Securing the channel

Investment in IT security is going through the roof and software vendors are lining up to take their share of the spending kitty. With many vendors now taking aim at the midmarket and SMB segment, channel strategy has become a top priority

  • E-Mail
By  Stuart Wilson Published  November 29, 2004

Security boom|~|Isaac,-Kevin-----SYMANTEC--.gif|~|Kevin Isaac, regional director Middle East and Africa (MEA) at Symantec|~|The security software market is booming across the Middle East. Security software has come a long way from bundling an anti-virus package with a desktop. Yes that market still exists but it has become highly commoditised. Today, the real action is in emerging sectors such as firewalls and VPN, as well as intrusion detection and prevention systems. And let's not forget the security 3A segment encompassing authentication, authorisation and administration solutions (sometimes referred to as identity management). Vendors are working overtime to develop brand awareness and construct channels that offer a comprehensive route-to-market covering all the target customer segments. Security software is a hot topic in the Middle East channel. The scope of solutions is increasing and their appeal cuts across all customer verticals and serves everyone from the home user right through to the largest enterprise. Against this backdrop it is little wonder that security software vendors are flocking to the Middle East en masse. Major vendors in the market reckon that customers and channel partners should make sure they are dealing with a reputable vendor that has a genuine long-term commitment to the region. “There is a lot of snake oil available in the market that actually has very little substance,” explains Kevin Isaac, regional director Middle East and Africa (MEA) at Symantec. “We see many companies bringing products to market but there are questions over their commitment. Customers would be better served to work through their security issues with a few key vendors on a long-term basis.” Security software is evolving constantly and this is something that customers and channel partners must bear in mind. As the level and nature of threats change, so too must the software that is charged with protecting the company’s IT infrastructure — the gateway to an organisation’s information assets. While responsible vendors and channel partners shy away from selling security software through fear tactics, all are keen to impress on customers the fundamental importance of the solutions they are peddling. “We are talking about a company’s information here,” continues Isaac. “That is the most important asset apart from the people. Despite this, some companies continue to try and scrimp and save and act like penny pinchers. Symantec has walked away from deals because customers keep asking for an extra discount. We cannot give these discounts because we want to deliver excellence. Customers need to appreciate the value of the solution, not just the price.” Symantec and Trend Micro are the major players in the Middle East security software space at present picking up between 65% and 70% of the total addressable market available to them, according to Justin Doo, managing director at Trend Micro MEA. “In Europe and the Middle East, Symantec is our main competitor in the anti-virus space,” explains Doo. “We are chasing similar business but have different policies on how we get there. Trend Micro is staying very much best of breed in terms of the technology while Symantec is pursuing more of a broadline one-stop-shop approach. Each one is a valid position. Symantec is the biggest thorn in our side but I would like to think we are the biggest thorn in their side as well.” The case for security software certainly adds up for channel players looking for new avenues of revenue growth and improved profitability. Figures from IDC claimed that the market for security software in the Gulf States (Saudi Arabia, Bahrain, UAE, Qatar, Kuwait and Oman) was worth a tasty US$52.6m in 2003. With an annual growth rate in excess of 20%, IDC reckons that the segment will be worth some US$145m in 2008. Resellers want a piece of this growing pie with some 50% of channel partners polled by Channel Middle East indicating that they wanted to start selling security software, in addition to the 28.6% that already push these products. ||**||Channel investment|~|Justin-Doo.gif|~|Justin Doo, managing director at Trend Micro MEA|~|Demand from end users and intense channel interest in selling security software is persuading vendors to invest heavily in the region. Besides Symantec and Trend Micro, McAfee and Computer Associates are coming up fast. Newcomers such as NOD32, which uses Cyprus-based ADAOX as its channel development partner for the Middle East, cannot be ignored. CyberGuard has also opened a regional office and is poised to admit Emitac — already a strong Symantec partner — to its regional channel programme. Alongside the product portfolio, the attractiveness of the various channel programmes on offer remains a major differentiator between security software vendors. McAfee recently fleshed out its product portfolio to extend beyond the anti-virus space and is currently rolling out a sophisticated channel programme targeting large enterprise, midmarket and SMB partners. Peter Kwisthout, UAE territory manager at McAfee, says: “Honestly speaking, we arrived a little bit late in this region and now have some catch-up to do. We are now executing our strategy very rapidly and know that our historic strength in the corporate space can be replicated in the midmarket and SMB segments with the appropriate partners on board.” Computer Associates recently invigorated its Middle East management team with a slew of new appointments and is already working hard to build up an indirect channel-to-market that will allow it to develop sales of its security solutions. While major vendors are expanding their security product portfolio to incorporate gateways, firewalls and intrusion prevention and detection solutions, NOD32 is positioning itself as a pure anti-virus vendor. “Partners need to find products that differentiate themselves from the competition,” explains Neo Nephytou, director at ADAOX. “NOD32 is the new kid on the block with some excellent performance standards. Our number one objective today is not to displace other anti-virus vendors, but to recruit partners across the region and ensure product availability.” “Having said that NOD32 has managed to replace some established vendors after we deployed an evaluation copy that picked up a number of Trojans that the existing anti-virus solution missed,” he added. Vendors are acutely aware that to cover the entire potential market they require a structured channel programme that reaches out to all customer segments. Typically, this involves building a one-tier channel with enterprise and high-end midmarket partners and using regional value-added distributors (VADs) to drive support and sales through the volume channel into the SMB, SOHO and end-user segments. “McAfee has two VADs: Mindware and Aptec,” explains Kwisthout. “In the volume side of the business these two companies provide payment facilities, logistics and ensure that orders are placed properly. Volume products can cover licences and even entry-level appliances. VADs also have a project management role to play when it comes to solution selling in areas such as intrusion prevention, risk vulnerability assessment and high-end gateway solutions. When a partner asks for help on a