Microsoft's Security Woes A Boon To Channel

As hackers and virus writers escalate their assault on Windows, solution providers, systems integrators and security consultants are the main beneficiaries of an increasing amount of services dollars companies are forking over to fight viruses and prevent network intrusions.

"Until you get hacked or until you get a worm or something that affects your company, [companies] don't think about putting funding to security," said Pat Grillo, president and CEO of Atrion Communications Resources, Branchburg, N.J. "We may be looking like we are losing the war, [but] it is a good thing, because it's going to actually free up the funds we need to do the job to start winning the war."

Spending on security services in North America is expected to hike to $6.3 billion in 2004, an increase of $1 billion from this year, according to Gartner. By 2006, the market-research firm expects security spending to reach $9 billion.

The outbreak of the MSBlast and SoBig.F viruses this summer was the proverbial last straw for many of Microsoft's enterprise customers. According to mi2G, a London-based security firm, SoBig.F was one of the most damaging viruses ever, causing about $35 billion in financial damage worldwide.

Microsoft recently revealed a plan to provide an enhanced, no-cost patch management service and new safety and application scanning features in Windows XP and Windows Server 2003 updates in 2004. But until those plans move from vaporware to reality, VARs can solidify their role as trusted advisers and dig deeper into customers' business processes, observers say.

"Vulnerabilities in Windows have been great for systems integrators and partners, who can show lots of value-add in deploying Windows securely," said John Pescatore, a vice president at Gartner. "If something goes wrong, generally they can blame Microsoft or the enterprise for not keeping up with patches."

Partners acknowledge that the crisis has generated additional services revenue, but the cleanup is time-consuming.

"We have been working overtime to resolve issues for our clients," said Scott Urbatsch, security specialist and engineer at Polar Systems, a Microsoft and Novell solution provider in Portland, Ore. "We are getting tired of the continual [Windows security] breaches,but we have been doing good business keeping on top of these various issues."

Eliot Sennet, president of ESI Enterprises, Newton, Mass., said his company is now deploying server update services to all its clients, which will ultimately reduce labor, but will take an average of about eight hours per client to deploy. "All our time for these services is billable, and legitimately so," he said.

Large systems integrators and services firms such as ASAP Software and Avanade are also seeing their security practices grow. One area customers are particularly interested in is server interrogation services, said Roger Moffat, senior director of product marketing at ASAP Software, Buffalo Grove, Ill.

Channel partners also see new opportunities and programs with vendors and third-party security ISVs including NetScreen Technologies, Check Point Software Technologies, Secure Computing, nCipher, SonicWall and Shavlik Technologies.

ITSynergy, a Microsoft solution provider, said the climate is ripe to upgrade customers to Windows Server 2003, Exchange 2003 and Outlook 2003, which have better protection features. "As far as how these [attacks] affect customers, the results are clear and easy to observe. It costs them money," said Michael Cocanower, president of Phoenix-based ITSynergy, noting that the damage is unavoidable because unprotected users are infecting secure sites. "Many of our customers have paid us for services over the past several weeks that they would have not had to pay for absent MSBlast."

Going forward, as Microsoft turns the Windows XP firewall on by default and shuts off other features, customers will increasingly rely on solution providers to help them select which features to turn on and off and which ports to keep open, observers add.

One security consultant advised solution providers to use the current climate to get deeper into their customers' software stack. "The crisis is both a burden and a benefit for solution providers," said Adam Lipson, president and CEO of Network & Security Technologies, a consulting firm in Pearl River, N.Y. "It's an opportunity for them to make money but, ultimately, solution providers are judged on their ability to help customers. It's an opportunity for them to get closer to their customers and understand their business better."

But the crisis has also opened up new avenues for Linux solution providers and those selling thin clients, observers note. The last round of Blaster-type vulnerabilities, for example, has slowed enterprise willingness to migrate to the Windows server and expose Active Directory on the extranet, they say.

"Our clients are using Linux as an e-mail filter/firewall for vulnerable Windows machines," said Chris Maresca, president of Olliance Group, Palo Alto, Calif. "There is a large and ongoing interest in replacing Windows altogether because of security issues."