Category Archives for "Managed Services News"

Jan 20

Insured Losses from SolarWinds Hack Mount, But Could Be Worse

By | Managed Services News

The cost of breaches keeps going up at a rate faster than revenue growth for many companies.

The insured losses due to the massive SolarWinds hack now total $90 million and climbing.

That’s according to BitSight and Kovrr’s joint analysis of the financial impact of the SolarWinds breach to the insurance industry.

The SolarWinds attack is a cyber catastrophe from a national security perspective, the companies said. However, insurers may have narrowly avoided a catastrophic financial incident to their businesses. That’s because the insured losses haven’t spiraled out of control.

The insured losses include incident response and forensic services for companies impacted by this incident and that have cyber insurance coverage.

While the number of SolarWinds victims may grow in the following months, BitSight and Kovrr don’t expect the direct insured costs to change significantly.

To find out more about the insured losses from the attack, we spoke with Samit Shah, BitSight‘s director of insurance programs and partnerships.

Channel Futures: Could the insured losses from the SolarWinds hack been higher? Why are we not likely to see that $90 million figure increase much?

BitSight's Samit Shah

BitSight’s Samit Shah

Samit Shah: The $90 million figure could have been higher. However, some of the mitigating factors keeping it [from being] catastrophic were who it mainly affected and the impact/damage. While thousands of companies used the software across a wide variety of industries and geographies, it seemed, based on analysis on who was affected, that the focus was mainly federal government and several larger companies. The damage seemed to be more around espionage, and less around exposing personal records or causing business interruption. In the case of federal governments, they buy little to no coverage. And for larger organizations, while they [often] buy cyber insurance coverage, they tend to have high retention/deductibles.

The patch to the vulnerability was released quite quickly and publicly such that all affected organizations had a chance to quickly respond and limit the damage. [Hackers may] have laid other traps to gain access in the future. But the increased vigilance decreases the virality of the issue.

CF: What have we learned from the SolarWinds hack in terms of its impact on organizations and insured losses?

SS: The SolarWinds incident highlights the basic problem that organizations including federal entities such as the U.S. government face — reliance on a vast third-party supply chain, with limited visibility into the security posture of critical providers. Like many industries, a cyber hack has detrimental consequences. For the government, it’s not necessarily cyber insurance cost; instead, it’s the potential loss of intelligence and new costs with firewalling current networks, or, as some have suggested, rebuilding from square one.

CF: How could this hack have been much worse for the insurance market?

SS: [If the] threat actors were focused on exfiltrating data for the purposes of selling them or causing business interruption, then the situation could have been worse. They went in, found what they needed, took it, and went out trying to escape unnoticed so they could re-enter again in the future. Drawing attention doesn’t seem to have been their [modus operandi].

CF: Is the ongoing threat landscape worrisome for the cyber insurance market? If so, how?

SS: Insurers will likely be concerned that future supply chain incidents resembling SolarWinds may have widespread impact on their insured base.

CF: Is the SolarWinds hack likely prompting more organizations to obtain cyber insurance?

SS: This event, like all preceding well-known cyber events, should motivate organizations to take a harder look at their enterprise cybersecurity posture holistically, including vendor-driven exposure. Whether it is the board, senior management or the security team, cyber risk is very much an enterprise risk that needs to be managed through …

Jan 20

Cloud-Based CRM: What SMBs Need to Know about Backup and Recovery

By | Managed Services News

The cloud makes CRM more accessible to SMBs, but solutions must be layered with backup and recovery.

Until recently, big enterprises were the primary adopters of CRM technology. While this is changing as CRM technology is becoming more scalable and accessible to SMBs, here are three reasons SMBs only recently began widely adopting CRMs:

  1. Ability to spread out CRM costs 
    The costs to implement CRMs were traditionally quite high and included the cost of hardware, software, licenses, and additional investment to manage and maintain the applications. Now, many SMBs can spread these costs out over months or years.
  2. Less complexity in CRM implementation 
    CRM implementations used to be so complex that organizations had to deploy the application on several servers, and this involved a lot of configuration to get the system working properly. With cloud-based SaaS models, this process can be completed much faster and with fewer interruptions to an MSP’s team.
  3. Easier-to-maintain CRM environment with cloud hosting  
    With the advent of cloud and subscription-based pricing, CRM applications are hosted in the cloud, and small businesses can take advantage of a full-fledged CRM implementation with a pay-as-you-use pricing model (per user/per month cost).

