www.thechannelstandard.ca
THE
MARCH/APRIL 2013
CHANNEL STANDARD
SRIKANTH NADHAMUNI, KHOSLA LABS
Helping India leapfrog from no ID to digital ID PAGE 10
CHRIS DOGGETT, KASPERSKY LAB:
Kaspersky focused on a partner-led strategy PAGE 24
CRITICAL INSIGHT FOR CHANNEL MANAGEMENT
SECURITY:
The Channel Standard
TRENDS AND SOLUTIONS www.itincanada.ca
StandardSMB-ready server solutions Experts offer IT security predictions for 2013 On location with Kaspersky Lab Single-sign-on solutions for the cloud
Do your sales reps spend more time looking for special pricing approvals than talking to customers? Is your purchasing team struggling to keep up with requests to validate pricing and discounts?
Is your sales team aware of all your customers’ upcoming maintenance, support and warranty renewals? Are your client entitlements lapsing, leaving your customers exposed and your accounts vulnerable to your competitors?
We Can Help
rs s?
CONTENTS
13.03
FEATURED THIS ISSUE SMB-READY: STATE OF SERVERS Kevin Priddle works with six leading vendors to identify new trends in SMB server offerings for 2013
CONTRACT CRITICAL
David Gammon summarizes three sources to help you find the right Independent Professionals: referrals, advetising and staffing agencies.
CASE STUDY: SCANNING IDS ON THE INDIAN SUBCONTINENT “Aadhaar” is an ambitious biometric “one platform” ID system introduced by the Indian national government to support more efficient service delivery
TECHNOSPECTIVE ON SECURITY: GET SECURITY SMART Six leaders from the IT security space offer their predictions for the security threat landscape in 2013
ON LOCATION A new focus on a partner-led strategy was unveiled at the 6th annual Kaspersky Lab North American Partner Conference in Cancun, Mexico
RESEARCH FEATURE ITMD’s Michael O’Neil offers a look at where IT buyers turn to learn about solutions
SPECIAL BID PRICING
Tracker Networks’ Jason Doel identifies a flat growth in special bid volume versus January 2013 but highlights a significant drop compared to this time last year
14 09 10 12 24 28 30
4 CCO VIEW
The link between Moneyball metrics and success in the security market
6 CANADIAN CHANNEL NEWS
SYNNEX enters agreement to acquire Supercom Canada, Dell adjusts Premier tier of PartnerDirect channel program, Protecode partners with Abilis Solutions to expand open source license compliance, EMC enhances its Velocity channel partner program, and new incentives and opportunities unveiled at VMware Partner Exchange 2013
20 GLOBAL VIEWS: SINGLE-SIGN-ON SOLUTIONS FOR THE CLOUD
ChannelPro SMB’s Ellen Muraskin outlines how single-sign-on solutions have created secure gateways for mixed environments of cloud and on-premises applications
21 GLOBAL VIEWS: THE ‘POST PC’ THREAT LANDSCAPE—WHAT YOU NEED TO KNOW
ChannelPro SMB’s Colleen Frye reviews two recent reports from Trend Micro and declares that the cyberthreat landscape has officially moved into the “post PC” era
22 GLOBAL NEWS FROM CHANNELPRO SMB
Ingram Micro to distribute GLOBO mobile management solutions, Sepaton’s latest data protection platform offers “Encryption of Data at Rest,” the healthcare vertical gets a mobile tablet option, and SolarWinds announces a server and application monitor update
March/April 2013 | 3 | The Canadian Channel Standard
CCO VIEW
SECURE CHANNEL BY MICHAEL O’NEIL
I
t’s spring, which means baseball to parse through the differences; has begun, which means in turn marketing being what it is, most that millions of “us” (I’m in – are communiques are heavy on promises you?) are tuning into box scores and of offering a “solution,” and light on message boards to catch up with our just what problem is being solved, and teams and players. which other problems remain after If you haven’t spent time on a resolution. baseball site in a few years, though, you I don’t believe that this difficulty is may have trouble latching onto today’s contained within the analyst and press discussion. For many years, the key stats communities. If I were an IT manager in baseball were simple, and generally, at one of Canada’s one million SMBs, based on simple counting: home runs, or if I were the business executive to RBIs, wins, saves. whom that IT Even those that manager reported, required some math “When you come to a fork I would be equally (batting average, mystified by the in the road, take it” ERA) were intuitive. range of threats Today, though, and responses – - Yogi Berra there’s a whole new and eager for help lexicon, requiring in unraveling the different kinds of understanding (and code. advanced calculus, if you want to This, of course, is good news for the keep score at home!). Watch the game, channel, which lives by the mantra and you’ll still see a pitcher toe the “in mystery there is margin.” And rubber, and deliver; a batter connect; unlike many other product categories a fielder sprinting towards where the (servers, storage, PCs…), security is not ball is heading. Read about the play negatively affected by the increasing afterwards, though, and it’s not a simple use of cloud computing – in fact, the “6-3” in your scorecard, it’s an entry need for security is magnified by cloud. that affects FIP, DICE, BABIP, ISO, OBP Security applies to everyone, whether (and OPS, of course!), UZR, PADE, WARP, they are “old school” (RBIs, anti-virus, BsR, and dozens of other categories; corporate reputation) or members of there’s even a quantitative measure the Moneyball generation (fWAR, DLP, (appropriately, NERD) that describes the identity as a perimeter). aesthetic appeal of a pitcher or team In this issue, we walk you through (team formula: AGEzx2+BATz+HR/ some of the opportunities that we are FBz+(SBAz+SBRz+XBTz) seeing in security (and in servers – like x.33+BLz+UZRz+PAYz+LUCK). “wins” and “runs scored,” some issues The information and insight gleaned are important to all perspectives!). from these evolved approaches is far We’ve also included some new IT Market deeper and more accurate than the stats Dynamics research on marketing, to used in simpler times – but it’s difficult illustrate how buyers receive and react for the “casual fan” to tap into the to information on IT solutions – so that discussion. you can market to the needs we’ve On many days, I feel roughly the same underscored in this issue! way about security. At IT in Canada, Looking forward to seeing you we are regularly approached by more succeed – and to seeing how the Red than 100 suppliers of security products/ Sox perform as an underdog. services. At a casual level, it’s difficult
March/April 2013 | 4 |
Volume 2, Issue 3 EDITORIAL Michael O’Neil | Chief Content Officer michael.oneil@itincanada.ca Kevin Priddle | Associate Editor kevin.priddle@itincanada.ca CONTRIBUTORS Mary Allen Jason Doel David Gammon Ellen Muraskin Colleen Frye ART & PRODUCTION Elena Pankova | Senior Art Director elean.pankova@itincanada.ca David Potocki | Art Director davidp@precision-multimedia.com THE CANADIAN CHANNEL STANDARD - SALES Patricia Bush | National Account Manager trisha.bush@itincanada.ca EVENTS Sandra Service | Events Manager sandra.service@itincanada.ca CIRCULATION James Watson | Circulation Director circulation@itincanada.ca
T
P • • • • • • •
CORPORATE INQUIRIES John R. Jones | Publisher john.jones@itincanada.ca HOW TO CONTACT THE CANADIAN CHANNEL STANDARD Telephone: 905-727-4091 Editorial issues: Michael O’Neil, Chief Content Officer, IT in Canada network michael.oneil@itincanada.ca Business issues: John Jones, Chief Operating Officer, IT in Canada network john.jones@itincanada.ca SUBSCRIPTION INQUIRIES For help with subscriptions, please contact circulation@itincanada.ca To subscribe to The Canadian Channel Standard in print, as a digital magazine – or to receive our daily e-newsletter – please visit us at www.itincanada. ca/registration
• • • •
The Canadian Channel Standard is published 10 times per year and is found on the web at www.channelinsider.ca One year subscription rates: One year subscription rates: Canada, $50, US $60 (US) and foreign $90 (US). Single copies $5.00. Please add HST where applicable. Complimentary subscriptions available to qualified Canadian readers. When notifying of an address change, please include address label to ensure continuity of service. All rights reserved. The contents of this publication may not be reproduced either in part or in whole without the permission of copyright owner. The views expressed in this publication are not necessarily those of the publishers. REPRINT INFORMATION High quality reprints of articles or additional copies of the magazine are available through IT in Canada. Please contact us by phone at 905-727-3875 x336 Canadian Publication Mail Agreement # 41382532 All rights reserved. No part of this publication can be reproduced without written consent; inquiries should be addressed to inquiries@itincanada.ca
The Canadian Channel Standard contains articles under license from EH Publishing, Inc. The EH articles in this issue are reprinted by permission of CHANNELPRO SMB, copyright ©2012, EH Publishing, Inc
The Canadian Channel Standard
Ca Co
THE PORTABLE
P-215 SCANNER • COMPACT AND CONVENIENT • SINGLE USB POWERED (USB 3.0 READY) • MAX SPEED 15 PPM • BUILT-IN CARD READER • 20 SHEET DOCUMENT FEEDER • BUNDLED SOFTWARE FOR MAC AND WINDOWS • INCLUDES ISIS/TWAIN DRIVERS
• • • •
USB 3.0 ready Mac and PC compatible Only 2.2lb. Card Scanning
. RD . A T H KS MAR E. R S WO KS HER R W WO ANY S RK O W
Canon is a registered trademark of Canon Inc. imageFORMULA is a trademark of Canon Inc. © 2012 Canon Canada Inc. Contact your Authorized Canon Distributor to see it today or visit www.canon.ca/contactus to request a demo.
