We first reported on Symantec Endpoint Management Suite 1.0 last week, when I found that Symantec had prematurely posted product details on its website. But today marks the suite’s official launch, which means I can finally give even more details that Symantec provided last week in an embargoed interview.

Read more »

Intuitively, I think we all knew this was coming. But now, there’s some research out of the Computing Technology Industry Association (CompTIA) that validates the notion that many companies are still seriously unprotected when it comes to their notebooks and handheld computers.

CompTIA just conducted a survey of more than 2,000 people responsible for information security within their organization. More than 50 percent of them said mobile security threats had grown dramatically over the past 12 months. But while 71 percent of these companies allow employees to tap into their networks from a remote location, only 39 percent have provided any kind of security awareness training about what they should worry about, or why. Another 19 percent said they DO intend to provide this sort of education before the end of the year.

Because there hasn’t been a seriously malevolent virus on cell phones or smart phones, we tend to be kind of blase about the threat. But compliance has got people downright spoked about the notebook thing.
Ironically, I just wrote a story earlier this week for Entrepreneur magazine about mobile whole disk encryption, which is being used increasingly to protect data on a notebook in case it is lost or stolen. Some 45 percent of companies of all sizes now are evaluating or planning to buy disk encryption software to protect against this, according to some recent Forrester Research data.

The take-away is pretty simple: Disk encryption is definitely a growing mobile security area, although there are some pretty big downsides — like your data isn’t recoverable if your hard drive dies. While the handheld market is less developed, the iPhone has got people evaluating handheld computers in ways that IT departments are wholly unprepared for. So, a VAR with expertise in this area, such as D&D Consulting in Albany, N.Y., stands a good chance to differentiate themselves.

Heather Clancy is a business journalist and strategic communications consultant with SWOT Management Group. She can be reached at hclancy@swotmg.com.

SearchITChannel.com has lined up interviews with two major channel executives for this week’s Partner News Podcast.

Julie Parrish, Symantec’s vice president of global channel sales, will call in to talk about changes to Symantec’s deal registration program and other topics facing Symantec partners.

We’ll also be joined by Al Monserrat, the vice president of worldwide channels and emerging product sales for Citrix. Citrix Synergy 2008, the company’s annual partner and customer conference, is this week in Houston, so there will be no shortage of news to discuss.

The podcast will be available for streaming or download Friday on SearchITChannel.com and the IT Channel Podcasts page at SearchITChannel.com/download.

Digimerge Technologies. JDSU. Lorex Technology. On-Net Surveillance Systems. Videolarm.

Do you know any of these companies? If you don’t, Tech Data is hoping to change that. The distributor has established a new Physical Security Specialized Business Unit, which will focus on carrying products that fall into the security surveillance and network testing solutions categories. The group, which falls under Chuck Bartlett’s direction, will carry these sorts of products: digital video recorders, monitoring systems, software, IP cameras, lenses, enclosures and so on. The distributor sees a convergence of new digital surveillance solutions with tradition network integration practices.

Other vendors that are part of the unit are:

• 4XEM
• Axis Communications
• Bosch
• Computar
• D-Link
• Cisco
• IPX
• ISONAS
• Milestone
• NetBotz
• NUUO
• Panasonic
• Q-See
• Sony
• Toshiba
• United Digital Technologies
• Vivotek

I’ve included the link for the companies that I didn’t know, that I could find on the Web!

The reason I find this all really interesting is because of some side conversations I had last month at the 1NService Interchange conference. Many of the member companies (integrators all) are mulling how to handle video surveillance and physical security systems atop their customers’ existing networks. The idea, for example, that the network will know when you’ve entered the buiding and its OK to allow access to your computer. Or not.

This requires, as you might imagine, a whole new set of technical skills. And lo and behold, there is a whole network of integrators already doing work on the physical security front, some of which are part of a group called PSA Security Network. I think we’re facing the same sort of channel convergence problem that we used to talk about five years ago surrounding data networks and telecommunications networks. Collaboration between the two worlds seems logical. And yet. … Bill Bozeman, president and CEO of PSA, says this will be tough, given the dynamics of the physical security market and the reluctance of that community to collaborate.