With the adoption of CRM solutions by SMBs comes the challenge of ensuring data remains available to users. And while some CRMs, like Microsoft Dynamics 365, include some backup and recovery built-in already, they’re often not robust enough to provide the data security and recoverability standards most SMBs require to maintain SLAs.

The Cloud-Based Data Recovery Myth  

When it comes to CRM and SaaS data, many SMBs and MSPs make the mistake of assuming that data is secure when it’s housed in the cloud. Nothing could be further from the truth. Even in the cloud, your own employees could accidentally delete important client information or unknowingly click on a malicious email that lets a threat actor into your system.

Placing too much faith in a CRM or SaaS vendor to keep data safe is risky. As cyberthreats rise amid COVID-19 closures, MSPs must take greater measures to prevent IT service delivery disruptions to their clients.

Why Backup and Recovery Is Essential for Cloud-Based CRMs

Most organizations downplay the risk of not protecting their SaaS data, but one ransomware attack can change that. For this reason, critical customer experience data in Microsoft Dynamics 365 needs to be protected.

Data loss can occur due to various reasons:

  1. SaaS platform disruptions
    Microsoft and other SaaS vendors strive to keep their services up and running, but these online services occasionally suffer disruptions and outages. What’s more, SaaS vendors state that they’re not liable for any data loss that may result due to these disruptions—you are.
  2. Human errors 
    By far, the biggest reason for CRM data loss is human error. No matter how careful you or your employees are, SaaS data is easy to misplace, write over, or lose.
  3. Programmatic errors
    Data loss can result because of third-party application integrations or large data migrations that you run within the Microsoft Dynamics 365 application.
  4. Cyberattacks
    Digital transformation and remote work environments due to COVID-19 have opened up many attack vectors for hackers and malicious programs to exploit.
  5. Reliance on Microsoft’s native backup
    SaaS vendors like Microsoft often provide tools and mechanisms to back up your SaaS data. But can you rely on those backups to recover your users’ SaaS data? Not completely. SaaS vendors aren’t responsible for recovering data accidentally deleted by a user.  Microsoft’s service agreement recommends the use of third-party backup applications to regularly backup content and data.
  6. Backups at instance level 
    Microsoft’s native backup allows you to back up SaaS data and recover it at an instance level (production and sandbox instances). It doesn’t allow you to perform backups at the fields/object level.
  7. Retention of the backups 
    You can retain backups of your production instance with one or more Microsoft Dynamics 365 applications for up to 28 days. System backups of your sandbox instances are retained for up to seven days, and you can’t extend this timeframe.
  8. Limited data restore options
    Microsoft doesn’t allow you to perform an in-place restore of your production instance. To perform in-place restore, you need to first switch it to a sandbox environment, and changing an environment type to sandbox will immediately reduce backup retention to seven days.
  9. Ransomware protection
    Microsoft Dynamics 365 does not protect against ransomware, malware or any defense against malicious users.
  10. No integrated backups 
    Suppose your customer has both Microsoft Dynamics 365 and Microsoft 365, a norm for SMBs. In that case, you will need to implement two separate data-recovery solutions, which is a risk over time due to the integration between the two applications.

A Recovery Solution Designed for Microsoft Dynamics 365  

What’s clear is that CRMs like Microsoft Dynamics 365 should be accompanied by a more comprehensive recovery solution to ensure important customer information can always be restored. Fortunately, there’s a tool for this. It’s called ConnectWise Recover SaaS, and it offers extensive

Jan 20

The Right Data Migration Tool Helps Schools Move to Cloud During COVID Crisis

By | Managed Services News

Effective data migration tools enable schools to move to a secure cloud environment, making applications and content easier to access, as well as mitigating the risk of data loss.

Enabling remote learning involves more than just holding classes on Zoom. Schools and administrators are scrambling to provide access for data normally stored on physical devices that previously lived on-premises. And, while the cloud can stand in for physical infrastructure to get the job done, schools–being subject to data privacy regulations like the Family Educational Rights and Privacy Act (FERPA)–are responsible for how data is handled in the cloud. The right data migration tool can help.