www.canon.ca
CHANNEL NEWS
NEWS HIGHLIGHTS FROM IN AND AROUND THE CANADIAN CHANNEL BY KEVIN PRIDDLE
1
SYNNEX to acquire Supercom Canada
On March 6, SYNNEX Canada announced that it has entered into an agreement to acquire Supercom Canada Ltd., a fellow Canadian distributor of IT and consumer electronics products/services, for a purchase price of approximately $36.5 million (CDN). “Over the past 24 years, Frank Luk and Supercom have built an enviable reputation in the Canadian IT market,” Kevin Murai, president and CEO of SYNNEX Corporation, said in a release. “We are excited to have the Supercom team as part of our company.” “The acquisition demonstrates our continued commitment and investment in the Canadian [market],” Mitchell Martin, president of SYNNEX Canada, said to The Standard in an interview. “Canada is a very strategic geography for SYNNEX as a whole… and the investments we’ve made in Canada make us that much more capable in terms of helping [partners and customers] grow their business.” In addition to growing SYNNEX’s market share in Canada and providing access to larger relationships with key vendor partners, Martin says one of the main benefits the acquisition will bring to SYNNEX is the talent pool of Supercom’s over 250 employees. “It’s an outstanding group of folks,” Martin said. “[They are] tenured employees that really understand the business.” Frank Luk, Supercom’s president, is a key part of that talent pool that will be integrated into SYNNEX. After the deal closes, Luk has agreed to join SYNNEX Corporation as senior vice president of partner advocacy reporting directly to Kevin Murai. Martin said that while they are competitors in the Canadian IT distribution space, a number of SYNNEX leaders including himself, Kevin Murai and SYNNEX March/April 2013 | 6 |
founder Bob Huang have been “good friends with Frank for a long time.” “We have bought product from Frank and Frank has bought product from us, so we’ve always been very close,” Martin said. “He has very deep relationships with many vendors, so his job will be to help us grow those partnerships on a worldwide basis. Similarly he has some very deep relationships on the customer side in Canada and the U.S. [and] he will leverage those relationships to help us grow within those accounts.” “We are delighted to join SYNNEX Canada,” Frank Luk, said in a release. “I want to thank all my employees, vendor partners and customers for their loyalty and support to Supercom and I look forward to continuing to work with them under the combined SYNNEX Canada.” The transaction, which is subject to regulatory and other approvals, is expected to close sometime between March 31 and April 15, at which point Martin says he looks forward to partnering with Frank Luk to “make SYNNEX the largest distributor in Canada.”
2
Dell adjusts PartnerDirect Premier tier
The top tier of Dell’s PartnerDirect program just got a little more exclusive. At the beginning of March, Dell announced that it is raising the revenue requirements on its enterprise products for North American Premier partners in the PartnerDirect reseller program. Under the changes, Canadian partners will need to sell at least $750,000 (USD or equivalent) of Dell enterprise products during the previous four rolling quarters and their American counterparts now need to sell $1 million during the same period. Qualifying enterprise products include Dell EqualLogic, PowerVault, PowerConnect, PowerEdge, KACE, Compellent, Force10 and AppAssure. The current volume requirements The Canadian Channel Standard
CHANNEL NEWS
Kathy Schneider, executive director for global channel marketing and programs, Dell
are $750,000 in the U.S. and $500,000 in Canada – representing a 33% and 50% hike respectively. Existing partners who have achieved Premier status before March 4, 2013 will retain this status and its benefits until August 2, 2013. But on August 2, 2013, partners who have retained the Premier status will need to meet the new threshold in order to remain in this tier for Dell’s new fiscal year. Similar adjustments
were made in EMEA last year. The Preferred and Registered level requirements will stay the same, while Premier partners will still need to achieve two or more PartnerDirect certifications and complete one Dell Solutions training course in addition to the new revenue threshold requirements. Dell says there has been tremendous growth within the Premier and Preferred partner base since they were introduced to the PartnerDirect program in May 2011. Changes to the Premier level are meant to reflect the maturity of the program and the commitment, investment and business growth by its top tier of partners. “The revision of our Premier partner tier is designed to keep this top level as an exclusive group of partners who have demonstrated the highest level of commitment and capability to Dell,” Jim Defoe, VP of North America channel programs sales, said in a release. “At the same time we are introducing a new solution incentive for Premier partners effective immediately.” The new solution incentive Defoe refers to gives Premier partners the ability to earn additional incentives based upon the number of lines of business (storage, server, networking) they sell to customers. The incentive came into effect on February 2 and aims to increase the variety and number of different Dell lines of business solutions VARs offer their customers. “This forms part of our continuous evolution of the PartnerDirect program and is based on partner feedback,” Kathy Schneider, executive director for global channel marketing and programs, said in a release. “The Premier tier recognizes excellence and expertise, and partners who wish to stay in the Premier tier have over four months’ notice of the change in thresholds so we hope as many of them as possible will continue to be Premier partners.”
3
Protecode partners with Abilis Solutions to expand open source license compliance
Protecode, provider of open source software license management solutions, recently announced the expansion of its software code assessment and product support services through a partnership with Montreal-based Abilis Solutions, which specializes in the design, development and implementation of business solutions in information technology. Through the new partnership, Abilis can now provide software license assessment services and support to customers throughout the United States and Canada. “Software development organizations today are leveraging open source code to speed up development, reduce costs, and remain competitive. Increasingly, these organizations want to make open source license management part of their governance and quality development processes,” Éric Le Goff, president of Abilis Solutions, said in a release. “We are proud to partner with Protecode to help further expand our service offerings to our U.S. and Canadian customers.” Protecode says the combination of Abilis Solutions’ expertise in implementing complex software projects and its own automated license scanning tools will help organizations identify third party content in their software portfolios, and remove any uncertainties around IP ownership of software involved in a transaction. “Abilis brings extensive knowledge of software development practices in diverse areas such as government, healthcare, finance, and energy, making them an ideal partner for Protecode,” Mahshad Koohgoli, CEO, Protecode, said in a release. “Their expertise and existing North American presence will help us meet the increased demand for software code assessment services.”
4
EMC enhances Velocity channel partner program
In an effort to provide a simpler, more predictable, and more profitable experience for channel partners across the globe, data storage and information solutions vendor EMC recently announced a set of enhancements and changes to its Velocity solution provider program. In addition to doubling its investment in demand generation funds, programs, and resources, EMC has now integrated the EMC Isilon partner program into the Velocity program to open up more benefits for former Isilon partners on other EMC products and to give existing EMC resellers the opportunity to earn benefits from selling Isilon. “That makes it easy for the partners… and it allows us to consolidate the rebates we pay partners so that everything counts towards [the same] rebate target,” says
March/April 2013 | 7 | The Canadian Channel Standard
Continued on page 8
CHANNEL NEWS Continued from page 7
Michael Kerr, director of channels at EMC Canada. EMC is now also offering new rebates to its Premier and Signature level Velocity partners on specific target products that the company has deemed strategic mid-market initiatives. Products eligible for these new rebate incentives Michael Kerr, director of include EMC VNX and channels at EMC Canada VNXe unified storage, EMC Avamar and EMC Data Domain backup and recovery solutions, and server Flash caching solution EMC VFCache. “We pay this rebate from the very first sale and it can be combined with other existing rebates dependent on the level of the program that a partner currently enjoys,” Kerr says. Changes to Velocity specialty requirements no longer demand that partners earn an implementation certification to achieve a specialty, which offers “pureplay” resellers an easier path to achieve Velocity specialties and the benefits that accompany them. But EMC still encourages partners to become “servicesenabled” and has also provided enhancements for partners that do include services in their business model. Revenue requirements for reaching Velocity specialties have been removed and focus has been placed on the level of investment a partner makes in EMC practices and certifications - an enhancement that opens up a lot of opportunities for smaller VARs and service providers, according to Kerr. “In the past, you had to have $10 million in annual sales to make Signature and it’s sometimes very difficult to reach those levels, particularly in a country like Canada,” Kerr says. “Now we’re trying to encourage partners to participate with us more based on their investment in skills [rather] than in their revenue gates.” To reach the Premier level partners now just need one specialty (consolidate, advanced consolidate, or backup and recovery) and to achieve top tier Signature level, partners just need to earn all three specialties without worrying about reaching minimum annual revenue targets. “If I’ve got a small partner, say with less than 20 employees, and they allocate five people within that organization to learn our product set that’s a significant investment on their part,” Kerr says. “I should recognize that investment, which we now do.” The partners that are becoming the most profitable are the ones that are investing in knowledge and March/April 2013 | 8 |
certifications to go to market and advise customers, he says. Those partners that are not providing the full solution and services will begin to become either takeover targets or minimized in the marketplace.
5
New incentives and opportunities unveiled at VMware Partner Exchange 2013
At its recent Partner Exchange 2013 conference, virtualization and cloud infrastructure vendor, VMware, announced a set of new programs, incentives and benefits aimed at enabling its partner community “to deliver complete virtualization, cloud and mobility solutions that simplify IT infrastructure from the datacentre to the mobile workspace,” according to a release. “As the industry embraces the software-defined datacentre, we continue to double down on our partner community with programs, incentives and benefits that open up significant, long-term business opportunities to deliver next-generation IT solutions to customers,” Dan Smoot, VMware’s SVP of customer operations, said in a release. The Cloud Credits Purchasing Program is a new initiative that offers solution providers a revenue stream by selling prepaid credits to be used for subscription-based hybrid or public cloud services offered by authorized VMware vCloud service provider partners. VMware says solution providers can augment their private cloud sales with “credits” toward a public cloud service provider offering, enabling them to capture more “upfront revenue” and provide their own unique valueadd to customers. Authorized VMware vCloud service providers can benefit from customers redeeming their cloud credits in exchange for cloud services based on hybrid cloud architecture. VMware is also offering new incentives for the recently introduced VMware vSphere with Operations Management, which aims to offer customers greater operational insight into VMware vSphere and optimize capacity. For a limited time, VMware is offering an advantage+ Accelerator, which gives an additional upfront discount on eligible VMware vSphere with Operations Management SKUs, the company announced at Partner Exchange. Attaining the VMware Management Competency also helps partners earn additional rewards on VMware vSphere with Operations Management sales through VMware’s Solution Rewards program. “To take full advantage of the opportunities VMware vCloud Suite affords, VMware offers enhanced Solution Rewards opportunities to partners that achieve all five of VMware’s datacentre- and infrastructure-focused competencies, as well as customized professional services IP to help build and deliver packaged or customized services,” a release stated.
The Canadian Channel Standard
CONTRACT CRITICAL
FINDING THE RIGHT INDEPENDENT PROFESSIONAL How to leverage referrals, advertising and staffing agencies in your search for the perfect IP BY DAVID GAMMON
ting up some sort of standard reward for successful referrals. Much has been written on the topic so I will stop there, but will say that this should be your first step – it is inexpensive, gets the team involved and has a high potential for success. A standard benchmark is that onethird of your hires should be coming from employee referrals.