So, while I’m excited about the idea of tying the cyber and physical security worlds together, it will probably be way harder than we imagine. It’s great that someone like Tech Data is getting involved. Let’s hope they have the staying power necessary to get this thing off the ground.

Too much information!

Warning customers against posting personal data to the Web is one of the most important services VARs can provide.

Many in the business community are enamored of social networking sites and appear to feel that more is more when it comes to “sharing” their lives on LinkedIn, Facebook, Myspace, insert-your-favorite-social-site here.

The problem with that is  cyber miscreants lurk just waiting to pounce on these nuggets. Something as innocuous-seeming as college affiliation, job history, names of family and friends can be used by social engineers to craft e-mail messages that will suck you in. That simple click will then unleash threats on your very own hard drive. Executables embedded in Word or Excel or PDF attachments will search your data to harvest -and secretly send out– passwords, account numbers, and other riches.

This online information trove is like a “playground for hackers,” says Yacov Wrocherinsky, CEO of Infinity Info Systems, a New York Sage Software and Microsoft partner specializing in business applications.

And for high-net-worth (ie. rich) executives who are  likely targets, it’s important that their wives, kids, friends also be careful about what personal details they divulge.

The beauty of LinkedIn is members can see who their associates know. “It’s great for making connections or for finding people if you’ve lost their business cards,” Wrocherinsky says. But that doesn’t mean you should bare any more than is absolutely necessary.

And on the less-business oriented of the social networking sites, say Facebook, people tend to put in way too much information-birthdays, anniversaries, travel plans, kids names, etc. All of that is gold for social engineers with evil intent.

George Brown, CEO of  Database Solutions, a Cherry Hill, N.J. solution provider tells his customers to keep their data zipped and not to post anything they are not required to do by law . As it is now with SEC filings for public companies, a lot of information about execs is already out there. No need to supplement that for the bad guys, Brown says.

Barbara Darrow can be reached at bdarrow@techhtarget.com.  

Been prepping this week for a presentation I’m giving on behalf of my colleagues at channel consulting firm SWOT Management Group to Oki Data’s solution provider advisory council (full disclosure on where my head is right now). So thinking quite a bit about printing and imaging. I know: Probably not your usual fare here at SearchITChannel.com.

In my days as a reporter, printers were, quite frankly, a bit overlooked as a coverage area. That is, until marvelous inventions like Adobe PostScript promised to pull these peripherals squarely onto the network and into the workgroup realm. The latest wave of innovation began when features from the office equipment world began to creep over—management software, scanner support and the like. In reality, if you sit back and mull the technology over a bit, today’s printing and imaging segment is one of those practice areas that could be a very logical, practical extension to your existing infrastructure practices in storage, security and collaboration.

Let me explain.

First, some market statistics. Gartner reported fairly recently that U.S. shipments of printers and copiers declined 4 percent in the second quarter. That is, printer sales declined 15 percent, but purchases of flatbed multifunction peripherals (MFPs) grew 19 percent compared with the second quarter of 2006. The color-enabled portion of this market is growing at a rate of 29 percent year over year, according to another market researcher, IDC. A related area, document scanners, is also posting respectable growth. Here’s some thoughts from market research company InfoTrends on the role of scanners. The transition to digital fax machines, of course, started happening years ago.

In my opinion, there are several dynamics driving this growth: new forms of business collaboration, as illustrated by software platforms such as Microsoft SharePoint; compliance regulations that dictate better document management policies and strategies; and the rise of Web 2.0-related portals that have made the job of managing content in both electronic and printed forms a whole lot more onerous. Of course, price points for MFPs have simply made the investment in these devices more worth it.

So how does this relate to something like storage? Think of printing and imaging as the front-end to the document management and workflow applications that have been slowly finding their way into business continuity and back-up solutions. You could even tie together a start-to-finish managed service: one that starts with an MPF, links into the appropriate software and archives accordingly, as business conditions dictate.

Similarly, protecting these documents with some sort of digital signature or encryption methodology could be a concern of your data security practice.