Schools are looking to the cloud to help mitigate huge challenges brought on by the pandemic. On top of all this is the fact that schools are notoriously short on IT resources. Stories abound of teachers paying for pencils and notebooks because school budgets are stretched to the max. Their IT “team” might literally be a faculty member with some basic networking skills. The idea of a “lift-and-shift” operation that entails moving all their data to the cloud may seem quite daunting.

A highly simplified, very high-level definition of job requirements might look something like this:

  • Choose a cloud provider to host the school’s data.
  • Determine the workflow to move data to the cloud.
  • Find a window of time to take systems offline and perform the migration.
  • Apply encryption at each step to ensure data secrecy.
  • Ensure low to no data loss throughout the process.
  • Perform user testing and validate functionality.
  • Go live in the cloud.

These are the minimum steps required to take a school’s IT infrastructure and make it available in the cloud for the purpose of enabling remote learning while minimizing risks along the way.

The difficulty is compounded when you:

  1. Lack sufficient in-house resources to perform successful data migration, and
  2. Don’t have tools that are designed to move workloads while maintaining cross-dependencies and minimizing the risk for downtime and data loss.

Data Migration Tools

When you’re this strapped for resources, you can’t waste time on a data migration tool that’s going to complicate the process. A lot of data migration tools, especially free ones, lack essential features that can make or break a migration project.

The first thing to look for at is the data replication part.

Most data migration tools use a snapshot of the server to create a replica in the cloud. The problem is that the snapshot is just a point in time—specifically, the point at which the snapshot was taken. Between the time the snapshot was taken and when the cloud replica based on the snapshot is stood up–and that can take a long time, depending on the amount of data on the server–a lot of data can be generated or changed on the source. None of these changes will be reflected in the new cloud replica. And there’s no guarantee that all of those changes will eventually be reflected in the cloud instance. So, the potential for data loss is there. In some cases, system dependencies are not preserved during the sync process and need to be recreated. This can take a lot of time and resources, which are already in short supply.

Another option is to use

Jan 20

Citrix to Acquire Wrike for $2.25 Billion, Expand SaaS Portfolio

By | Managed Services News

Wrike offers a collaborative work management platform.

Citrix‘s acquisition of Wrike for $2.25 billion, announced Tuesday, seeks to accelerate the company’s transition to SaaS. Citrix CEO David Henshall is betting that Wrike’s collaborative work management (CWM) platform will help extend the Citrix Workspace.

The deal follows a year of accelerated growth of the cloud-based Citrix Workspace, fueled by last year’s COVID-19 pandemic. The sudden shift to remote work hastened customer demand for Citrix’s subscription-based cloud services, the company said. Subscription revenue for the full year topped $1.1 billion, a 71% increase from 2019, Citrix disclosed on Tuesday. Furthermore, SaaS revenues of $574 million in 2020 increased 38% year over year.

Citrix provided the figures in its fourth quarter and full year earnings report, released early to announce the Wrike acquisition. Henshall said remote, or hybrid work environments, are likely to remain permanent, even after social distancing dissipates.

Citrix's David Henshall

Citrix’s David Henshall

“It’s pretty clear that this idea of hybrid or remote work, or even distributed teams that has been so prevalent throughout the pandemic, is here to stay,” Henshall said during Tuesday’s call with investors to announce the Wrike acquisition. “I think [our] two organizations coming together gives us that ability to do that in a way that is very holistic and very differentiated from anybody else.”

Adding Wrike to the Citrix Cloud portfolio promises to justify customers deploying the digital workspace platform. Also, it will give partners a set of workspace collaboration tools that they can attach and integrate for customers. IDC client virtualization research manager Shannon Kalvar believes Wrike could make the Citrix Workspace more extensible.

“Desktop virtualization-based workspaces are by their nature focused on individual work — what you do, how you do it, what you need to gather,” Kalvar said. “But modern work also requires a focus on collaborative work, both structured through processes, and ad hoc to address emerging needs. The inclusion of Wrike, which has those capabilities and is already a SaaS offering, squares the circle, as it were, and completes Citrix’s offering in ways that would be very difficult for them to achieve on their own. There are always challenges, of course, but the underlying idea is a good one.”