Advertising David Gammon, president & CEO, 4FMV Inc.
In the February 2013 edition of The Standard we discussed how to develop a proper position description before beginning your search for an Independent Professional (IP). Once you have your description ready, it’s time to cast your net upon the water. There are many ways to reach out to Independent Professionals and your strategy will depend on internal resources, budget, the urgency of your need, and the time you are willing/ able to invest. For simplicity sake, I group the different search methods into three categories: referrals, advertising and staffing agencies.
Referrals The least expensive and often overlooked method is asking for referrals. If you don’t already have a referral program in place then now is a good time to start. If you already have similar talent within your organization then that is the best place to begin. Start with your internal team and then expand your request to suppliers and clients where reasonable. If you plan to fish from that well on a regular basis though I suggest set-
Advertising can include your corporate career site, external job boards and any social media avenues you have available. If your company has a career section on its website you should get the description up right away. On most corporate sites the career page is the second most trafficked after the home page. External job boards are still useful despite their dilution over the last several years. If your HR department already has access to one or more then you should consider getting them to post for you. If you don’t have a HR department with an advertising budget or if you don’t want to involve them (this happens a lot) then consider some of the many niche job boards that have popped up in the last 10 years. Niche job boards can be very useful as they will be much more specific to a skill set and tend to be less expensive. But beware; although some are very strong there are also many that just do not cut it so make sure you do your research.
Staffing agencies Staffing agencies are a very good option for finding IPs especially if you
are in a hurry and the risk of not hiring someone soon is costly. Although it can appear to be expensive, a good agency will save you a lot of time and will likely save you money in the long run. A good agency will help you better qualify what exactly you need and what compensation will be required to attract the right person. Typically they will have a pool of IPs that they are in regular contact with, which will drastically shorten the hiring cycle. Agencies will only charge you for a successful hire. The charge is in the form of a markup on the rate paid to the Independent Professionals. I have seen the markup vary from 15% to 100%. A fair rate is somewhere around the 20% mark. Agencies, by nature, have a depth of experience in screening and interviewing - helping weed out the pretenders and find the perfect fit. The biggest savings may be if your IP turns out to be a dud – this does happen once in a while – in which case the agency will replace that contractor ASAP with no additional cost. This alone can be worth the markup. The cost of a bad hire can be very expensive. If you have to start your search again from scratch and without any help… you may find yourself in trouble.
Summary All three options have their benefits and pitfalls. If possible, using all three is the best way to go, but is time consuming. If you can’t pursue all three options, pick your spots based on time available and budget.
March/April 2013 | 9 | The Canadian Channel Standard
CASE STUDY
SCANNING IDS ON THE INDIAN SUBCONTINENT “Aadhaar” is an ambitious biometric “one platform” ID system introduced by the Indian national government to support more efficient service delivery BY MARY ALLEN
H
ow do you manage access to support services in a manner that is safe, secure and effective for 1.2 billion people across the Indian subcontinent? In a fascinating keynote presentation at February’s RSA Conference 2013 in San Francisco, Srikanth Nadhamuni, CEO of Khosla Labs, explained how. Nadhamuni serves as advisor to the Unique ID Authority of India, and from this vantage point was able to offer keen insight into an ID authentication project, on which he is technical lead, codenamed “Aadhaar” (understood as ‘foundation’ or ‘support’ by all the Indian languages) that is compelling for its breadth, technical sophistication and social benefits. According to Nadhamuni, the Indian national government spends approximately $40 billion a year on subsidies for the poor in food, health and job programs. However, ID documents to manage this are typically lacking: in many cases, they are paper based, and, issued by the village people were born in, they are often overlapping as cards are also issued by several government departments at the national and state levels. To introduce some accountability and more effective management of state programs, India’s national government decided to implement
a “one ID platform” with biometric identification and online authentication. With the new system, he added, India would “leapfrog from no ID to digital ID.” Enrolling individuals in the Aadhaar system is an incredibly laborious process as individuals have to be processed one at a time, and their biometric scan compared against scans existing in a growing database to ensure that each entry is unique.
When the project began, fingerprints were used as unique identifiers, but the project teams ran up against a problem: in rural communities, it was impossible to collect minutia points (fingerprint details that distinguish one person from another) because farmers had worn the ridges away through hard physical labour. So as a second biometric measure, iris scans, were used. In this ambitious undertaking, the national government Continued on page 26
CO
ww March/April 2013 | 10 |
The Canadian Channel Standard
We see IT relationships differently
CONNECTING CANADIAN IT www.itincanada.ca
INSIGHTFUL THOUGHT LEADERSHIP http://itmarketdynamics.itincanada.ca
TECHNOSPECTIVE ON SECURITY
GET SECURITY SMART “Better security practices” is one resolution that should be kept in 2013 as new vulnerabilities emerge from mobile devices, advanced persistent threats and the cloud BY KEVIN PRIDDLE
A
s businesses from SMB to enterprise have welcomed mobile and cloud-based computing in recent years, hackers and cybercriminals have adapted the way they work to exploit vulnerabilities in new technologies that are now becoming mainstream. The BYOD explosion has brought organizations and their employees to a new level of productivity and efficiency that previously was only dreamed of, but smart devices are challenging the “IT norm,” and as Doug Cooke, McAfee Canada’s director of sales engineering pointed out, most businesses can’t keep up with the number of mobile devices entering the organization, let alone focus on closing all of the security gaps that come with them. MDM (Mobile Device Management) will no doubt become a more widely adopted “weapon of choice” in 2013 to battle the increasingly complex problems associated with the proliferation of consumer gadgets, but as the tools workers use on a daily basis change, the security policies that govern them must also transform in order to keep pace. “Any security policy that was inherently developed with the assumption that the physical network is secure simply falls apart and is not effective in the cloud,” Paul Comessotti, Canadian regional director of Check Point Software Technologies, noted. “Administrators need agile security to counter all of yesterday’s, today’s and tomorrow’s threats.” But CTOs and IT managers cannot operate in a silo – they need the entire company on board, according to Matt Goulet, VP of SME sales and operations, Kaspersky Lab North America. “The new trend of BYOD should be countered with the creation of a corporate wide policy for mobile device use in which stakeholders from functional departments across the company—human resources, IT, line of business and legal – are involved,” he said. Educating everyone – from the front line customer service rep or warehouse worker right up to the boardroom executives – about the risks and goals surrounding your organization’s IT security is a MUST. That education will not only help employees use mobile
March/April 2013 | 12 |
devices in a safer way, it will increase their awareness of another security concern that will flourish in 2013 – advanced persistent threats (APTs). Highly sophisticated and precise attacks that gain access to networks and steal information silently are an increasing threat that is beginning to target a diverse range of verticals and business segments. “Security attacks on organizations have become increasingly well-planned and executed,” McAfee’s Doug Cooke said. “Attackers are well-versed in the acts of cyber espionage and data breaching, and are leveraging zero-day and customized malware. Of greater concern is the fact that the proliferation of rootkits continues to escalate.” All IT users need to be aware of the threats posed by social engineering (convincing-looking profiles, websites or emails used by cybercriminals to phish for information) and should be careful about what they share on social media. Check Point’s Paul Comessotti said one of the biggest mistakes companies can make (usually SMBs) is to think that no one is interested in their organization or their information, and that they are therefore safe from attacks. “If this is you, think again!” he said. “By virtue of being in the same geography, industry or another unintended affiliation as an intended target, any organization may be collateral damage.” If you have to make one resolution for 2013, commit to not being passive about security. Too often spending on security is slashed when it comes time to find ways to tighten the budget-belt and build profits. Make sure your organization has the proper tools to properly manage its network and the devices residing on it, and more importantly, make sure you invest the required time into understanding the current threat landscape and educating your staff on proper IT practices. Cybercriminals constantly transform and new threats will always emerge, but if you take the time and effort to prepare your organization, you’ll be glad you made the investment.
The Canadian Channel Standard
TECHNOSPECTIVE ON SECURITY
Hackers continue to target social network sites as distribution hubs for malicious code. Examples of common approaches include inserting enticing status updates in news feeds to induce users to click on links. These links provide an avenue for malware attacks to gain access to protected systems and information. Devices that have access to the enterprise need to be routinely updated with the latest security programs. Enterprises need to understand what is running on their network in order to protect their digital assets.
- Shawn MacCormack, regional sales manager, eastern Canada, Sourcefire
IT management needs be proactive in reaching out to business unit leads to discuss evolving business needs and the risks that various computing mechanisms may introduce. By keeping the discussion focused on business issues and asking a few simple questions, IT professionals can gain a better understanding of what security strategy to take. Questions to business leaders can include the following: • What computing “riches” within the organization need to be protected? • What actions could be taken by malicious intruders that would “ruin” the organization? • What regulations need to be addressed to keep auditors and regulators happy? The more IT management can engage with business leaders, the better the chance they will be involved in the decision-making process.
- Doug Cooke, director of sales engineering, McAfee Canada
Symantec predicts there will be a significant increase in cloud outages in 2013, yet companies will continue to pour resources into cloud offerings. The need to manage and protect data SMBs put in the cloud will lead to more adoption of backup and disaster recovery appliances and cloud service providers will begin to innovate more secure and efficient recovery of data and applications. Companies of all sizes will need to adopt better cloud management tools to protect their data because cloud outage problems will get worse before they get better – infrastructures that have scaled quickly with hand-written code and that utilize inefficient shared resources will result in major outages and some black eyes for the cloud computing market.
Malicious emails are making a comeback. Timed and targeted spear-phishing email attacks, along with an increase in malicious email attachments, are providing new opportunities for cybercrime. Malicious email will make a comeback. Domain generation algorithms will also bypass current security to increase the effectiveness of targeted attacks. 2013 will also see legitimate mobile app stores host more malware. Malicious apps will increasingly slip through validation processes and will continue to pose risks to organizations enabling BYOD policies. In addition, jail-broken/rooted devices and non-sanctioned app stores will pose significant risk to enterprises as more allow BYOD.