complex project or demonstration units, VADs ensure the support is there.” It is a view shared by Vikram Suri, country manager Southern Gulf and Levant at Symantec: “Aptec plays a vital role as a VAD for Symantec. It is not just a case of them assisiting partners with prices and proposals, but it is also about them educating the channel on the products, the strategy and is some cases providing first level pre-sales assistance.” ||**||Value-add focus|~|Neo-NOD32W.gif|~|Neo Nephytou, director at ADAOX|~|As certain sectors of the security software market continue to commoditise, vendors are starting to scrutinise their VADs ability to genuinely add value, especially if the second tier resellers are attempting to do the same. “I have a distribution partner who is termed value-add, but if I am being honest, and no disrespect to them, I don’t know how much room there is for both a VAD and a value-added channel,” confesses Doo. “I’m moving more towards a mind where distribution focuses on pure fulfillment and logistics and the value-add comes from the channel. Security products need to be proactively positioned, sold and installed and that really comes from the value-added resellers.” For VADs, the secret is to stay ahead of the curve and understand where they should employ their volume skills and where that should employ their value skills. The difficult part is knowing how and when to switch a product being distributed as a value play to a volume play. With so many vendors chasing the various strands of the security software market, competent resellers with a decent customer base are in demand. This has created a position whereby vendors have to put a decent partner proposition on the table in order to stand a chance of recruiting the channel they crave. Positioning the offering in a relevant manner is a critical channel skill. “If you are talking to the finance director at a reseller, it is all about margin and how many extra points we can give,” says Doo. “If you talk to support it requires explanation of how the product goes in easily, rarely requires assistance and has a low service requirement. Sales guys want a product that is not being sold by too many partners.” “Trust and transparency are vital between the vendor and the partners,” explains Suri. “Back-end rebate schemes can work very well but you need to be sure that partners are not eroding their normal profit levels and using the rebates to subsidise their margins.” Trend Micro has spent several months building up its Middle East SMB channel and now has some 60 resellers signed on with another 100 in the pipeline for evaluation. Getting enough resellers to cover the market without creating internal channel conflict remains a challenge. “There is a fine line between having too few resellers and having too many,” admits Doo. “I base it on channel disturbance. When I start getting feedback from partners saying there’s a reseller giving away his margin to steal business, I know the channel is losing its value-add.” Once vendors have perfected their channel pitch, they then need to ensure that is being heard by partners across the Middle East and not just picking out the low hanging reseller fruit in markets such as the UAE where channel building is a comparatively simple task. McAfee wants at least one ElitePartner — its top-level channel classification — per country in the Middle East. The vendor also believes that strong local support is an imperative and is looking to put staff in Riyadh and Jeddah to bulk up its offering in Saudi Arabia. Building up its presence in the Kingdom is also one of Symantec’s top three priorities for the year ahead. “Being able to resource Saudi Arabia in the current climate is a major task for Symantec,” says Isaac. “We need to accept that customers and partners in the Kingdom need local support and that it is difficult for us to provide this as a global company. Everyone dances around this issue, but we need to face it and help meet the needs of partners and customers.” ||**||Reseller knowledge|~|Suri,-Vikram-----SYMANTEC--.gif|~|Vikram Suri, country manager Southern Gulf and Levant at Symantec|~|Partner training is another top priority for Symantec with end user education on the major issues they are likely to encounter in the IT security space also ranking high on the agenda. For all security software vendors, the message to customers is clear: security software is vital to information security and should be viewed as a strategic business investment. Increasingly, this means bypassing the IT department and pitching products to executives based on the business benefits solutions deliver as opposed to their technical prowess. “Customers need to understand that being partially secure is as good as being not secure at all,” adds Kwisthout. “The amount of attacks is increasing, the speed of propagation is climbing exponentially and the sophistication level is extremely high.” Security software offers resellers the opportunity to become trusted suppliers to their customer base. The point that needs to be stressed is that IT security is categorically not a one-off point sale for resellers. Customers want partners that can advise them and help to evolve their security systems as new threats develop. Not every reseller is cut out for that type of relationship according to Doo: “It depends on the mindset of the reseller and the individual salesperson. You have ‘hunters’ that are great at kicking down doors but terrible at maintaining business relationships. Others could be ‘farmers’ capable of growing relationships and managing accounts but slower at closing new business than the ‘hunters’. We like to work with ‘farmers’ but in the SMB space it needs to be a fairly rapid transaction.” IT security now encompasses software, hardware and services. Pretty much every solution being offered to customers can have an IT security component incorporated into it. That means resellers selling hardware into the SMB sector have the potential to upsell security and carve out a new business niche. The boundary between security hardware and software is blurring with vendors now producing gateway devices that sit on the network. New channel opportunities are springing up daily. A new breed of partners delivering security solutions as a managed service is also required. Some resellers have started to make the transition already, but major vendors are adamant that there is room for many more to realise the untapped potential that already exists within their business model to add security solutions. This opportunity involves much more than adding a few extra products to the portfolio. Moving into security software can radically redefine customers’ perception of their supplier. If a reseller is supplying printers and PCs the only real differentiator is price. Customers perceive little value-add and will happily chop and change their supplier if it means a cheaper deal. Security software gives resellers the opportunity to turn themselves into trusted suppliers to their customers. Those that develop the potential to consult, explain how the solutions are evolving and provide genuine value-added services are laying the foundations for long-term business relationships. Security software is not for everyone. But those channel players that refuse pointblank to even consider this market segment may live to rue their shortsightedness in years to come. ||**||

Add a Comment

Your display name This field is mandatory

Your e-mail address This field is mandatory (Your e-mail address won't be published)

Security code