Wrike’s Collaborative Work Management Platform

Wrike describes its SaaS-based CWM as a modern project management and productivity platform designed to help people work more efficiently. The cloud-based platform includes tools to structure, track and report on projects, and for employees to collaborate on any device.

Keep up with the latest channel-impacting mergers and acquisitions in our M&A roundup.

The San Jose company, founded in 2006, has 1,000 employees. Wrike claims it has 20,000 customers worldwide, among them AirBnB, Dell, Este Lauder, Geico, Google, Snowflake, Siemens and Walmart Canada. Over the past two years, Wrike’s SaaS annual recurring revenues (ARR) grew at a 30% CAGR, according to Citrix. Wrike’s unaudited SaaS ARR in 2020 were $140 million. This year, the company projects ARR will fall between $180 million and $190 million.

Wrike's Andrew Filev

Wrike’s Andrew Filev

Wrike designed its tools for project management, marketing campaigns, professional services and companywide collaboration. The tools include shared team calendars, time tracking, resource management, business analytics and reporting. Wrike also provides an API for integration with SaaS and on-premises applications, and connectors for more than 400 solutions.

“We try to reduce the chaos and complexity of digital work, so that individuals and organizations can achieve their best,” Andrew Filev, Wrike’s founder and CEO, told CNBC on Tuesday.

CWM Tool Market

Wrike is among nine leading providers of CWM tools recently identified by Forrester Research. Asana, Atlassian, Microsoft, Monday.com, ServiceNow, Smartsheet, Workfront and Workplace from Facebook were others noted in the November 2020 Forrester report. Following the publication of that report, Adobe last month acquired

Jan 20

SolarWinds Hackers Hit Malwarebytes, But Impact Limited to Internal Email

By | Managed Services News

Abusing privileged access into a business application is an extremely common way to attack.

SolarWinds hackers have also targeted Malwarebytes, which became the fourth major cybersecurity firm to be attacked by this group.

Marcin Kleczynski, Malwarebytes‘ CEO and co-founder, disclosed the breach. Microsoft, FireEye and CrowdStrike also were targeted by the SolarWinds hackers.

Malwarebytes' Marcin Kleczynski

Malwarebytes’ Marcin Kleczynski

“While Malwarebytes does not use SolarWinds, we, like many other companies, were recently targeted by the same threat actor,” Kleczynski said. “We can confirm the existence of another intrusion vector that works by abusing applications with privileged access to Microsoft Office 365 and Azure environments. After an extensive investigation, we determined the attacker only gained access to a limited subset of internal company emails. We found no evidence of unauthorized access or compromise in any of our internal on-premises and production environments.”

No Impact to Malwarebytes Partners

A Malwarebytes spokesperson said the breach had no impact on the company’s partners.

“We received information from the Microsoft Security Response Center on Dec. 15 about suspicious activity from a third-party application in our Microsoft Office 365 tenant consistent with the tactics, techniques and procedures (TTPs) of the same advanced threat actor involved in the SolarWinds attacks,” Kleczynski said. “We immediately activated our incident response group and engaged Microsoft’s Detection and Response Team (DART). Together, we performed an extensive investigation of both our cloud and on-premises environments for any activity related to the API calls that triggered the initial alert. The investigation indicates the attackers leveraged a dormant email protection product within our Office 365 tenant that allowed access to a limited subset of internal company emails. We do not use Azure cloud services in our production environments.”

Malwarebytes’ software remains safe to use, he said.

More to Uncover

Randy Watkins is CriticalStart‘s CTO.

Critical Start's Randy Watkins

Critical Start’s Randy Watkins

“From the report, Malwarebytes took appropriate and timely action after being notified of potentially malicious activity,” he said. “This attack validates what many inside the community have been saying since the discovery of the SolarWinds breach. We’re just starting to uncover the true scope. Cybersecurity providers, including ourselves, have begun to reassess their internal security measures to ensure the ability to quickly detect and respond to malicious behavior.”

Piyush Pandey is CEO at Appsian. He said abusing privileged access into a business application is an extremely common way to attack.

