Brian Corrigan, ARN (BC): What security issues are customers talking about?
Robert Cipriani, Frontline Systems (RCi): Rather than talking about security at the point where you come through the router, customers are talking about adding patches to servers and vulnerabilities within applications. Traditional firewalls have gone and some vendors, such as Check Point, are struggling compared to where they were in the market five years ago. We are seeing more demand for appliance-type boxes from Cisco or NetScreen.
Glen Hastings, Indicium (GH): It's multi-faceted. There are the simple things like border security with firewalls and antivirus that we all know and love but then there's getting your house in order with things like access to information. We are seeing a shift to managed services and I would love it if Brightmail could be delivered in a software-as-a-service model as opposed to buying appliances, software and annual maintenance.
Mark Gluckman, Regal IT (MG): Most of our customers are pretty much around the data centre and the perimeters so the only reason they are getting any work done is because of upgrades or if they are looking at change within their business. The biggest concerns are around policy, identity management and mobility. Businesses want to make staff more productive but it brings a whole new area of management when, for example, Blackberrys are being left in the back of taxis. End-point management is becoming a greater issue as a growing number of people come onto the network from home or hotels overseas. How do you look after those devices and make sure there are no viruses on them? Another problem is the advent of applications like Instant Messaging and Skype.
Ross Cochrane, Express Data (RCo): As you scratch a customer you find more and more things that need to be addressed, despite all the legislation and investments that have already been made in policy and disaster recovery. People put things in annual reports about how secure they are but I think preparedness is very low right now in most organisations. They might have some good external protection but beyond that it's patchy. I don't think too many people are prepared to own up to it in the IT space but business people are talking about it in terms of risk. What we're hearing from our resellers is less about needing firewalls and more about security opportunities. I think we are still in the early days when you look at what has been done so far and what still needs to be done.
Stewart Sim, Websecure Technologies (SS): There is a very unhealthy complacency in the market because people have gone through the phase where they had outbreaks of viruses and looked at content filtering strategies. The issue now is that networks are changing and there is no clearly defined perimeter. One of the things organisations need to look at is containment zones within the network. The speed viruses move around the Internet means the strategy has to be more about containment and cleaning up rather than proactive protection. At a very high level, business owners don't understand the issues; many haven't suffered an outbreak for a long time and can't see why they will be a target when they are running a small bakery. The reality is that small businesses are the ones being targeted by phishing attacks. People are not even going to be aware it is happening. Everybody is running into this market but the value has to be articulated to the end user and that is a very difficult proposition.
Anton Vlainic, Allcom Networks (AV): Investment in security is always reactive so the easiest time to find an opportunity is when there has been an issue and you need to secure the environment because of a virus outbreak or whatever it was. Mobility is a big driver because businesses are allowing people to work from home on PCs that they don't own. This raises issues around providing secure remote access and ensuring those PCs are protected by a certain level of security.
Steven Boi, Dimension Data (SB): We are seeing two interesting trends. One is customers acknowledging the landscape is changing at such a rate that they have lost control of options, necessities and risks. From a consulting point of view that is creating great demand for helping clients understand what they are facing and what they should be doing. Our clients don't seem to be shy about investing the money when we present a sound business case back to them. The other trend is that customers don't want to manage the infrastructure when it's in place because their hands are full with managing core business and they realise they don't have the capacity or skill to do it properly. Our managed services business in the security space is driving very aggressively in a positive direction.