- Sean Forkan, vice president and general manager, Symantec Canada
- Fiaaz Walji, country manager, Canada, Websense
Great care must be taken when working with HTML5 components, because if they are not securely coded, they introduce a number of new attack vectors. Large websites coded in HTML5 can often have many of the same traits and capabilities of a small operating system! HTML5’s local storage API capabilities, webSQL, and DOM based XSS features require great care in their implementation, because within this complexity lies the ability for a hacker to craft potential stealth attacks using exploits like cache poisoning, local SQL injection or XSS vulnerabilities.
Mobile malware is growing at exponential rates, so you cannot assume that the “latest and greatest” application you are downloading to your mobile device is secure. While the lion’s share of mobile malware targets are Android-based devices (more than 90%), other operating systems are still at risk. In fact, 2012 saw the first malicious program for iOS in Apple’s App store. How do you protect yourself? Remember to patch! This will minimize your risk exposure as many security updates incorporate your operating system updates, whether it be Windows, Mac, Android or iOS.
- Paul Comessotti, Canadian regional director, Check Point Software Technologies
- Matt Goulet, vice president, SME sales and operations, Kaspersky Lab North America
March/April 2013 | 13 | The Canadian Channel Standard
SMB-READY TECHNOLOGY
SMB-READY: STATE OF SERVERS Cloud, mobility and virtualization are all changing the server landscape BY KEVIN PRIDDLE
T
he SMB community is one of the most integral markets for VARs and channel resellers throughout Canada. It’s a key reason why The Standard launched its new “SMB-ready” technology feature, which offers our readers a monthly compendium of the vendor products that help VARs engage with customers and deliver the businesscritical solutions that enhance long-term reseller/customer relationships. We’re back with the fifth instalment of the feature and this month we’ve gathered six leading vendors including Intel, HP, Dell, Cisco, IBM and Lenovo to showcase their best “SMB-ready” server solutions.
forward,” Isaacs says. “This will also put a renewed focus on networking and security and drive customers to take an architectural approach to the data centre, wherein technology is addressed as a whole rather than in silos.”
Server trends and developments
SMB buyer habits
“Virtualization, cloud and mobility have led to an explosion of data, driving an overall increase in computational power to make the collection and use of large amounts of data easier and more valuable,” says Carolyn Rollins, director of marketing, small business, mid-market and large institutions, Dell Canada. “The proliferation of mobile devices is driving the demand for anywhere, anytime data access, generating and consuming more data than ever before - including higher resolution photos and video,” Rollins says. “This triggers requirements for improved data handling and a continuing demand for greater network bandwidth.” Emily Hutson, part of Intel’s server channel product marketing team, echoes similar changes in the server landscape from the growth of mobile devices. “When it comes to small and mid-sized businesses, trends including BYOD and tablet usage are changing the server landscape,” says Hutson. “It’s key to prioritize spending around enhancing server and network infrastructure in a way that results in increased employee productivity while also improving network security and storage capacity. “ She also says it’s critical for SMB CIOs and IT managers to remember the importance of planning ahead for hardware and software refresh cycles and to virtualize hardware resources for “ultimate cost savings.” Gary Isaacs, VP, SMB, Cisco Canada, also sees virtualization as important development and thinks server solutions will continue to innovate around the trend. “Virtualization trends will pave the way for tiered models, in which SMBs balance on-premise and cloud data centre services to become more flexible and scalable moving
It’s becoming harder for SMBs to find IT experts to run and manage their technology, according to Chris Pratt, executive, strategic initiatives, IBM. He says SMBs want the capabilities that key applications bring without the hassle of managing IT. “If they are not in the IT business they do not want to have to maintain IT experts on staff as it is very expensive to do so,” Pratt says. “Most SMB firms still maintain core applications on premise, but want the speed and ease of use that cloud provides.” Intel’s Emily Hutson also predicts changes in the way SMBs will approach the cloud. “Today only 7% of small businesses are using the public cloud,” says Hutson. “Over the next five years, we expect to see about two times the growth on SMB cloud spending, as well as an overall increase in the BYOD space.” SMB business priorities have remained fairly consistent over the last three years, according to Dell’s Carolyn Rollins, who says SMBs have focused predominantly on managing costs, improving efficiencies, and increasing productivity. She does, however, suggest that these factors will not remain the sole concern of SMBs moving forward… “Studies are beginning to suggest that SMBs are shifting their strategic mindset from cost and efficiency alone, to now include a focus on building stronger customer relationships and driving innovation,” she says. “Increased cloud adoption continued rapid data growth, accelerated application I/O requirements and ongoing security concerns will form part of the changing IT landscape that will impact SMBs in 2013 and beyond.”
HP’s Lisa Wolfe forecasts similar emphasis around server virtualization. “Many SMBs find cloud services to be too risky but are still faced with BYOD employee demands,” says Lisa Wolfe, leader, worldwide small midmarket business, enterprise group, HP. “To secure access to their business applications and data from smart phones or tablet devices, SMBs are turning to client virtualization,”
Continued on page 16 March/April 2013 | 14 |
The Canadian Channel Standard
& s& bs ub e pu ve op tiiv to ut et cu se ec os xe lo e c ex cl
S ESTO
R
ES SUI T
S
o to st ns miin 2 2m
e he t th
Y SWA N E E U
Q
ind beh ly ngs i n t e o me s
Howntowonckwsaaway! ft e le
d l wb A fe
THE
SURPRISING DOWNTOWN OTTAWA HOTEL YOU MIGHT HAVE MISSED.
377 O'CONNOR STREET, OTTAWA, ONTARIO
1-800-465-7275 WWW.VICTORIAPARK.COM
Really,
ReallyBig Hotel Suites.
The moment.You know it. It happens any time you stay at a new hotel, right after you swipe your room key. The moment before you open the door. Will the room be big, or small? Light, or dark? Nice, or not?
and feature real bedrooms, real kitchens and real living rooms. And they don’t cost any more than those of our competitors. Really, why would you stay any place else?
Here’s what you’ll find the moment you open your door at Albert at Bay—space, and lots of it. Our suites are the biggest in Ottawa
DOWNTOWN OTTAWA
435 ALBERT STREET
613.238.8858
RESERVATIONS 800.267.6644 ALBERTATBAY.COM
SMB-READY TECHNOLOGY Continued from page 14 Vendor description: The Intel Xeon Processor E3 family is designed with innovative features that adapt server performance to the needs of small business. For resellers, Intel also offers a family of server boards and systems that are designed to be compatible with the Intel Xeon Processor E3 family. In comparison to a desktop computer, a server based on the Intel Xeon Processor E3 family is engineered and validated to operate 24/7 and offers enterprise-class features, including support for ECC memory, hot-swappable hard drives and redundant storage. In addition, Intel Xeon Processor E3 family-based servers offer the performance that SMBs need for applications like web and email hosting and centralized database at an affordable price point. Reseller sources: The products are available from Intel Authorized Distributors, which in Canada includes: ASI, Ingram Micro, Supercom, Synnex and Tech Data.
SMB-READY TECHNOLOGY: SERVERS
Spec highlights: Intel Xeon Processor E3 family: Up to 42% performance improvement over previousgeneration Intel Xeon processor-based servers on database applications; enhanced performance and energy-efficiency with industry-leading Intel silicon technology (32nm Hi-k process technology), large on-die cache (up to 8 MB L3) and reduced transistor gate leakage; better data integrity and system reliability through automatic data correction ( detects and corrects up to 99.988% of all memory errors); better support for high-speed solid state drives (SSDs) due to faster HDD cache transfers; low-power 20W and 45W processor SKUs available The Intel Xeon for small form factor or energy-constrained platform designs; Intel Turbo Boost Technology 2.0 Processor E3 family accelerates processor or graphics performance for peak loads; offers quicker transitions to and from processor sleep states for improved energy efficiency; tested and validated on server operating systems; additional 4 PCI Express 2.0 ports (versus desktop); Intel Rapid Storage Technology accelerates system performance by striping data across hard drives and a new e-mail alerting capability enables rapid service response; thread-level parallelism uses processing resources more efficiently and benefits most multi-threaded and concurrently running applications; Intel Trusted Execution Technology prevents malware insertion during system boot and helps to ensure the system launches into a “known good state”; comprehensive hardware assists for I/O-device virtualization; near-native I/O performance with improved security and reliability; Intel Advanced Vector Extensions offer up to 46% performance boost on floating-point intensive workloads; Intel Advanced Encryption Standards-New Instructions accelerates data encryption/decryption by up to 58% versus previousgeneration servers. Vendor description: ThinkServer TS430 single processor tower server combines the latest generation Intel Xeon E3-1200 v2 performance and powerful manageability tools to deliver a scalable and highly reliable server solution for small businesses. This feature-rich server is an ideal fit for demanding retail deployments, back office apps, file collaboration and/or running LOB applications. ThinkServer RD430 rack server delivers world-class power efficiency, proven Xeon E5-2400 performance and an extensive set of standard features. It’s ideal where there’s a requirement for a powerful, highly scalable 2U rack server for companies on a budget. In addition, the RD430 includes Think reliability, built-in redundancy, vault-safe data protection and lightningfast data performance. In addition to exceptional hardware that is well matched to demanding environments, Lenovo offers Services for Small Business. Our comprehensive portfolio of award-winning services offers flexible options to support the specific needs of the small and medium business. Lenovo can support all stages of business – from financing to disposal – to keep your data safe and your business productive. Lenovo also offers ThinkServer tools. ThinkServer EasyStartup assists with server installation and configuration. ThinkServer EasyUpdate keeps the system firmware current to avoid unnecessary outages. ThinkServer EasyManage provides essential hardware management capabilities. ThinkServer Smart Grid Power Management delivers policy-based power management controls and sophisticated monitoring. Reseller sources: Lenovo Canada’s SMB server products can be sourced from Hartco, Ingram Micro, Tech Data, Supercom and Synnex. Spec highlights: ThinkServer TS430 Single Processor Tower Server: fast performance with latest Intel Xeon E3-1200 v2 processors; scalability with new 3TB SATA and 900Gb SAS choices; improved RAID protection with new ThinkServer RAID 700 adapter and battery backup; greater I/O choices with new quad port Ethernet adapter; new component choices like Parallel Ports, High Speed USB 3.0 and serial ports; expanded operating system support with Microsoft Multipoint Server. ThinkServer RD430 Rack Server: Intel Xeon E5-2400 series; highly scalable with up to 16 hard drives support; up to 36TB internal SATA storage or 7.2TB internal SAS storage; standard premium features: onboard diagnostics, EasyManage toolsuite, and web-enabled remote management; Lenovo ThinkServer TS430 open standards and protocols for easy integration into existing network; power efficiency with single processor tower server available Smart Grid Power Management technology.