Appsian's Piyush Pandey

Appsian’s Piyush Pandey

“Many organizations leverage Microsoft Office 365 and Azure Active Directory,” he said. “And if an attacker identifies a vulnerability, the volume of attacks is likely to ramp up dramatically. This is why we recommend taking a defense-in-depth approach to securing business application data. This would include dynamic authorization to ensure privileged access could not be granted from a hostile country, reauthenticating users if they request access to sensitive data, applying data masking as much as possible at the UI level, and having granular visibility into data access and usage.”

Unfortunately, legacy business applications can’t do this out of the box, Pandey said. Therefore, organizations need supplemental solutions.

“IT and security leaders must take a hard look at their business applications and research a defense-in-depth strategy,” he said. “Otherwise, a data breach or data compromise is inevitable.”

Jan 19

Cybersecurity: What to Expect in 2021

By | Managed Services News

Remote work is here to stay (and other cybersecurity predictions for the year ahead).

The cybersecurity industry and predictions go together like fall and football or champagne and the new year. But on the heels of an unprecedented year, where a viral outbreak changed the landscape of the global workforce practically overnight, portending what’s in store for the year ahead is even trickier than usual.

One thing the cybersecurity experts at Webroot agree on is that work from home is here to stay for 2021—or, at least, it won’t recede to pre-pandemic levels in even the medium-term. What is likely to change is how companies respond to their remote workforces. The security measures they take (or don’t), the educational opportunities they provide (or fail to provide) and their commitment to innovation (or lack thereof) will likely separate the winners from the losers in the year ahead.

Yes, cybersecurity for remote workforces will likely be a prevailing concern throughout 2021, even following positive news on the vaccine development front, according to Webroot experts. Another prevailing theme from the professionals here, when asked to make their annual predictions for the new year, is that a cybersecurity skills gap will continue to haunt businesses and pose opportunities for those looking to start their careers in the field or make the switch to it. As such, automation and the adoption of AI technologies will be critical to plugging the gap.

Read on for more details from leading engineers, security analysts and product specialists from around our organization for complete cybersecurity predictions for 2021. Take heart because, whatever happens, 2020 won’t be easily outdone. (Knock on wood.)

On Remote Workforces and the Problem of Personal Devices

 David Dufour, VP of engineering, Carbonite + Webroot

In 2021, many businesses will continue to operate remotely as a result of the pandemic, and there must be an emphasis on training employees on security best practices, how to identify modern threats such as phishing, and where company data is being accessed and stored. Phishing is going to remain one of the most prominent ways to attack users and will become more sophisticated as it’s tailored to take advantage of work-from-home setups and distractions.  

Grayson Milbourne, security intelligence director, Carbonite + Webroot

The biggest change for 2021 will be securing remote workforces and remote perimeters, which include home networks and home devices, particularly personal devices. These all add their own challenges. Home networks and their configurations are diverse. Many use out-of-date routers with insecure settings. Personal devices are often used for work and, as we saw in our 2020 Threat Report, are twice as likely as business devices to encounter infections. If not addressed, this could have a serious impact on businesses in the coming year.

Hal Lonas, CTO and SVP of SMB engineering, Carbonite + Webroot

We shouldn’t overlook the incredible societal and behavioral changes underway right now. These put all of us in new situations we’ve never encountered before. These new contexts create new opportunities for social engineering attacks like phishing and scare tactics to get us to open emails and click on fraudulent links.

Tyler Moffitt, senior security analyst, Carbonite + Webroot

It really doesn’t matter the company or the length of the work-from-home stint, one thing that’s constant is that professionals at home are using their personal devices and personal network. Securing the remote perimeter is going to be the biggest challenge for cybersecurity professionals now through 2021 because laptops issued to professional workforce are much more secure than personal devices.

Personal devices are twice as likely to be infected than business devices. Even more worrying, we saw with our new COVID-19 report that one-third of Americans will

Jan 19

With SolarWinds Breach, ‘The Hackers Aren’t the Problem’

By | Managed Services News

Find out who, instead, is the problem and how MSSPs must fix their own, and clients’, IT environments now.

Details about the giant SolarWinds breach continue to emerge. On Tuesday, Symantec said it found a previously unidentified strain of malicious code unleashed in the attacks. And Wired just published a piece warning of copycat hacking attempts. For managed security service providers, the question becomes one of preventing such threats in the first place.

That may prove wishful thinking.

“There is no guaranteed, foolproof way.”

