As 2018 draws to a close, accumulating concerns around security continue to hamper customer progress with the enterprise still trapped in a cycle of inaction.
Bold in thinking, but lacking in execution, businesses remain challenged to protect core assets and information, nine months after the ink dried on the new Australian Notifiable Data Breach (NDB) scheme.
Within three weeks of the February roll-out, the Australian Government’s Office of Australian Information Commissioner (OAIC) received 31 breach notifications as security conversations dominated boardroom agendas.
Yet with 2019 closing in, such momentum is slowing as organisations revert to old habits.
“We see security again as the biggest market opportunity,” said Kelly Webb, sales director of MSS IT.
A simple statement perhaps, an obvious declaration maybe, but for MSS IT, a year of sizeable security change in Australia has created new demand for specialist services and expertise.
“With changes to the laws on data breach notification, compliance and advanced threat landscape constantly evolving it is becoming necessary for businesses to have a partner who can be their virtual security officer,” Webb explained.
“The days of just picking an anti-virus package and rolling it out are very much in the past. If you don’t have an internal team of people to look after the IT security of the enterprise, a trusted partner with a blend of products and services is essential to reduce the pain in keeping the business secure.”
According to Webb, the speed at which the laws were implemented earlier this year has created new levels of “accountability and responsibility” among businesses, generating enterprise “pain points” in the process.
“People are being picked to be the main compliance person and point of reference for all breaches in the enterprise,” Webb added. “Small to medium-sized businesses are also starting to ask more questions and look at products that can self audit 24 hours a day, seven days a week, 365 days of the year.
“When one of your chief concerns is making sure your business is as secure as you can hope to be - because nobody is airtight - you have to look at ways of doing that at the best possible ROI and that very often means a blend of products with an overlap.”
In assessing the changing security market, Webb said key challenges centre around the rise of ransomware and advanced threats, alongside data theft and increased whaling attacks to commit fraud.
Collectively, a security storm is brewing in Australia, with MSS IT well placed to capitalise on increased customer spend.
“We’re growing at a steady pace,” added Webb, citing over 20 per cent growth year-on-year. “We aim to continue that trend, which comes from a mixture of hiring the right people, retaining them and having exceptional vendors and distributors.
“But also, making sure we can deliver what we say we are going to deliver before signing a deal.”
Driven by a “future-minded” way of thinking, the managed service provider (MSP) works with both “mainstream and niche” vendors from a technology standpoint, with expertise spanning security, disaster recovery, cloud, connectivity and networking.
Wrapped up in a managed services offering, MSS IT works with key vendors such as Hewlett Packard Enterprise, HP and Sophos, in addition to VMware, Veeam and Palo Alto Networks.
“We are constantly reviewing our vendor spread and we try to keep it lean so we have fully trained engineering and sales capability in what we are proposing,” Webb said.
“That said, what we are also trying to do is more with the niche technology vendors who have something unique that delivers a specific outcome – whilst ensuring we invest in the training to deliver it. This can be a juggling act.”
In a direct message to the channel, Webb said vendors must “back the right partners for the right opportunity” to help move away from traditional supply chain practices.
“Vendors must co-invest in quality face-to-face training of people and provide regular product roadmaps,” Webb added. “Sales people simply don’t have the time spare to attend every webinar they are invited to.”
Specific to customer priorities, Webb said clients today want to “deliver more value” to the business through IT, but remain hindered by a lack of resources.
“Big data, analytics, catalogue of services and improved service level are all highly desirable to their internal customers but also keeping the lights on as well is not always possible,” Webb explained. “We aim to be the cavalry that supports them throughout that process and compliment and underpin what they do.”
Specific to the Internet of Things and data analytics, Webb said such emerging technologies are allowing enterprise customers to improve internal visibility levels, citing the presentation layer as “crucial”.
“It is absolutely necessary that they can interpret and react to all this new information to drive efficiency,” Webb said.
Leveraging industry expertise across local government, education, mining and construction and hospitality, MSS IT works with a wide range of customers, including the City of Mandurah, Jaxon Construction and The University of Western Australia.
“Cloud is still very much a hybrid mix particularly in Western Australia,” Webb added. “Customers are very much looking for ways to do things on other people’s equipment where possible, but not if it means a hit on performance or sovereignty issues.
“Security is now becoming a chief focus point for CIO’s as the data breach headlines have moved from page seven to the page one in the last 12 months.”
Collectively, Webb said the key challenges for businesses remain grounded in securing the enterprise, elasticity of compute services, speed of provision of development resources and delivering great customer service.
“Making sense of the ‘fog’ rather than the ‘cloud’ is a key consideration also,” added Webb. “Many executives want to see cloud computing being used in their organisation but it’s the journey to it, and clearly explaining to customers where it does and does not make sense to do so in their particular business.
“So many businesses still do not have disaster recovery plans in place and analysing the inherent risks of that and articulating a plan of remediation can be tricky.”