March/April 2013 | 16 |
The Canadian Channel Standard
SMB-READY TECHNOLOGY Vendor description: To address the growing requirements of small and mid-size businesses, HP offers two HP ProLiant Gen8 rack servers and a blade server with the Intel Xeon processor E5-2400 product family. HP ProLiant DL360e Gen8 is a rack-optimized one-rack-unit (1U) server that’s quality design meets the needs of SMBs with enterprise-class manageability, serviceability and energy efficiency features. HP ProLiant DL380p Gen8 is a cost effective, all-inclusive, rack-optimized server that is utilized for SMB client virtualization reference architectures and is engineered to extend the life of a data centre with reliability, accessibility and serviceability. HP ProLiant BL420c Gen8 is a blade server that spans everything from single application support to small deployments to essential enterprise workloads, making it ideal for mid-market and cost-sensitive enterprise customers. Reseller sources: The HP ProLiant Gen8 platforms are available through HP and worldwide channel partners, including CDW and Nth Generation.
SMB-READY TECHNOLOGY: SERVERS
Spec highlights: HP ProLiant DL360e Gen8: Processor: 2 or 1 Intel Xeon E5-2400 product family processors available in 8, 6, or 4 cores; Memory: 384GB max, 12 DIMM slots, DDR3 RDIMM, LRDIMM, or UDIMM depending on model; Network Controller: 1Gb 366i Ethernet HP ProLiant DL360e Gen8 rack server Adapter 4 Ports per controller; 2 max expansion slots; Maximum drive bays: (8) SFF SAS/SATA/SSD or (4) LFF SAS/SATA/SSD Hot plug depending on model; Storage Controller: Dynamic Smart Array B320i or Dynamic Smart Array B120i or Smart Array P420 depending on model; Deployment: 1U, iLO Management Engine, Insight Control. HP ProLiant DL380p Gen8: Processor: 1 Intel Xeon E5-2609 (4 core, 2.40 GHz, 10MB, 80W); Memory: 768GB max, 24 DIMM slots, PC3L-10600R-9 (Low voltage DIMM); Network controller: 1Gb 331FLR Ethernet Adapter 4 Ports; 6 expansion slots; Maximum drive bays: (16) SFF SAS/SATA with optional second drive cage; Supported drives: Hot plug SFF 2.5-inch SAS; Hot plug SFF 2.5-inch SATA; Hot plug LFF 3.5-inch SAS; Hot plug LFF 3.5-inch SATA; Hot plug SFF 2.5-inch SSD; Storage controller: Smart Array P420i/ZM; Deployment: Rack (2U), iLO Management Engine, Insight Control (optional). HP ProLiant BL420c Gen8: Processor: 2 or 1 Intel Xeon E5-2400 product family processors available in 8, 6, or 4 cores; Memory: 384GB max, 12 DIMM slots, DDR3 LRDIMMs, RDIMMs, LVDIMMs, and UDIMMs; Network Controller: (1) 10Gb 554FLB FlexFabric Adapter 2 Ports, (1) 1Gb 361FLB Ethernet Adapter 2 Ports; two (2) PCIe 3.0 (1x81x16) maximum expansion slots; Maximum drive bays: (2) SFF SAS/SATA/SSD hot plug; Supported drives: Hot plug 2.5-inch SAS, Hot plug 2.5-inch SATA, Hot plug SFF 2.5-inch SSD; Storage Controller: (1) HP Dynamic Smart Array B320i, (1) Smart Array P220i/512MB FBWC; Deployment: 8 (c3000), 16 (c7000), iLO Management Engine, Insight Control.
Vendor description: Cisco is committed to the SMB market. We believe in providing architecture-based, purpose-built, low-cost and easy-to-deploy solutions designed for the SMB IT environment, such as our Cisco UCS C22/C24 M3 and C220/C240 M3 rack servers. It’s equally important to note that designing server products should not be an isolated project. An architectural approach is required when planning these solutions because the network and Internet that surround these servers are equally important as the servers themselves. Isolated deployments can lead to isolated capabilities. The UCS C22/C24 and C220/C240 products offer a cost-effective, easy to install, easy-tomanage server base for the SMB market space. Unified Fabric provides consistent traffic patterns, with guaranteed CoS/QoS, and security port profiles reduce overall network management points and leverages the network to offload all networking functions back onto the network. This frees up CPU cycles on the server to do what the server was intended to do - run more applications. Reseller sources: Resellers can source the UCS C22/C24 and C220/C240 M3 Rack Servers through Cisco’s distribution partners Ingram Micro, Tech Data, Avnet, Comstor, Visitec, Hartco and D&H. Spec highlights: Cisco UCS C22/C24 and C220/C240 M3 Rack Servers: 10-Gbps unified network fabric; virtualization optimization; unified management; Intel Xeon processors (E5-2600 and E5-2400 product families); high-capacity, flexible internal storage; RAID 0, 1, 5, 6, 10, 50 and 60 support; Cisco UCS C-Series Integrated Management; 5PCIe “Generation” 3.0 slots; integrated quad-port Gigabit Ethernet; trusted Platform Module (TPM); Cisco Flexible Flash (FlexFlash).
March/April 2013 | 17 | The Canadian Channel Standard
Cisco UCS C24 M3 rack server
SMB-READY TECHNOLOGY Continued from page 17 Vendor description: Dell 12G servers offer increased performance – and greater memory and storage capacity – to help run applications faster than previous generations of servers. The PowerEdge R620 two-socket, 1U rack server provides a great combination of high performance and enterprise features in a small form factor. Its high-density design makes it attractive to SMB customers who are implementing virtualization or looking for application performance but are sensitive to data centre space considerations. The R620 delivers balanced performance, memory, and I/O in a 1U form factor. High reliability and leading performance coupled with easy lifecycle manageability and innovative server management tools make this a server of choice for SMB customers. Reseller sources: Resellers enrolled in the Dell PartnerDirect channel program can source Dell Server solutions from their Dell Commercial Channel sales team.
SMB-READY TECHNOLOGY: SERVERS
Spec highlights: Dell PowerEdge R620: Form factor: 1U rack; Processors: Intel Xeon processor E52600 product family (Processor sockets 2); Memory: up to 768GB, 24 DIMM slots, 2GB/ 4GB /8GB /16GB /32GB DDR3 up to 1600MT/s; I/O slots; 2 PCIe slots or 3 PCIe slots configuration options -10-drive-bay configuration is available only with the 3 PCIe slot option; Drive bays: up to ten 2.5” hot-plug SAS, SATA, or SSD or up to four Dell PowerEdge R620 rack server hot-plug 2.5” SAS, SATA, or SSD + two PCIe SSD; Hard drives: hot-plug hard drive options - 2.5” PCIe SSD, SAS SSD, SATA SSD, SAS (15K, 10K), nearline SAS (7.2K), SATA (7.2K), self-encrypting drives available; RAID controller: internal controllers - PERC S110 (SW RAID) PERC H310, H710, H710P, external HBAs (RAID) - PERC H810, external HBAs (non-RAID) - 6Gbps SAS HBA; Embedded NIC: multiple Intel and Broadcom configuration options are available; Power supply: auto-ranging Titanium efficiency, hot-plug redundant 750W AC power supply or auto-ranging Platinum efficiency, hot-plug redundant 495W, 750W or 1100W AC power supply or 1100W DC power supply; Remote management: iDRAC7 with Lifecycle Controller, iDRAC7 Express (default), iDRAC7 Enterprise (upgrade option), 8GB vFlash media (upgrade option), 16GB vFlash media (upgrade option); Systems management: IPMI 2.0 compliant, Dell OpenManage Essentials and Dell Management Console, Dell OpenManage Power Center, OpenManage Integration Suite for Microsoft System Center, Dell plug-in for VMware vCenter, HP Operations Manager, IBM Tivoli Netcool, and CA Network and Systems Management. Vendor description: PureFlex, part of the PureSystem family of products, is well suited to the SMB market. PureFlex System is a fully integrated system with unified management of compute, storage, networking and virtualization resources that utilize built-in patterns of expertise based on IBM’s decades of experience and thousands of client deployments. The PureFlex System includes compute, storage, systems management, and networking components. These components are pre-configured, pre-integrated to make up three editions of the PureFlex System offerings to meet your IT infrastructure needs: Express, Standard, and Enterprise. PureFlex is integrated so SMB customers can purchase pre-integrated products and have the compute, storage and networking systems software needed to run all their business applications. Management of the systems can be automated so the IT department can focus on high value work for the business. Reseller sources: Through distributors including Tech Data, Ingram Micro, Arrow, and Avnet, as well as through direct response channel partners like CDW and Softchoice. Spec highlights: IBM PureFlex System Express: IBM Flex System Compute Nodes offer a broad selection of POWER-processor and Intel-processor compute nodes; IBM PureFlex System 42U rack and IBM Flex System Enterprise chassis; 1 integrated 10 Gb networking switch; 1 integrated 8 or 16 Gb fibre channel switch; IBM Flex System Manager with one year of service and support; Power supplies (std/max) 2/6; 80 mm fans (std/max) 4/8; 2 chassis management modules; Integrated IBM Flex System V7000 Storage Node (redundant controller); IBM Flex System V7000 Storage Node Software: base with one-year software maintenance agreement; IBM PureFlex System Services: 9x5 hardware warranty with one microcode analysis services annually. IBM PureFlex System Standard: IBM Flex System Compute Nodes offer a broad selection of POWERprocessor and Intel-processor compute nodes; IBM PureFlex System 42U rack and IBM Flex System Enterprise chassis; 1 integrated 10 Gb networking switch; 2 integrated 8 or 16 Gb fibre channel switch; IBM Flex System Manager including advanced option with three-year service and support; power supplies (std/max) 4/6; 80 mm fans (std/max) 6/8; 2 chassis management modules; Integrated IBM Flex System V7000 Storage Node (redundant controller); IBM Flex System V7000 Storage Node Software: base with three-year software maintenance agreement; IBM PureFlex System Services: 24x7 technical support with one microcode analysis annually, and 9x5 account advocate services.
