers, and partners in different geographic locations. But what many businesses and consumers discount are the relentless threats waiting for them once they “power on” and use the Internet and cloud computing to get it all done.  

To help build greater awareness of how threats are impacting businesses and consumers alike, we just wrapped up National Cyber Security Awareness Month in October. And, while we advocate awareness around cybersecurity year-round, this national focus gives managed services providers (MSPs) and solution providers a prime opportunity for engaging and educating clients on the topic.

Here are seven ways that MSPs and solution providers can increase cybersecurity awareness among their customers:

1. Use stats to communicate the importance of cybersecurity. . For example, roughly, 81 percent of all data breaches happen to small businesses, and 60 percent of SMBs that are victims of a cyberattack go out of business within six months.


2. Teach end users how to protect themselves from cybercrime.. Showing your customers how to turn off auto-downloads for attachments and save and scan attachments before opening them is an effective way to help prevent an incident.


3. Share examples of what an attack might look like..PC Risk offers some great examples of the common types of computer infections. Examples like these make your lessons about safe behavior online more effective. Also, show your customer what it would look like if their system became infected by malware so they recognize the warning signs and know to alert someone immediately.


4. Keep customers informed about current threats..An email blast or hosting a webinar is a good way to do this, and you can also include a cybersecurity section in your customer newsletter.


5. Schedule regular refreshers and tests with customers’ employees.: Take this opportunity to share best practices for password management and avoiding phishing and keylogger scams. Encourage people to participate by offering rewards to employees with the highest scores.


6. Encourage your customers’ employees to share potential errors right away.Accidentally clicking on a suspicious link is a good example of this, and by telling someone immediately afterward, the employee can minimize the amount of time between a potential breach and getting it addressed.


7. Periodically assess your customers’ security posture. CompTIA’s IT Security Assessment Wizard is a great resource for identifying your customers’ strengths and weaknesses when it comes to IT security, so that you can help them make adjustments to better protect their businesses.

These are just a handful of the ways that MSPs and solution providers can foster meaningful conversations and encourage customers to be more proactive around cybersecurity.

Originally published in: Business Solutions

Unless you're building your business from scratch, you probably use various apps, cloud services and platforms in your day-to-day operations. However, those apps probably don't work very well with each other—or with your legacy software. That leaves you constantly moving data from one app to another or reentering the same information in multiple apps.

The tools that were supposed to make your work easier have now become more work. How can you make using your apps and platforms more efficient so you spend more time making money than you do working in apps?

Access and Streamline Administrative Systems

"Small businesses end up spending too much time on administrative functions rather than on profit-making and progress," says Laurie McCabe, co-founder and analyst at The SMB Group.

"Take stock of where you are today. Instead of trying to patch systems together, find what's working and what's not. Look for issues you haven't yet addressed, too," says McCabe. "Look at what will move your business forward rather than what will keep your business in place."

Don't just add additional apps to the mix in an effort to keep abreast of your workload. Instead, look for places where you can add efficiencies that get the work done and that push your company ahead.

Invest the time to think this process through carefully. If done correctly, streamlining your operations will save you money, increase your profits, and propel your company forward. Be sure to plan for your company's growth too, because you don't want redo this exercise again anytime soon.

"When our company looks for software, we start by quantifying the problem we need to solve, or the opportunity we want to pursue," says Will Reynolds, CEO of SecureDocs, a virtual deal room for fundraising, mergers and acquisitions, and other deals for small business.

"Items that drive revenue will always be the most important—our marketing software is our biggest expenditure. Cost-saving software and time-saving software follows that. For us, the choice comes down to a balance between usability and the total cost of ownership," Reynolds added.

Which Comes First: Platform or App?

If you're just starting your business, and you don't have software platforms or apps in place, the answer to this question is simpler.

"Start with a cloud platform right off the bat if you're a startup," says McCabe. Look for a platform with integrated apps that address all your needs. "If you're looking for a complete overhaul of an existing setup, then the sky's the limit. You can choose any platform with integrated apps that suit your needs."

