Page 7 of 9
Blame it on TJX and Hannaford. While security policy compliance and auditing are still in their infancy as niche technologies, significant growth is expected as customers aim to avoid becoming the next data breach victim.
Across the board, partners said that compliance and auditing products and services have become increasingly important to customers as regulatory compliance deadlines loom and data breaches become an everyday occurrence in the headlines. About 40 percent of partners responding to the survey said compliance and auditing tools are one of the top products fueling sales, placing it sixth on the list of technologies currently offered by the channel.
And partners say that number could grow. Nearly 13 percent of partners surveyed said that they plan to add security compliance and auditing tools to their portfolio of offerings within the next 18 months, making it the second most popular technology area the channel plans to enter in the near future.
A possible reason for this upward growth trend in security compliance could be that more auditing tools are already baked into myriad security products.
"Most of this is being fueled by the appliances that are doing more integration with [Microsoft's] Active Directory. It's made it easier for us to be able to hook in everybody in the company," said Roy Miehe, CEO of AA Antivirus, a security VAR based in Campbell, Calif.
Miehe said that despite impending compliance deadlines, he hasn't seen a high interest in compliance tools from customers.
Other partners echoed the idea that demand for auditing and compliance tools has actually waned, despite the rash of data breaches in the headlines and the abundance of regulatory compliance deadlines—an assertion corroborated by the fact that just 11 percent said they view compliance and auditing as the fastest-growing technology area. And of the security products on the market, only 13 percent of partners say that security compliance and auditing are currently their most profitable offering.
One partner said that lag could be due, in part, to a growing awareness from customers who are already finding ways to meet their compliance objectives.
"A couple years ago, it was scaring a lot of people. The knowledge wasn't there, the deadlines were looming but they didn't know what compliance meant," said Eric Anderson, CTO of Netanium Network Security Inc., an information security consulting partner based in North Chelmsford, Mass. "They now know what their deadlines are. They know what they have to do to meet them. A lot of the craziness has subsided. There's not as much kneejerk."
Meanwhile, partners also maintain that the modest statistics could likely change in the near future as security threats become more sophisticated and target a wider array of market segments. "There's no doubt in my mind, the companies are going to have to start spending money," Miehe said. "The hackers out there, the virus writers and malware writers have gotten so good—they can sneak it through e-mail and an open port and get it to you."