Asigra's Eran Farajun

Asigra’s Eran Farajun

That’s the word from Eran Farajun, executive vice president of Asigra, a data protection vendor that works with managed service providers. Notably, Farajun was among the few experts in recent years predicting an attack that would target remote monitoring and management platforms. It was just a matter of who, when and where.

Since early last year, Farajun has been recommending that all players – providers, customers, partners – separate apps such as backup from the RMM stack. He preached this best practice because once malware gains entry, it then can access mountains of data.

For a while, Farajun’s pleas might have seemed overblown. Then came the SolarWinds fiasco.

In December, hackers, whom U.S. authorities suspect as having ties to Russian state intelligence, inserted malicious code into SolarWinds‘ Orion software updates sent to nearly 18,000 customers. The code lived in updates released between March and June of 2020.

This led to security breaches at numerous U.S. government agencies. Those include the Treasury Department, the National Telecommunications and Information Administration and the Department of Homeland Security. The attackers also hit SolarWinds’ corporate clients, including FireEye, as well as Microsoft’s closely guarded source code.

Now, victims of the SolarWinds breach remain in clean-up mode. They’re also thinking about prevention. Indeed, this is top of mind for many an MSSP. But warding off a cyberattack takes more than technology. And this is where a lot of people fall prey to misconceptions.

‘The Hackers Aren’t the Problem’

Too many technology insiders operate under “a false sense of security,” Farajun told Channel Futures.

“The hackers aren’t the problem,” he added. “The IT professionals are the problem.”

Wait. What was that?

Correct, Farajun said — it’s the very people charged with protecting networks and data who paved the way for the SolarWinds attack.

“They think if they buy this vendor, or even an MSSP service, ‘I’m good,’ ‘I can sleep at night,’” he said. “People think it’s going to be solved technologically. The bad guys know that, and that’s what they take advantage of.”

So what’s an MSSP to do? Get more expensive. In other words, Farajun said, be costly to hack.

“A healthier way to deal with this false sense of security is to recognize that the bad guys are always ahead; they’re always going to be a step ahead,” Farajun said.

The better approach? MSSPs must …

Jan 19

In 2021, Cloud Governance Becomes Imperative as Adoption Soars

By | Managed Services News

CloudSphere, Fortanix and MontyCloud all talk about what’s at stake and what partners must do now.

The need for cloud governance has grown more important than ever. As organizations continue to support remote work, many have lost the power to strictly oversee what employees are doing. Last year’s scramble to the cloud because of COVID-19 now is turning into a rush to rein in slackened security, unapproved apps, excessive permissions and unbudgeted spending.

Yet cloud governance gets more complicated when a business uses more than one platform — and many do. Perhaps Sabrinath Rao, vice president head of channel for MontyCloud put it best: “Consistent governance, security and cost management are hard enough to achieve in a single cloud. Doing that across multiple clouds is even harder. Individual cloud providers do not have an incentive to innovate here. Driving granular governance consistently across multiple clouds is a value that partners can offer.”

Indeed, managed service providers, VARs, integrators, consultants and others have a big mission in front of them. That’s to help clients implement technology, processes and people that, together, control activity across clouds. This leads to secured data, regulatory compliance and other uncompromisable outcomes.

Consider Forrester Research’s prediction that the global public cloud infrastructure market will grow 35% this year alone, reaching $120 billion. Enterprises, SMBs, nonprofits and more face an unpleasant cloud reckoning if they don’t put governance in place soon. Now is the time. And as David Greene, chief revenue officer of Fortanix, told Channel Futures, “Customers need the help and direction that channel partners can provide.”

To that point, vendors specializing in cloud governance, and selling through the indirect channel, are doing their part. In recent weeks, CloudSphere, Fortanix and MontyCloud, as just three examples, each released platforms that address cloud governance in different ways. Where they overlap is agreeing on what cloud governance accomplishes: protecting data, ensuring security and providing insight for cost controls. They also concur that these initiatives are especially paramount in a multicloud environment.

In this lightly edited Q&A, Channel Futures talks with the channel leads at each vendor about cloud governance — from what that means and what’s coming in 2021 to challenges partners should anticipate and the pitfalls to skirt. Channel Futures spoke with Keith O’Kelly, regional vice president of sales and channel head at CloudSphere; Fortanix’s Greene; and MontyCloud’s Rao.