March/April 2013 | 18 |
IBM PureFlex 42U system
The Canadian Channel Standard
4FMV_PR
01001001 01100110 00100000 01111001 01101111 01110101 00100000 01100011 01100001 01101110 00100000 01110010 01100101 01100001 01100100 00100000 01110100 01101000 01101001 01110011 00101100 00100000 01101111 01110101 01110010 00100000 01100011 01101100 01101001 01100101 01101110 01110100 01110011 00100000 01100001 01110010 01100101 00100000 01110011 01100101 01100001 01110010 01100011 01101000 01101001 01101110 01100111 00100000 01100110 01101111 01110010 00100000 01111001 01101111 01110101 00101110 If you can’t read this, we’ll connect you to the people who can.
4fmv.ca
The right candidates. The right opportunities.
4FMV_PRINT.indd 1
12-09-14 12:44 PM
GLOBAL VIEWS
SINGLE-SIGN-ON SOLUTIONS FOR THE CLOUD With new single-sign-on solutions, vendors have created secure gateways for a mixed environment of cloud and on-premises applications BY ELLEN MURASKIN
B
ack in the days of brick-and-mortar workplaces, client access to server-based applications took place over the LAN. With Active Directory or LDAP, an IT administrator could configure customized access rights for each employee, and with that, let them run all the applications to which they were entitled with one Windows signon and password at boot up. It wasn’t quite so hard, back then, to make sure that the person signing on was who he or she claimed to be. After all, they would have to swipe their badges or wave to the receptionist at the door, and if Jane Doe was sitting at John Smith’s PC, someone was likely to notice. Then came the cloud, and the securable perimeter went away. With workers running SaaS applications in spare bedrooms and coffee bars, on devices the company might not even own or control, IT admins came to realize that an authentication gateway inside the firewall could be literally out of the loop. Enter single-sign-on-as-a-service vendors, which move that gatepost into the cloud as well, providing a portal and a sentry point to a mixed environment of cloud and on-premises applications, and saving users from having to remember many different passwords in the process. A user ID and password is often insufficient to prove identity in the worldwide workplace. Some single-sign-on (SSO) vendors, including Okta Inc. in San Francisco and Scorpion Software Corp. in Chilliwack, British Columbia, use multifactor authentication to grant access, combining a password—or replacing it—with a one-time use code that’s sent to a smartphone app at the time of access request. Eric Berg, Okta’s vice president of product sales, admits that the major SaaS vendors, including Microsoft and Google, have offered their own APIs and toolkits to use when integrating, say, Office 365 or Google Apps with an on-premises Active Directory server. But if you have four or five SaaS providers, you have to do this separately for each in four or five parallel integrations, with perhaps different protocols and no all-inclusive way to set policies. Besides, your SaaS applications now rely on the availability of your on-premises Active Directory server—not a bulletproof business continuity plan.
March/April 2013 | 20 |
MULTIFACTOR AUTHENTICATION Okta and other SSO providers, in contrast, aggregate all those SaaS integrations on their back end, so granular, configurable access to these applications can be performed from one admin dashboard. Keeping those integrations current with all the other vendors becomes their concern, not yours. Administrators can control the level of authentication required (two-factor or simple password, for example) by application, and restrict access by IP address or time of day. Okta’s own Active Directory integration can propagate AD policies through on-premises and cloud servers. The service comes with a catalogue of integrations to common SaaS applications. At this point, Okta’s channel model is purely based on referral and revenue share; the company charges from $5 to $10 per month per user license, based on the number of SaaS applications protected. Berg says that MSP implementations should follow over time, with resellers administering one central console for multiple-tenant customers. At Scorpion Software, resellers must purchase, install, and use the company’s AuthAnvil SSO server on their own networks first. CEO Dana Epp notes that resellers, more than anyone, “understand the value of having one login. They log into the networks of 100 different customers across the Internet.” A typical user, Epp says, is an MSP whose customers are retail or restaurant chains: PCI compliance against the threat of credit card hacking calls for strong, two-factor authentication and detailed logs of who accessed what data and when. Resellers generally work the subscription fee of AuthAnvil into a larger managed service offering. “They might use two-factor authentication and single sign-on to lock down a virtual desktop solution,” for example, says Epp. “This lets their customers use their iPads to log into sensitive data with Citrix. They’ll sell them a Citrix solution, and because AuthAnvil supports Radius [a server for remote user authentication], you can use that to protect Citrix. That same [secured identity] token can be used to sign in to their data at work and to Google Apps.” This feature is published with the permission of our U.S. partner, ChannelPro SMB (http://www.channelprosmb.com). All rights reserved. The Canadian Channel Standard
GLOBAL VIEWS
THE ‘POST PC’ THREAT LANDSCAPE —WHAT YOU NEED TO KNOW Cybercrime is becomes mainstream as attackers put more focus on targeting Android OS, social media platforms, and Mac OS X BY COLLEEN FRYE
T
he cyber-threat landscape officially moved to the “post PC” era in 2012, according to the latest reports from security provider Trend Micro Inc., with cybercriminals targeting the Android OS, social media platforms, and the Mac OS X with new attacks. Trend Micro also says attackers have adopted more professional software development practices, and 2012 was the year of Advanced Persistent Threats (APTs). The growing mobile threat is clear. Trend Micro detected 350,000 malware threats targeting the Android in 2012, up from 1,000 at the start of the year. Moreover, it only took three years to reach this volume of threats against the Android vs. 14 years for the PC. Trend Micros is projecting that the number of Android threats will rise to 1 million in 2013. The reports, 2012 Annual Security Roundup: Evolved Threats in a “Post-PC” World and 2012 Mobile Threat and Security Roundup: Repeating History also found that more than 70% of all Android malware belongs to a few malware families, most of which were either premium service abusers, which subscribe users to various “services” that add to their bills, or high-risk apps that violate user privacy by acquiring sensitive data without asking for explicit consent. Channel pros take note: Only 20% of Android device owners use a security app, according to the report. A contrast that Trend Micro’s CTO, Raimund Genes, points out is the difference in attackers’ intent. “In the PC world when we first saw malware it was not about making money, it was just making fun—to highlight security risks, to make fun of Microsoft.” That changed around 2004, he says, but from the very first day of threats against the Android, in 2010, “it was already about making money. It only took three years for cybercrime to become mainstream.” In the mobile threat report, Trend Micro also makes some predictions about the future of Android malware, as the popularity of the platform continues to grow: new delivery
methods that exploit the ability to sync social networking accounts, combined mobile-desktop threats, more variety of devices in the workplace leading to more threats, more sophisticated threats, and new targets, such as malware that focuses on new payment methods like near-field communications (NFC) to steal financial information. Also in the report, Trend Micro cites that Java supplanted pure Windows-based threats in 2012, leading to the first widespread attack against the Mac, among other things. And social media platforms are under greater attack, with “users putting themselves at risk by oversharing on them, and their legitimate services being co-opted to support cybercriminal activities,” according to the company. With a fast-changing IT landscape and the BYOD trend, companies need to rethink their security investment and infrastructure, Genes says. “They need to catch up from a security point of view. Users have more devices, there are more platforms, they are very dynamic, and [users] are willing to share content of their private lives and they see those devices as private even if they handle business.” “Companies, no matter the size, have to accept that a certain amount of their computers will be compromised,” Genes continues. “The task for the security guy is to detect a compromised system.” In the past, he adds, the security defense was to try to keep everybody out. Now, he says, with mobile devices and a young workforce the environment is very dynamic, “so you have to control the flow of data and recognize when something strange is happening.” SMBs in particular, notes Genes, will find it difficult to scale and run a sophisticated security system, and he recommends looking to a reliable partner with a SaaS solution. This feature is published with the permission of our U.S. partner, ChannelPro SMB (http://www.channelprosmb.com). All rights reserved.
March/April 2013 | 21 | The Canadian Channel Standard
GLOBAL NEWS
NEW ITEMS FROM CHANNELPRO SMB Ingram Micro to distribute GLOBO mobile management solutions Mobility management innovator GLOBO has signed a distribution agreement with IT distributor Ingram Micro Inc. Under the terms of the agreement, the Ingram Micro Mobility division will provide GLOBO’s mobility for SMBs to authorized dealers and partners in North America. Ingram Micro Mobility will act as a distributor for GLOBO’s new product, GO!Enterprise—Enterprise Mobility in a Box (GO!Enterprise BOX). “We’re committed to offering products to our reseller customers that provide them with ever-expanding opportunities for success in a competitive marketplace,” says Ingram Micro Mobility president Bashar Nejdawi, “and GLOBO’s portfolio of mobile solutions is an excellent addition to our mobile offering.” GO!Enterprise BOX provides SMBs with up to 150 devices to securely run and manage their BYOD mobile workforce through the GLOBO cloud infrastructure. “Everything required for Enterprise Mobility Management is provided literally ‘out of the box’ and is hosted in the cloud,” states an Ingram Micro press release. The solution includes hosted Microsoft Exchange accounts, cloud hosting, and file storage as well as GO!Enterprise office productivity and collaboration apps, an integrated development studio for creating customized apps, and an Enterprise Mobility
Management console to manage and protect corporate assets. GO!Enterprise BOX is designed to be a plug-and-play solution that requires zero IT resources or specialized technical knowledge. Available on a pay-as-you-go annual licensing model, GLOBO aims to minimize upfront costs. “Enterprise mobility is a strategic initiative for organizations of all sizes,” says GLOBO CEO Costis Papadimitrakopoulos, “and our product strategy is designed to deliver to the widest range of customers exactly what they require.”
