Spectre And Meltdown: Rating The Vendors


There are a lot of lessons to be learned from the Spectre and Meltdown vulnerabilities, which sent trusted adviser channel partners into SWAT team mode to protect customers.

Channel support -- including technical resources and patching assistance -- backed up by strong partner communication is important in the best of times. But when you have the specter (pardon the pun) of threats like these they become the difference between customer satisfaction and customer chaos.

With that in mind, CRN polled its Channel Intelligence Council -- a panel of top North American solution providers -- on the financial impact of exploit remediation as well as how the top vendors in every segment of the market fared with regard to technical, patching, support services and partner communication. The vendors were rated on a scale of 1 to 5, with 1 rated as poor and 5 rated as excellent.

As with any IT crisis, the channel is the first line of defense. In this case, solution providers estimate that on average they have spent 637 man hours helping customers shut down the exploits. That comes at a price, with 46 percent expecting to absorb the costs of the mitigation themselves. In fact, some expect the threat mitigation effort to increase their sales, general and administrative expenses by as much as 15 percent.

Sponsored post

As for the vendor rankings, Google -- whose security researcher discovered the flaws and alerted Intel to the problem -- had the highest mean rating among vendors when CRN asked solution providers to rate vendors on how well they have responded to the Spectre and Meltdown threats. Google, of course, also led the cloud vendors with a mean score of 3.73, well ahead of Microsoft with its Azure platform with a mean score of 3.59 and Amazon Web Services with 3.46. For Google, which is staking out the enterprise high ground in the public cloud battle, the results are a major victory. For AWS, which is growing at a mind-boggling pace, the results show the company needs to double down on partner support, resources and communications.

In the hardware category, Cisco had the highest mean score at 3.66, followed by IBM at 3.58, HPE at 3.57 and Dell EMC at 3.56. At the bottom of the list were Apple with a 3.47 rating and NetApp with a 3.28 rating. On the operating system front, meanwhile, Red Hat, with its Linux-based support and assistance, bested Microsoft with a 3.72 mean rating compared with Microsoft's 3.66.

As for Intel, which is taking a leadership role coordinating an industry-wide response to the two vulnerabilities, the company bested AMD and ARM in the processor category with its response. Intel had a mean rating of 3.45 compared with 3.43 for AMD and 3.27 for ARM.

For my money, the big takeaway from the Spectre and Meltdown research is the need for all vendors to build strong teams with top-notch technical, support and communications specifically focused on partners. The vendors that make those investments are sure to be rewarded with high customer satisfaction scores in good times or bad times. Those that don't are destined for their own meltdown.

BACKTALK: What do you think of the response to Spectre and Meltdown? Contact at Steven Burke at [email protected].