Current threats and initiatives represent real diversification opportunities for the dealer channel virtually everywhere.
As businesses and other organizations become more attuned to cybersecurity and other security related issues, some are turning to traditional imaging dealers for products, solutions, and services that help mitigate risks and protect assets and people.
While medical, government, and finance verticals have a vested interest in data security and represent lucrative target markets, SMBs can’t be overlooked any longer as they remain as much at risk, if not more so, than any large enterprise. Unlike an enterprise, which typically has the financial resources to overcome a ransomware attack, an SMB is more vulnerable.
A 2017 study commissioned by Malwarebytes, a maker of antivirus software, and conducted by Osterman Research, found that 22% of small businesses went out of business after a ransomware attack. For those who didn’t, the survey found that 15% lost revenue because their systems and data was locked by ransomware, while one in six companies experienced downtime in excess of 25 hours with some reporting their systems were down for more than 100 hours because of an attack.
Who better than a channel that specializes in selling and servicing SMBs to address their security concerns?
Brett Hunt, director, core software development with HP Inc., makes a case as to why dealers should lead with security.
“Security gives you a new, clear value proposition to share with the client and positions you as a trusted advisor that understands their issues,” said Hunt.
“Security is not an option, it’s an obligation,” added Hunt’s colleague, Ed Wingate, vice president and general manager at JetAdvantage Solutions. “This is the message we communicate to end users whether it’s a large enterprise or the mid-market that we reach through our channel partners.”
Securing the Network
Marco in St. Cloud, Minnesota, has seen its IT security offerings evolve from managed firewalls to multi-factor authentication, event correlation and management, device monitoring, baselining, third-party patching, and patch management. Interest has been driven by emerging industry standards and regulatory changes within the financial, healthcare, and energy markets over the past five years, as well as growing awareness around security in businesses of all sizes.
“Unfortunately, security is often retroactive when it really needs to be proactive,” emphasized Mike Burgard, Marco’s director of strategic operations.
Marco’s proactive approach to security involves educating its IT customers monthly about the latest security threats via five-minute videos””a standard component of Marco’s managed IT offerings.
With its ever-expanding national footprint, Marco has found it more effective to segment its data security offerings by vertical market rather than by geography.
For example, dedicated teams cater to financial and/or healthcare customers, who typically have different security needs than customers in non-regulated industries.
“We have engineers who get into the groove of understanding those [regulated] markets, which makes us more efficient in helping them maintain regulatory compliance,” said Burgard.
Dealers love the recurring revenue model and that model jibes well with security offerings in the managed services segment. Here, one finds recurring revenue around multi-factor authentication, device monitoring, and event correlation and management. Under the recurring model, pricing is often per user because, as Burgard explained, it’s easier for customers to understand, track, manage, and maintain, and it’s easier for Marco to do the same.
Other pricing models are based on the amount of data, the size of the data, or the number of end points.
Standard Time
Remember CBS’ “60 Minutes” segment in 2010 about data discovered on hard drives of discarded MFPs? That story spurred the imaging industry into action, with OEMs moving to encrypt hard drives, overwrite, and implement other methods to protect end-user information while they still own the MFP and at the end of the lease, all which have since become commonplace across the industry.
As security within the device becomes commonplace and increasingly sophisticated, OEMs are considering the impact on the end customer as they develop new security solutions.
“When you implement a security solution it has to be done in a way that limits disruption to the workflow within the office,” maintained Kristen Goldberg, director marketing and product planning, Canon U.S.A. “You don’t want to implement a solution that will hinder your workflow and your day-to-day operation.”
Canon’s approach to security is twofold. First, developing technology where securing information is the underlying focus.
“At Canon, we don’t think security is an option,” said Goldberg. “It has to be built into the technology of the device.”
For example, the current Canon imageRUNNER Advance platform is equipped with a host of standard security features around device-based authentication, access control, and data, network, and document security. Those features are consistent across the platform so end users needn’t be concerned about different devices and departments within the organization having different levels of security.
