6 things you should consider before selecting a security partner
With security threats constantly evolving, many organisations are putting their trust in a security partner, but there are six things they need to know before putting pen to paper
Short of time?
There are no certainties in the current security landscape. The threats businesses face evolve every day and instantly ramp up and down without a second’s notice. For example, in the fourth quarter of 2015, monitored and recorded DDoS attacks seemed about normal.
There were a few thousand DDoS hits each day, targeting different websites around the Web. Then, in an instant, that number shot through the roof to more than 30,000 instances of DDoS attacks.
Additionally, the complexity of cyberattacks have made many organisations realise the advantages of outsourcing their IT security to expert partners. The reality of modern Web security and DDoS mitigation is that no one can ever know exactly what’s going to happen.
So, when it’s time to evaluate and select a cybersecurity partner, you need to know as much as you can about the company. Here are six things you need to know before putting pen to paper on any agreement with a cybersecurity partner.
The upfront costs and onboarding process
When you integrate a new partner into your solution portfolio, there is one group of people who can’t notice any issues – your customers. When you integrate a new offering, there can’t be any snags for your customers.
If they need to spend more to offset your costs or to license different software or solutions, they aren’t going to be happy. Pricing adjustments are part of business relationships, but they can’t be so significant or so sudden that customers are forced to spend a great deal more than they anticipated.
In enterprise IT, change is just part of the game. However, integrating one new vendor can’t result in so many adjustments that customers get confused or fail to find value in the relationship.
The revenue-sharing model
If you enter a channel partnership, it will come with revenue sharing - it’s what makes the channel work. When you enter into an agreement, you need to ensure there’s significant opportunity for both parties to benefit financially. Great solutions will bring in the customers and guarantee everyone gets paid. New partners must be willing to agree to a reasonable service model.
They’re getting major value from your sales and marketing efforts and in return should offer a strong model for revenue.
Customer service reputation
Downtime, outages and latency issues are the kinds of things that come with DDoS attacks. And as your customers will tell you, they simply can’t afford to be offline. In some companies, there’s a bit more wiggle room, but the goal is always zero downtime.
That said, how long does it take your new security partner to identify an issue and respond in kind? Your customers measure their satisfaction with you in minutes, not hours or days. When security is the reason for lengthy downtime or outages, it can be even more challenging. Your partner needs to be able to guarantee customer issues will be addressed and meet the expectations once they’ve been established.
Your partners don’t just need to offer you a good price point or good service to your customers. In everything they do, they must live up to the values and standards of your company. Speak with other partners they’ve had in the past to get an idea of how things have worked with those relationships.
Your partners should have already established a solid track record for solving problems and doing so in line with customers’ expectations. Your brand reputation is on the line here. If your partner has shown it can’t handle anything and everything your customers will throw at them, the relationship may not be as beneficial as it could be.
Flexibility in delivery
Delivery is always a sticking point in channel partnerships. Some of your customers will want security solutions delivered over the cloud to limit upfront costs. Others will want an on-premise, private deployment designed specifically for them.
Either way, you need to guarantee that both can happen with minimal delays. Some customization may be necessary to keep everyone happy, but it has to be an option so customers can access to every solution in your stack. It’s more than likely that your customers will need a few different options for delivery models.
Security touches every part of the business, and it has different specification depending on what kind of company it is. Your security partner must understand these ideas and be committed to working with your partners.
Specific data, use cases
Before you accept anything as fact, ask questions. Talk to existing partners and previous partners to get an idea of the strengths and weakness. Then, go to your prospective partner and ask the tough questions and demand specifics.
How many in-place, purpose-built solutions have they developed? What are the capabilities and capacities of the solutions and can they translate to your customers’ needs? You know precisely what your customers value and need so any partner you work into your solutions stack must be willing and able to deliver on those needs.
If we learned anything from the final few months of 2015, it’s that DDoS mitigation and enterprise IT security demand flexibility and a commitment to problem solving. If you want to work security into your solution stack, the channel has a number of options available to you. However, a good solution or strong customer service aren’t enough. Your customers have wide-ranging demands and you know exactly what they are so choose a vendor that delivers on all of them.
Sourced from Hope Frank, CMO of Nexusguard, and Donny Chong, global product director of Nexusguard