However, if you're like most small business owners, you have a combination of apps, platforms, and legacy systems in place. How do you straighten out that can of worms?

According to Jonathan Levine, CTO of Intermedia, an IT services company, you have options. "Several cloud-based tools can help tie applications together. Examples include services like Microsoft Azure Data Factory, Zapier, Elastic.io, IFTTT, ItDuzzit, and CloudWork," says Levine. "These tools can orchestrate applications, synchronize data between applications, or cause actions in one application to trigger actions in another."

It's smart to put a lot of thought into platform and app selection and integration, because your future success depends on making good choices.

"Switching platforms is a dangerous task for small businesses, so pick something that you can customize over time to suit your business needs," advises Brendan Peterson, product marketing manager of Scribe Software, a data migration and integration product provider.

"Integration drives [employee] adoption, so make it a priority. Whether it's just syncing old contact data, or tying in a legacy database to your new systems, employees will immediately benefit from having that data at the tips of their fingers instead of calling IT in to get a dump of data. Integrate early, and integrate often," advises Peterson.

But what if you're too overwhelmed with the choices, find them too expensive, or you're simply too busy to stop and change everything?

"Pick an anchor app that you like and that works well for you—maybe Sage, Intuit, Salesforce.com—whatever your favorite, most useful app might be. Then look at its ecosystem to find other apps that integrate with your anchor app," recommends McCabe.

If you've identified a need for which you do not have an app, you can likely find one in your anchor app's ecosystem. If not, try several apps for the free trial period, choose one that does what you need, and look at its ecosystem for additional integrated apps.

"The burden of integration is moving to the supplier," says Mike Bertrand, founder and CEO of MoneyStream, a money management app provider. "If possible, stick with products that already talk—are integrated—with each other." But be careful of future-app promises.

"Company roadmaps change," warns Bertrand. "If a company says that it's planning a future integration, understand that the integration may be a ways off. And don't be surprised if it doesn't show up at all. Not necessarily due to bad intent, but for good business reasons that have nothing to do with your small business."

Other Sources for Help with App Integration

If you're still unsure how to proceed after reading and using the tips above, you can hire a consultant, a value-added reseller, a professional integration team, or turn to your peers for suggestions.

"Use your network to ask what's worked for companies and individuals in a similar business," says Garrett Brown, chief revenue officer at Bitium, an identity and access management security supplier.

"Beyond that, Quora is a great resource for getting crowd-based feedback on any questions you may have," Brown adds. "Online software review sites like G2Crowd.com and TrustRadius.com can be helpful for learning the basics about a product and for identifying competitive products that you might also wish to evaluate. But beware of sites that allow providers to pay for placement or reviews that might not be genuine."

Don't forget to ask professionals you work with regularly for their recommendations on software, too.

"Your CPA or accounting services provider is another great source of information. The good ones will have the ear of accounting technology vendors and will know about all the latest products and features," says Dennis M. Najjar, co-founder of AccountingDepartment, a virtual accounting and bookkeeping service. "They will also have feedback from other clients who use them and be able to warn you about any pitfalls they've experienced."

While change may be daunting, remember that the reason you went into business was to make money, not to just have something comforting to do. Adding efficiencies to your business will pay off in the end.

"Change is hard for a small business," says McCabe. "Take the time to streamline stuff and automate the backend so that you can move on to bigger profits and more growth."

Originally published in: Small Business Computing

ScienceLogic releases "Trends in Global Cloud Adoption" survey.

Many organizations lack advanced visibility, monitoring and infrastructure control in their public cloud environments, according to a new ScienceLogic survey of over 1,600 IT professionals.

The survey, titled "Trends in Global Cloud Adoption," revealed 82 percent of respondents were unable to ensure optimum performance, health and availability of public cloud workloads due to lack of advanced visibility into their public cloud infrastructure.