Channel Futures: How does your company define cloud governance, and why?

CloudSphere's Keith O'Kelly

CloudSphere’s Keith O’Kelly

Keith O’Kelly: The cloud provides tremendous agility benefits to organizations, with a vast number of different services available on demand. However, that same agility introduces complexity challenges and significant problems with security. We see cloud governance as the ability to define, implement and enforce processes around how a company will use the cloud.

David Greene: Cloud governance is the process of defining, implementing, and then continuously auditing, a set of policies and controls that define what data can be processed by which cloud services under what conditions. Fundamentally, cloud governance takes the security framework built for stable on-premises data and applications and reimagines it for a constantly changing cloudy world.

Sabrinath Rao: Cloud governance delivers policy-driven controls for secure, efficient and cost-effective consumption of cloud resources. Cloud governance also seeks to deliver both consistency across the organization, and granular variations required to support different consumption patterns within the organization.

CF: In what way or ways does your company approach cloud governance, and why?

KO: Most large organizations are already in more than one public cloud, which adds to the complexity of defining and enforcing policies for cloud use. We approach cloud governance by reducing that complexity with a single policy engine that can provide governance across all major public clouds.

DG: Fortanix thinks that what you really need to worry about is your data — how to make it secure anywhere at any time. Fortanix uses encryption to secure the data itself, keeping it safe no matter where it may land or who …

Jan 19

How the Pandemic Will Influence Channel Partner Businesses in 2021

By | Managed Services News

From reshaping workspaces to doing more with less, four trends will dominate operations and sales.

BitTitan's Geeman Yip

Geeman Yip

Businesses around the world are conducting their typical annual planning this year amid atypical circumstances. Impacts from the extraordinary events of 2020 are expected to be long lasting and companies must simply forge ahead despite lingering uncertainty about direction.

Fortunately, we’ve navigated enough road during the pandemic to have some idea about what the next year will be like. Here are four trends I anticipate will influence how channel partners sell their products and services, as well as how they operate their businesses.

Reinvention of the Workplace

Risk of exposure to the coronavirus will continue well into 2021 as we wait for distribution of the new vaccines. Even after this pandemic, the way in which we interact will fundamentally change. This will lead companies to make significant changes to their workplace environments. With many employees continuing to work from home, offices will feature fewer individual desks. We will see increased use of “hot desks” and more large conference rooms providing space to spread out. The shift toward more shared open space, similar to a WeWork scenario, will enable socially-distanced collaboration in an office setting. Even companies that already have large communal spaces in their offices will need to actively reshape employee behaviors in these areas so there’s an emphasis on getting work done instead of socializing.

Increase Productivity, Decrease Costs

Companies will look to conserve cash and do more with less in the coming year as a response to the economic volatility brought on by the pandemic and lingering uncertainty about the future. Investments will still be made in software and tools that enable employees to be as effective and productive as possible, while companies also identify areas for cost savings.

For example, we will continue to see a rise in cloud-based productivity applications, including Microsoft Teams, Slack and Google Workspace. Solutions that help IT manage, assess and report on software usage and adoption will help companies increase optimization of technologies purchased. This will ensure the correct licensing levels are in place and highlight when software licenses can be discontinued.

Expected productivity gains will also be realized as these IT solutions identify opportunities to ensure employees are using new technology effectively. These same IT solutions can also help bring about cost savings by automating labor-intensive IT work. Channel partners will not only assist their customers with this important profit-protecting work, but also similarly invest in doing more with less in their own companies.

Cloud Expansion, Optimization Continues

Remote operations continue to be essential for business continuity during the pandemic, and so, too, will expanded use of cloud-based services. Companies that were already migrating to the cloud when the pandemic began will continue this work in the new year. Those that scrambled to the cloud in response to the pandemic will look for ways to optimize their cloud footprint, knowing that this will not be a temporary shift in business operations, but a long-term strategy.