The fact that there are really no “standard” ways of handling documents, that every company’s workflow and retention strategy is probably slightly different, that this entire process really could benefit from ongoing management and services . These things make a printing and imaging solution look a lot more like an infrastructure practice than a commodity PC sale. Have you been thinking about it that way?

It took Google a month to incorporate Postini’s security and compliance servers into its business apps. Google  completed its $625 million acquisition of Postini a security-as-a-service pioneer in September.

The higher-end Google Apps Premier Edition gets the Postini goods-configurable spam and virus filters, central management to set policy for content screening etc.

Premier Edition combines word processor, spreadsheet, instant messaging, email, calendar and Web creation tools for $50 per user per year including ten gigabytes of storage. Not bad.

When Google introduced the Premier version early this year, Postini, and Avaya, was one of its inaugural partners.

E-mail and collaboration VARs, many of whom built their businesses selling and supporting Microsoft Exchange, Lotus Domino, and open-source-oriented mail like Open-Xchange and Scalix, are watching Google’s moves carefully.

One mid-western VAR says Google is taking business away with one hand, but providing other business with the other.

RICIS, Tinley Park, Ill., has lost more than a dozen e-mail accounts to Google last year.  But, many of those customers retained his company do to services work anyway.  RICIS also sells the Google appliance, which aims to bring Google search inside company firewalls, and has found rich services opportunities working with the Google APIs to integrate the company’s services into the customers’ Web sites and applications

Gregory Rosenberg, CEO of RICIS, says he makes 54 percent margin on those services vs. 25 percent on the Google appliance. He even says he makes more margin on Google than he can on Microsoft software sales.

So, even though RICIS cannot resell Google apps, Rosenberg feels he’s doing better with Google in the mix than he would without it.

If you’re an e-mail or collaboration specialist, how do you view Google’s entry? Drop a line!

Barbara Darrow, a Boston-area journalist, can be reached at badarrow@comcast.net.

Symantec continued its services push today by boosting its managed security services (MSS) with bot protection.

MSS customers will receive the added protection free with their current subscriptions, which provide real-time monitoring and threat response. Symantec says its latest Internet Security Threat Report found, over a six-month period, more than 5 million computers infected with bots — programs that can spread malware from computer to computer and grant remote access to unauthorized users.

Much of Symantec’s focus lately has been on managed services and Software-as-a-Service (Saas). Its upcoming SaaS platform, Symantec Protection Network, was on the minds of many value-added resellers (VARs) at last month’s Partner Engage conference, where Symantec executives reassured them that the channel will play a big part in services. The first SaaS offering, Online Backup Service, is due later this year.

Symantec’s services push is an attempt to attract more small and medium-sized business (SMB) customers and also to keep its lead in the emerging Symantec vs. Microsoft security battle.

I saw a provocative presentation earlier this month by Dennis Hoffman, a senior vice president for RSA, the security division of EMC. Hoffman really brings a no-nonsense, solution-centric mindset to the whole security conversation, refreshing in someone who represents a product vendor and (understandably) is trying to sell more products. His thinking is even more refreshing when you consider that Hoffman gave this speech on behalf of a VAR (Network Computing Architects) to a bunch of said VAR’s customers. Talk about a readymade pitch opportunity.

Here’s how the argument goes. For a long time, the accepted practice for anyone addressing a security problem has been to look at creating some sort of boundary that keeps people who shouldn’t have access to information from being able to see it, steal it, use it, alter it or otherwise mess with it. Put up a wall, and keep the bad guys out!

Read more »

McAfee announced today a version of its management console designed to support most major security applications, and to allow third parties to write custom code to add special functions to McAfee’s existing framework.

McAfee describes ePolicy Orchestrator 4.0 (ePO) as a vendor-neutral product that has built-in administration and monitoring support for most other security vendors’ products as well as some custom solutions.

Using application programming interfaces (APIs) and software development kits (SDKs), McAfee’s value-added resellers and systems integrators can configure ePO to manage clients’ existing antispyware and antivirus software, host-based intrusion prevention system, network access control and data leak prevention with a single agent, said Kevin LeBlanc, McAfee’s director of product marketing. The console can also manage network security, email gateways, vulnerability scanning and virtual private networks (VPNs).

Read more »