Second, Canon’s mission is to integrate with the organization’s existing infrastructure and security policies to monitor activities.
“The MFP is only one component of their infrastructure that [customers] need to monitor,” said Goldberg. “We want to build technology that doesn’t disrupt but easily speaks to and integrates with [a user’s] existing system. Ultimately, our goal is to support our dealers and customers to build and configure systems and implement solutions that create an environment to help promote information security in a way that’s seamless and transparent to their normal business operations.”
Toshiba America Business Solutions (TABS) isn’t shy about touting its security initiatives either. As with other OEMs, Toshiba offers a host of security features standard, specifically around access to the device and securing the documents that are printed, copied, or scanned.
According to Joe Contreras, vice president product and solutions marketing at Toshiba America Business Solutions, security offers dealers a compelling talk track when meeting with customers and prospects, even those who are not proactively seeking security solutions.
“It’s about making customers aware,” he said. “That conversation is happening more frequently and is one of the things dealer sales reps have to talk about to show they’re in the game.”
Contreras is on the same page as his peers in acknowledging that security is no longer an option, which is why so many security features are now standard, as well as options that further enhance security around the device and the document such as document output management solutions from the likes of Papercut, for example.
“The add-ons come in to play with software like secure document management or workflow, or the secure output management that gives you the flexibility to [provide security] across multiple devices,” he said. “That’s where incremental costs come into play and with [these] value-added solutions, a dealer can turn security into a revenue opportunity.”
Security in the Cloud
Canon’s focus on security extends beyond the device into its software and solutions business.
“Imaging is part of our core business and security has always been a byproduct of that, whether it’s information coming or going into the device,” noted Mike Betsko, director, solution sales and marketing at Canon.
Betsko sees the cloud becoming a key focal point for Canon as its adoption rate continues to rise. That adds another dynamic to security and information management because now one has to demystify the challenges of having their data secure outside one’s physical environment. Toward that end, Canon has taken its flagship solutions such as Uniflow and Therefore and rebuilt them from the ground up to better fit into a private cloud infrastructure and secured those with the Microsoft Azure platform.
In addition, Canon is working with alliance partners who specialize in cloud solutions. One of those is Box, a cloud content management platform. Canon also has an exclusive relationship with mxHero, a cloud-based email storage solution that provides email security, particularly for organizations that send and receive sensitive attachments with their emails.
Betsko views Box and mxHero, which are cloud-based and subscription-based offerings as natural extensions for the dealer, allowing them to sell more than just a box while solidifying their relationships with their customers.
Risky Business of Hard Copy Documents
With all the emphasis on digital security, Stacey Leidwinger, vice president of product, Imaging Division, at Nuance Document Imaging, is determined not to let anyone forget that hard copy documents should still be included in the security discussion.
“People are spending a lot of time and money locking down their digital assets and they’ve completely forgotten about what’s printed,” emphasized Leidwinger. “It’s still an afterthought and what we’re seeing is that afterthought is no longer acceptable.”
She cites various studies that support her comments, including a survey that found, on average, 24% of office workers have left printed documents that could potentially contain sensitive information sitting in a printer or an MFP’s output tray.
But does this really matter?
“Yes, because violations and fines are hitting some of those breaches,” responded Leidwinger.
“Massachusetts General Hospital was fined over $1 million because they had patient records in the printer tray during an audit.”
What’s key, in her opinion, is for dealers to change the conversation.
“It’s not just about print savings and efficiency savings around workflow,” said Leidwinger. “It’s around compliance needs, preventing the next security audit or risk, as well as making sure you’re reducing the overall risk in the organization.”
Raising the Bar
No company has done more to raise awareness around data security of late than HP Inc., particularly with its series of “Wolf” videos featuring the actor Christian Slater.