As more workloads are moved to the cloud, and companies invest in cloud applications, there will be a need to keep technology and data sprawl in check. This is not only for efficiency and cost control, but also to ensure proper data governance, regulatory compliance and monitoring of technology use throughout the company. The adoption of automation will be important as it allows organizations to keep up with the increase in technology without having to increase their workforce at the same pace. Automation will allow organizations to reduce manual work, deliver reports in a timely manner, detect system anomalies in real time and more. Channel partners will continue to play a pivotal role in assisting companies with migration, optimization and governance in the cloud.

Social Selling Gains Favor

Traditional sales and marketing tactics are likely to become less effective, after a year of nonstop digital interaction and the resulting spike in email volume. As people look for ways to have meaningful connections with people they trust, we will see more social selling and connecting in 2021. Individuals with expertise in products, solutions and industry trends will increasingly turn to their social channels to share their expertise. In turn, people with a mutual interest in this information or a need for advice will seek out these experts directly and follow their social feeds. In the same way companies have used email marketing and websites as a tool to sell on a one-to-many basis, social selling and connecting enables a more personal one-to-one experience that will be increasingly popular in the coming year.

Geeman Yip is the founder and CEO of BitTitan, a SaaS-based cloud enablement provider in Bellevue, Wash. He founded BitTitan in 2007 to help IT service providers and businesses assess, deploy and manage technology solutions in a rapidly changing cloud world. Yip previously was a program manager for Microsoft Exchange, working on what would become the foundation for today’s Office 365 suite. He has more than two decades’ worth of experience in the software and IT spaces. Follow him on LinkedIn or @BitTitan on Twitter.

Jan 19

Stratus Technologies Targets VARs with New Partner Program

By | Managed Services News

Stratus offers two edge computing platforms.

Stratus Technologies has a new VAR program that allows OEMs, and machine and solution builders to develop and deliver edge computing-based offerings.

The program presents an accessible way for VARs to bring zero-touch edge computing to their customers, the company said. Furthermore, it lowers the barrier to developing products, services or automation solutions that converge OT and IT.

Stratus Technologies offers VARs platform pricing, embedded services, training and certification as they incorporate edge computing to differentiate their solutions. The company says it also delivers low-risk implementations for customers, and helps to create new business and revenue sources.

More Opportunities for VARs

Aric Prost is the company‘s senior director of OEM business. He said his company’s partner program previously cater to VARs.

Stratus' Aric Prost

Stratus’ Aric Prost

“We had partnered with new VAR customers in the past 36 months and saw more opportunity for partnership within that type of customer based on great synergies and feedback … and customers implementing modern control architectures and edge computing to facilitate digitization initiatives that are accelerating in industry,” he said. “We also saw an opportunity in the market to develop a service model that fit both our strengths, the needs of VARs and what their user customers are asking for at an accelerated pace as a result of the pandemic.”

As part of the program, Stratus offers training, certification and accreditation services to help partners successfully sell edge computing services. It also offers platform support through the company’s global network of systems engineers.

Furthermore, the program provides co-marketing opportunities to support business development and edge computing awareness.

“[The program] gives our VAR partners opportunities to save significant time in design and deployment while creating a practical path to digitization and the edge, while improving the reliability of the VAR’s solution,” Prost said.

VARs can integrate Stratus platforms to deliver new edge capabilities. Additionally, teams can save time in setting up and deploying solutions with plug-and-play integration to existing architectures.

COVID-19 Related Challenges

The program addresses the challenges VARs face from the COVID-19 pandemic, Prost said.

“Challenges include regulations about capacity in plants/production environments, which can be addressed with improved predictive maintenance, alerts, AI and installing highly available or redundant systems that don’t interrupt production or require a person to switch over,” he said. “Partners are also seeking greater visibility into their supply chains and manufacturing processes to identify solutions to unforeseen problems like shortages of supplies. Machine learning and AI are areas that can help solve these problems. They’re applications that use edge computing as part of the solution.”

The program also ensures that VARs can buy the platforms for a reasonable price.

Stratus offers two edge computing platforms. It built the ztC platform for critical equipment and distributed control architectures for continuous availability in harsh environments. The ftServer platform is built to handle heavier workloads for critical business applications and data.

Michele Vario is OEM and business development manager at Wonderware Italia.

“Stratus is a visionary in meeting the needs of machine builders who need to develop new offerings for Industry 4.0 environments and IIoT technology,” she said. “Stratus edge computing gives us the ability to bring our
customers there.”

1 2 3 281
>