Sepaton’s latest data protection platform offers ‘Encryption of Data at Rest’ Marlboro, Massachusetts-based backup and recovery solutions provider Sepaton Inc. has made available its S2100-ES3 series 2925 backup appliance with version 7.0 software. The data protection platform features new processing nodes and enhanced multiprotocol network connectivity options to nearly double data ingest performance to up to 80 TB/hour compared to predecessor models. Improved high-performance compression cards are designed to deliver both compression and encryption of data at rest in a unified pipeline without slowing performance. “This product is specifically designed to address the challenges facing today’s SMB and government data centres,” says Sepaton CEO Mike Thompson. “This includes explosive data growth, budget constraints, costly data centre complexity, and increasing risk.” The new Sepaton product is designed to deliver the performance needed to meet stringent backup windows with flexibility to adapt
March/April 2013 | 22 |
to changes in IT infrastructures and security encryption of data at rest. Many SMBs and government agencies have deployed separate encryption for different types or sources of data. For some, this creates an increasingly complex and costly multi-vendor key management environment. Sepaton is looking to simplify this arrangement with its new “encryption of data at rest” capability, which integrates industry standard interoperability protocols for encryption key managers (EKM) to simplify encryption key management and reduce operational costs. The new Sepaton product integrates with EKMs that are compliant with industry-standard Organization for the Advancement of Structured Information Standards (OASIS) Key Management Interoperability Protocol (KMIP), enabling SMBs and government agencies to take advantage of interoperability across encryption and key management systems. Seaton’s S2100-ES3 series 2925 backup appliance with version 7.0 software features HP ProLiant DL380p Gen 8-based processing nodes, Intel Xeon E5-2690, 8-core dual-CPU 2.90GHz, and 128-GB RAM DDR3 memory. With advanced encryption, deduplication, and replication features, it is built for large data volumes. Enhanced connectivity options, including four 8GB fibre channel connections, two 8GB fibre channel connections to storage, two 10GB Ethernet, and four 1GB Ethernet connections provide faster ingest performance and multiprotocol support.
The Canadian Channel Standard
GLOBAL NEWS Sepaton S2100-ES3 with version 7.0 software is immediately available. List pricing for the S2100-ES3 Series 2925 starts at $355,000 (USD).
Healthcare vertical gets a mobile tablet option Health monitoring connectivity solutions provider ConnectedHealth is looking to provide the healthcare vertical with mobile solution for today’s medical needs. Its Nursing Manager Application (NMA), paired with its Secure Medical Tablet provides an automated method for collecting medical information from patients. The ConnectedHealth NMA automates the capture of data from medical such devices as glucose meters, weighing scales, blood pressure monitors, and pulse oximeters via Bluetooth technology. In a typical deployment example, ConnectedHealth’s NMA would be used in a nursing centre or nursing home that has one nurse taking measurements for multiple patients. Running on ConnectedHealth’s Android Medical Tablet, the NMA provides a robust and secure platform to ensure patient security and privacy. The system supports advanced biometrics and a secure boot environment, providing a mechanism for clinicians to safely and securely capture and store critical patient information. The NMA supports Continua-compliant devices as well as proprietary devices. According to ConnectedHealth CEO Mike Holt, the eHealth platform “improves patient outcomes and reduces health care costs.” He adds, “With our new secure tablet-based nursing manager application, nurses can ensure patient measurements are automatically and securely transferred to hospital health care systems for access by care givers.” Using the Nursing Manager Application, clinicians/nurses can: • Automatically capture data from medical devices and transfer the data to the ConnectedHealth eHealth Platform. • Review historical data utilizing a standalone ConnectedHealth
Dashboard application. • Register patient details and capture a patient image and biometric data. • Validate nurse/clinician access using two-factor authentication (finger print and NFC card). • Utilize finger print recognition to validate patient identity prior to capturing data. ConnectedHealth’s NMA and Secure Medical Tablet are available now. Pricing for the Secure Medical Tablet with NMA begins at $500, with a monthly software subscription fee.
SolarWinds announces a server and application monitor update IT management software developer SolarWinds has announced the forthcoming release of its Server & Application Monitor (SAM), which is at the heart of the company’s full suite of systems and application management products. Designed to deliver agentless performance and availability monitoring, alerting, and reporting for over 150 applications and server types, the latest version of SolarWinds SAM will now enable server and application management directly from the product’s Web console. Remediation capabilities include starting and stopping services, killing rogue processes, and rebooting services, among others. Other new and updated features in SolarWinds SAM include: • Server hardware health monitoring support for popular blade chassis (including HP C7000, HP C3000 and Dell M1000e). • Native Windows Volume Mount Point monitoring. • Storage volume performance metrics used in finding server issues caused by latency, queued disk I/O, and high IOPS. • Windows Server network performance monitoring for bandwidth usage and errors. • Extended integration with System Center 2012 through updated SolarWinds Management
Pack for System Center Operations Manager. • Improved MSP support to include new remote pollers, providing increased deployment flexibility to support distributed environments and MSP-style architectures. SolarWinds SAM is one of nine key products in the SolarWinds systems and application management product portfolio. Together, these products are designed to address the troubleshooting, patch management, and performance monitoring needs of channel pros and SMBs. In 2012, SolarWinds expanded its systems and application management portfolio by adding SolarWinds Web Help Desk and SolarWinds Serv-U
Managed File Transfer Server. It also released new versions of SolarWinds Web Performance Monitor, SolarWinds Virtualization Manager, SolarWinds Patch Manager, SolarWinds Log & Event Manager, SolarWinds Storage Manager, and DameWare Remote Support. “As new IT challenges, budget, and staffing limitations place an increasingly high demand on IT professionals to meet business objectives while doing more with less,” says Denny LeCompte, SolarWinds’ senior vice president of product strategy, “we have enhanced our systems and applications solutions, offering an affordable alternative or complementary solution for existing structures. SolarWinds Server & Application Monitor starts at $2,995 and includes a year of maintenance. This feature is published with the permission of our U.S. partner, ChannelPro SMB (http://www.channelprosmb.com). All rights reserved.
March/April 2013 | 23 | The Canadian Channel Standard
ON LOCATION
KASPERSKY LAB 6TH ANNUAL NORTH AMERICAN PARTNER CONFERENCE Kaspersky Lab bolsters channel marketing initiatives for 2013 BY KEVIN PRIDDLE
In addition to the sweet aromas of tropical flowers and the Caribbean Sea, there was a distinct scent of vim and vigour in the air at the recent Kaspersky Lab North American Partner conference held February 7 – 10 in Cancun, Mexico. The excitement stems from the January 30 launch of the company’s new flagship corporate security platform Kaspersky Endpoint Security for Business (KESB) – one of the biggest product launches in the company’s history – and a refreshed channel marketing strategy announced in Cancun. “We’ve taken a big step forward in terms of the breadth of the portfolio and types of solutions that our partners can now bring to their customers,” Chris Doggett, SVP of corporate marketing told The Standard in an interview. “We’ve restructured and reoriented what we’re doing in Canada [and across North America] and we’re very focused on a partner-led strategy. We’re prepared to step up and give the channel a lot of support, commitment and resources.”
Reconstruction and reorientation As part of its reconstruction strategy to support the KESB launch, Kaspersky has redrawn the map of its North American sales territories and created five new regions, each with its own uniform sales team and marketing approach. “In the past we had a lot of overlap and it was really March/April 2013 | 24 |
confusing because [the sales territories] had grown up organically,” Doggett says. “So we went through this process of normalizing and really made them uniform so [channel partners] know exactly who their sales team is.” In addition to redefining the map, Doggett says The Canadian Channel Standard
ON LOCATION
Kaspersky has made significant investments in the number of sales and support staff who work with channel partners. “We’ve been expanding our channel team to meet and deliver on the growth that we’ve been seeing with our partners,” he says. “We’ve added a number of people to the inside channel management team, specifically our ICAM team, because they’re in a position to handle a high volume of requests and provide a lot of support to our partners.” The company has also created a new SLED (state and local government and education) team to focus on expanding opportunities for partners in the public sector and has reinforced its VAR and LAR teams with new talent.
Partner-led By shifting more resources towards inside sales, Kaspersky will move forward in 2013 with a renewed focus on partner-led go-to-market sales plans. “In Canada we’ve had tremendous success with some key partners in terms a partner-led strategy,” Doggett says. “What we’ve found is that our Canadian customers typically have a really close relationship with and a lot of trust in the solution providers they work with. “Customers are going to be much more apt to go and to make decisions based on the recommendations they get from our partners in the region than they are from somebody knocking on their door or calling from our company,” he says. “That partner-led approach has been really successful for us.”
New marketing resources At the partner conference, Gary Mullen, Kaspersky’s VP of corporate marketing in North America, outlined a 52week marketing campaign to back the new flagship KESB solution, which includes videos, e-books, whitepapers, online and offline creative ads, email marketing, web banners, and other demand generation assets. “We expect the partner to actively sell Kaspersky to their prospects and bring business in, but we also fully understand that the way to grow our business is for us to do our own campaigning because we can do it at a much larger scale than most of our partners can,” says Mullen. “Where we think we can really grow our business and have an impact is in the mid-market space, so that’s where we’re going to target a lot of our demand-gen assets.” Jon Whitlock, director of channel marketing for North America, says Kaspersky will really focus on creating co-brandable marketing collateral that goes beyond just inserting a partner’s logo into the material. “We’re taking those marketing assets and making those available in different formats for our partners,” Whitlock says. “There are a couple different options for [partners] to create material with much more of their own
Chris Doggett, SVP of corporate marketing, Kaspersky Lab North America
look and feel and messaging.” As part of Kaspersky’s 2013 focus on digital marketing, Mullen and Whitlock say they are also running a pilot project with a marketing automation system called Zift123. The platform enables channel partners to automate email blasts, newsletters, AdWords, event invites and other online marketing campaigns in an easy-to-use and customizable format. “My goal is to get through the pilot project this quarter so that we can begin to look at opening it up [to all partners],” Whitlock says.
March/April 2013 | 25 | The Canadian Channel Standard
Continued on page 26
ON LOCATION In addition to new marketing assets Kaspersky has also introduced a new MSP partner program, launched a new partner portal, launched a new SPIFF platform, and introduced deal protection, margin retention and pricing controls.