Forty-six percent also noted that they do not, or do not know how, to proactively monitor their public cloud workloads.

"These results illustrate that cloud adoption isn't just a technology fad," said ScienceLogic CEO Dave Link in a prepared statement. "As hybrid IT and multi-cloud usage becomes mainstream for organizations, so does the need to simplify workload visibility and management for IT teams."

Other survey results included:

• Over 75 percent of respondents said shadow IT and cloud sprawl is happening within their organizations.
  
• 65 percent said they feel that IT has less control over the infrastructure in their public cloud environments.
  
• Organizations lose an average of about $3.9 million, or about $12,200 per minute, annually due to network outages.
  
• 50 percent of organizations said they have experienced at least one complete network outage in the past 12 months. Of those, 27 percent noted that they have experienced over two hours of downtime per event.
  
• Network failures are the source of the majority of reported outages, with 26 percent citing network device failures, 24 percent citing circuit failures and 18 percent citing network configuration errors.

In addition, a recent study from Seattle-based data center operator Digital Fortressshowed the majority of IT decision-makers in large and mid-sized U.S. companies said they want to outsource their public cloud management to managed service providers (MSPs).

The study revealed 70 percent of respondents pointed out that they preferred to deal with a single vendor to manage their entire IT infrastructure.

How can MSPs help customers reap the benefits of the public cloud?

Gary Quinn, CEO of data protection and storage virtualization solutions providerFalconStor, told MSPmentor he believes ensuring customers are using the "right cloud at the right time" is essential for MSPs. 

"You need to look at the different types of 'enterprises' and what they are using the public cloud for within their IT workloads," he said. 

Educating customers about the public cloud also enables MSPs to ensure their customers can optimize their cloud usage.

"Applications such as email, customer contact systems, sales productivity tools [and] financial systems all have a place in public cloud environments," Quinn said. "[But] the use of the public cloud for “custom applications” and high-volume transaction applications are most likely not the place where the public cloud would be used."

Originally published in: MSP Mentor

NEWS ANALYSIS: As the line blurs between on-premise and public cloud computing, demand will be greater for external expertise to make sense of it all..

The primary issue with integration in the cloud comes down to the maturity of the organizations using it, said John Joseph, vice president of marketing at Scribe Software. Going into 2016, however, Joseph said he expects to see a significant wave of integration activity at all levels of the enterprise.

"A lot of the cloud applications are currently disconnected," Joseph said. "Most organizations are still focused on getting cloud applications up and running. Then they'll focus on integration."

The Next Big Opportunity

Still, the channel for the most part remains firmly convinced that hybrid cloud computing represents the next big opportunity for solution providers. While a recent survey from Verizon Enterprise Solutions shows that many application workloads are clearly moving into the cloud, there will still be plenty of application workloads that will not move into a public cloud. As a result, IT environments are by definition becoming hybrid clouds, which creates additional levels of IT complexity that solution providers are uniquely positioned to address

"Somebody still has to manage it all," said Ralph Blanco, president of Executive Computer Management Solutions, a solution provider based in Struthers, Ohio. "Customers want someone to manage their data regardless of where it is." Similarly, Jeff Robles, senior business consultant for I.T. Solutions of South Florida, a solution provider based in Lake Worth, Fla., notes that, when it comes to the cloud, solution providers simply need to be savvy about where they pick their spots.

• Over 75 percent of respondents said shadow IT and cloud sprawl is happening within their organizations.
  
• 65 percent said they feel that IT has less control over the infrastructure in their public cloud environments.
  
• Organizations lose an average of about $3.9 million, or about $12,200 per minute, annually due to network outages.
  
• 50 percent of organizations said they have experienced at least one complete network outage in the past 12 months. Of those, 27 percent noted that they have experienced over two hours of downtime per event.
  
• Network failures are the source of the majority of reported outages, with 26 percent citing network device failures, 24 percent citing circuit failures and 18 percent citing network configuration errors.