When we spoke with HP in December, the company was beta testing a security tool called Quick Assess. This free software can be installed on a customer’s network to evaluate up to 58 HP devices against HP’s recommended “Essential Security Configuration” policy. The purpose, according to Hunt is to demonstrate the importance of setting and maintaining specific security configurations on the device, in addition to embedded protections such as whitelisting. HP has identified 15 settings that are most critical, such as shutting down ports and protocols not being used. The tool also provides partners with a list of which devices have the latest protections, which need a firmware upgrade, and which are targets for a hardware refresh.
HP has also developed a Print Security Sales Action Plan to educate channel partners about security and to build upon the learning from the security certification training.
“The idea is to take the expertise you gained and translate that into a step-by-step guide focused on incremental sales across hardware, sales, and professional services,” explained Hunt.
Another initiative is HP’s SMB Print Security Assessment, an online security questionnaire for evaluating a customer’s overall security environment, not just around print, and providing recommendations to alleviate risks. The intent is to simplify the discussion around security.
“Partners say these tools allow them to have a conversation with their clients and prospective clients outside the normal product refresh cycle, so it’s an opportunity to interrupt that normal cycle with a consultative sales motion,” noted Hunt. “It also drives the conversation beyond price, provides an opportunity to sell high-margin security services, and positions the dealership as an innovator and trusted advisor.”
More Than a Trend
There is no rest for the leery when it comes to security. No matter what aspect of security we’re discussing””device, network, or physical””the challenge is staying one step ahead of the threats. And for dealers still looking at ways to diversify, security is one solution.
“Security is the next wave,” observed Canon’s Betsko.
He compares what’s happening in the security realm to the analog-to-digital transition and connecting devices to the network, two developments that dealers would eventually conquer.
“Dealers didn’t have those skill sets [initially], it took a while,” he recalled. “Fast forward 10 years, pretty much everybody had a mastery of that part of the business. And then in the next wave, the software part of the business [emerged]. And you had to build a mastery there. Fast-forward to today and security-as-a-service is the next wave that dealers are faced with. There’s no doubt in my mind that they will conquer that as well.”
Security’s Impact on Software Development
The software industry continues to step up in the wake of all these cyberthreats. It doesn’t matter what segment of the software space we’re talking about, whether it’s print management, document management, ECM, or even software for the production print space, security has moved to the forefront of product development.
Take Rochester Software Associates (RSA), for example. Customers and prospects are asking them to run security audits against its various software offerings to look for vulnerabilities. According to Tim Kelly, senior vice president, requests for security audits have exploded during the past two years. Many are coming from in-plants and financial, insurance, and healthcare institutions. RSA now runs these audits all the time to mitigate access points.
“More customers are asking about it and it’s not uncommon in a competitive situation that we’ve found we’re the last one standing because we’ve invested so much into security,” revealed Kelly.
Running security audits is a time-consuming and costly process, which is why not every software vendor does it.
Nuance, with its many document capture and document tracking and management products, touts the value of its security options tied to hard copy documents. Stacey Leidwinger, vice president products, Imaging Division at Nuance, reported the company closely monitors what’s happening in the market and what new capabilities to bring to market to offset these challenges.
“When we look at features, it’s that balance of driving productivity while providing [adequate] security,” said Leidwinger. “It’s easy to lock things down, but you can’t impede business. It’s that balance we’re trying to strike as we think through some of our new product offerings and what we can bring to the market, not only around print and capture but also when we think about some of the document transformation we can do with our OCR engine and that redaction capability in PDFs and integrating PDF workflows with our capture workflows, which are becoming even more critical.”
She noted Nuance’s dealers and customers will see a heavier security emphasis around the entire portfolio, not just from a sales perspective but also from an integration perspective because security needs to be ingrained in an end-to-end process.
Access Related Content
Visit the www.thecannatareport.com. To become a subscriber, visit www.thecannatareport.com/register or contact cjcannata@cannatareport.com directly. Bulk subscription rates are also available.