2013: a year for growth
Gary Mullen, Kaspersky’s VP of corporate marketing, Kaspersky Lab North America
Kaspersky has an aggressive target to grow over 25% to 30% in the next 12 months, according to Doggett. “I think we’ve got everything lined up right now to do that,” he says. “We’ve got the right partners, the right products, the right velocity, the right investments, and the right people. It’s all about executing for us now, it’s about putting in the time and executing on this plan.” “We’re very focused on partner growth, so if we’re a fit for you, you should definitely talk to us and if you’re already working with us then you should be talking to your channel manager about what more we can be doing in 2013.”
CASE STUDY Continued from page 10
enlisted partners—state agencies that in many cases found their own partners, as well as certifiers and device vendors. As Nadhamuni explained, a whole industry was created around the enrolment process. For backend management, the Aadhaar team developed an open system platform, based on SQL and Mongo databases that also make use of Hadoop, a Linux operating environment, Java programming and commodity blade servers. Biometric matching, which is a huge challenge given enrolment numbers, is accomplished in a data centre facility that is less than 5,000 square feet. To provide a sense of the magnitude of the project, Nadhamuni noted that “350 million people have been enrolled, 1 million are enrolled every day, and there are 14,000 enrolment stations across the country.” For each new enrolment, the entry has to be matched against the existing 350 (and growing) million records. Security and privacy of the Aadhaar system was ensured through a number of strategies and policies. Entries were assigned a random number and no other identifier, data was encrypted at source by the enrolment client, all data packets were biometrically
signed by the device operator, no raw data was stored and data decrypted only when needed, and data was partitioned across what Nadhamuni called “multiple security zones.” In terms of authentication, the system provided for a “Yes/No” response only, ASA (Authentication Service Agency) and AUA (Authentication User Agency) protocols were used at the network perimeter, and the system was designed to support a federated authentication model. Currently, Aadhaar has an RFP out for a GRC provider. For Nadhamuni, the ID technology has a human anti-poverty goal. It is a means of using technology to draw people out of poverty - of crossing the “digital divide.” As an example, he noted that the system was built on a federated model to allow multiple applications, such as the inclusion of the financial industry. Private companies can build on top of the ID platform, he explained, layering on an ATM card ID to eventually introduce new levels of convenience for users. He described the plight of the fictional character “Ram” who currently may have to walk 30 kilometres to reach the offices of the National Rural Employment Guarantee Scheme to
March/April 2013 | 26 |
Srikanth Nadhamuni, CEO of Khosla Labs
face line-ups so long that the office closes before he’s able to collect his salary—and has to walk home to deal with a usurious village money lender! With an automated ID and a mobile phone or micro ATM in the village, Ram could be authenticated remotely and the transaction carried out digitally, and money paid out—without the 30 km exercise.
The Canadian Channel Standard
http://channelstandard.itincanada.ca/
ARE YOU MISSING OUT? Please supply us the following information to allow us to provide another year of Free Subscriptions to The Channel Standard.
SUBSCRIBE
NOW!
Fax: 905-727-4428 Mail: 24-4 Vata Court, Aurora, ON, L4G 4B6 Email: circulation@itincanada.ca
NAME:
TITLE:
ORGANIZATION:
ADDRESS:
CITY:
COUNTRY:
PROVINCE:
POSTAL CODE:
E-MAIL ADDRESS:
PHONE:
WHICH FORMAT WOULD YOU LIKE TO RECEIVE YOUR COPIES?
SUBSCRIBE TO FREE WEEKLY E-NEWSLETTER?
Privacy Policy: we do not share or sell our mailing list
YES, PLEASE
DIGITAL
NO, THANKS
RESEARCH FEATURE
THE MEDIA AND THE MESSAGING Everyone pushes messages at prospective customers – but where do customers look for information? BY MICHAEL O’NEIL
O
ne of the most intriguing changes in business practices – within, around, and enabled by the IT industry – has been the shift in marketing tactics used to attract, engage, educate and qualify potential customers. Over the past 20 years, we have gone from an environment where most communications went through (and was filtered by) traditional media to an environment where messages are delivered through multiple channels: directly and indirectly through corporate websites, through email marketing campaigns, through social media, and through downloadable analyst reports and case studies, as well as through trade and business media outlets.
In some ways, this has been a boon for marketers and buyers alike: marketing professionals now have many different ways of creatively framing market messages and influencing buyer perceptions and activities, and buyers have access to a much wider span of information and information sources. It can also be argued, though, that the polyphony resulting from these seemingly-endless options makes it difficult for suppliers to present a coherent story – especially if they are trying to sell something that is complex, like enterprise IT products and services – and that it is similarly difficult for buyers to source consistent, credible information that supports a detailed business decision. IT Market Dynamics worked with research firm AskingCanadians to Figure 1. How would you describe the importance investigate buyer information input of the following information source preferences. By polling roughly 100 IT in Canada subscribers, we were able to identify the sources that IT-responsible managers use in their decision-making processes.
Overall benefit of sources The first issue that we investigated was “how would you rate the importance of the following information sources to your IT understanding and decision-making process?” The question considered 13 different sources. As is shown in Figure 1, information from IT vendors, from IT news websites, and from IT trade magazines rate highest as “essential” or “important” sources. ‘Depth’ communications – case studies and research reports from analyst firms – are also highly ranked, while general news media, including general business magazines and daily newspapers, rank low in terms of importance to IT decision makers. This is an interesting finding, because many IT suppliers are using these businessfocused media outlets to appeal directly to business decision makers (BDMs); the research shows that this tactic should March/April 2013 | 28 |
The Canadian Channel Standard
RESEARCH FEATURE Figure 2. Importance of information sources in IT understanding and evalution
this shows that different buyers rely on different sources (or different combinations of sources). The message in the figure isn’t that research reports are important, and social media is not – it’s that marketers need to feed multiple sources in order to appeal to the full range of ITMDs.
Summary observations
be supplemented by direct information from the vendor, through the IT trade press, and/or with analyst reports and case studies if it is to connect with the needs of the IT decision makers (ITDMs) responsible for rolling out IT solutions. What role do these sources play? We expanded on the information gathered through the first question by asking respondents about the role that these sources play in IT understanding and evaluation. As Figure 2 demonstrates, the research found that 95% of Canadian ITDMs use Canadian trade magazines in understanding/evaluating IT, with a majority of these considering Canadian trades to be “important to IT understanding and planning.” Interestingly, while social media feeds (for example, the information available through LinkedIn) have only moderate overall impact that Canadian or U.S.-based trade magazines, they are viewed as “very important” by 14%-19%, indicating that these are a non-optional component of marketing strategy.
This last point is worthy, we think, of further expansion. Buyers see specific benefit in depth sources, and relatively less in ‘reach’ information sources – but they see some benefit in these broaddistribution sources, and by their nature, media like e-newsletters and social feeds reach more people than ‘rifle-shot’ deliverables like case studies. The art of marketing to the ITDM community is found in the ability to effectively combine reach and depth – to manage prospective customers through a process in which they are attracted through reach vehicles and engaged/educated through progressively more detailed offerings. Most VARs lack the marketing resources needed to manage the panoply of options covered by our research. But working in conjunction with their vendors, they should be able to address most of the stages in the process. In your next vendor review, it’s worth asking how the vendor is supporting the top of this funnel – and how they will support you in engaging with and educating customers as they progress towards a buy decision. Figure 3. Overall benefit of information sources
Overall benefit of information sources The research came at this issue from a third perspective as well, asking respondents to rate the value of the sources that they use on a 1 (low) to 10 (high) scale. The results to this question, shown in Figure 3, are perhaps the most fascinating results from the study. The most in-depth sources – research reports, case studies, and similar deliverables – are viewed as delivering the greatest overall benefit, as would be expected. However, news conveyed through social media, which was cited as a “very important” source in the previous figure, is rated lowest in terms of overall benefit. How do we reconcile these findings? The most important clue is found in the absolute scores for the eight sources listed in Figure 3. While research reports score highest and social media scores lowest, the spread between the top and bottom of the chart is relatively narrow. We believe that March/April 2013 | 29 | The Canadian Channel Standard
TRACKER NETWORKS
Len
SPECIAL BID PRICING UPDATE February special bid volumes remain flat over January 2013, but show 18% drop compared to the same period in 2012 BY JASON DOEL
T
he total volume of pricing promotions offered by manufacturers to the channel in February was essentially flat over the previous month of January 2013. The numbers do, however, represent a significant drop in total promotion volumes over the same month a year earlier (an 18% drop compared February 2012). What is interesting is that the number of manufacturers using special bids to offer price promotions is not declining. More vendors were active in February when compared to recent previous months and the same time period last year. At Tracker Networks, we continue to receive requests to add support for new manufacturers in the PriceTracker platform, with several added in the month of February alone. Looking at the detailed numbers behind the charts, we can see a continuing trend. There are a handful of large “high bid volume” hardware vendors that have decreased their use of special bids over the last year. They are still highly active in promotions and the top three vendors still account for >50% of volume in the channel. Because of their size, their drop has been large enough to mask increases in volumes in smaller vendors and the addition of new manufacturers to the practice of formalized bid programs. This trend is further evidenced by the growth in volume of software manufacturer promotions. February bid volumes for this group grew over the previous month by 6% and over the same time period a year earlier. Both the 6-month and 12-month trend lines for software bid volumes are strongly positive. Taken in combination, what we see at Tracker Networks is the continued growth of special pricing promotions as a business practice in the channel, with more vendor adopting formal processes in this area and most vendors increasing their monthly bid volumes. Much of this growth is, however, being masked by slowdowns in large hardware manufacturers. What is still unknown is if the drop in volumes for the large vendors represents a change in their business practices or a change in overall business activity. It will be interesting to watch this unfold in the coming months, especially with the busy “March Madness” period approaching. March/April 2013 | 30 |
len The Canadian Channel Standard
LenovoÂŽ recommends Windows 8 Pro.
lenovopartnernetwork.com/ca
LenovoÂŽ recommends Windows 8 Pro.
lenovopartnernetwork.com/ca