In addition, a recent study from Seattle-based data center operator Digital Fortressshowed the majority of IT decision-makers in large and mid-sized U.S. companies said they want to outsource their public cloud management to managed service providers (MSPs).

The study revealed 70 percent of respondents pointed out that they preferred to deal with a single vendor to manage their entire IT infrastructure.

"Somebody still has to manage it all," said Ralph Blanco, president of Executive Computer Management Solutions, a solution provider based in Struthers, Ohio. "Customers want someone to manage their data regardless of where it is." Similarly, Jeff Robles, senior business consultant for I.T. Solutions of South Florida, a solution provider based in Lake Worth, Fla., notes that, when it comes to the cloud, solution providers simply need to be savvy about where they pick their spots.

"When it comes to Microsoft Exchange, for example, we try to get it into the cloud," Robles said. "But the customers still need someone to function as their CIO regardless of where something is deployed."

While it may still be unclear just how homogeneous versus heterogeneous hybrid cloud computing may actually turn out to be, there's no doubt that as the line between on-premise and public cloud computing continues to blur, the demand will be greater for external expertise to make sense of it all.

-See more at: http://www.channelinsider.com/cloud-computing/the-coming-of-the-hybrid-cloud-2.html#sthash.zs6qYAM8.dpuf

Originally published in: Channel Insider

MSPs and solution providers have an opportunity to grow their businesses by including CaaS as part of their managed services and security offerings. Here’s why.

As countless experts in the IT channel will attest, specialization is key to building a thriving business. With an increasing number of MSPs and solution providers heeding this advice, it is not uncommon to come across channel partners that are focused solely on serving clients in the healthcare, legal, banking or financial services industries. Now, those who already possess this vertical market expertise have an opportunity to differentiate themselves even further and grow their businesses by focusing on meeting a critical business need--compliance.

SMBs operating in the healthcare, financial services and other regulated industries often do not have the expertise in-house to keep on top of constantly evolving regulatory standards, such as HIPAA, FINRA and PCI DSS. And, with covered entities and business associates now sharing the risk and responsibility for security breaches and data theft, many of these businesses are entering into previously uncharted territory, which is driving the need for Compliance-as-a-Service (CaaS) offerings.

This, in turn, is providing MSPs and solution providers with an opportunity to grow their businesses, by including CaaS as part of their managed services and security offerings. Here’s why:

1. Security assessments alone are not enough:While they are important to protecting an organization’s critical data and infrastructure, security assessments can only pinpoint vulnerabilities at the time of the assessment. For example, in between security assessments, an organization or its employees may begin using a new software or infrastructure solution that is not compliant with regulatory standards. This can leave the organization exposed to data breaches, malware attacks and other security incidents. Through a CaaS offering, MSPs and solution providers can continually monitor application and data infrastructure, and ensure that security protocols are up to date and that data and information are consistently handled in compliance with industry-specific standards and regulations.


2. An ounce of prevention is worth a pound of cure: If an organization is found to be non-compliant with HIPAA or other regulatory standards due to the use of new software or infrastructure solutions, they are liable to pay hefty fines, and risk their reputation in the event of a data breach or other security incident. MSPs and solution providers can help to prevent this from happening by leveraging CaaS to ensure day-to-day compliance with regulatory standards.


3. Education is essential to long-term success:Because standards are constantly evolving in order to adapt to new market conditions and threats to data security and privacy, it can be difficult for organizations to keep on top of the latest changes. MSPs and solution providers with CaaS offerings are in a great position to educate customers on these changes in real-time, and help them identify new products and solutions that will enable them to achieve and maintain compliance with these evolving standards over the long term.
   
   Without a doubt, CaaS meets a critical business need for organizations of all sizes operating within regulated industries. MSPs and solution providers that are able to demonstrate their expertise in compliance, as well as a proven track record for success in this area, will uncover new opportunities to generate predictable revenue streams that will in turn drive success for their business.

Originally published in: MSP Mentor