How To Harness Compliance To Boost And Differentiate Security Solutions

Solution providers should be highlighting compliance as a way to elevate their security offerings in an increasingly crowded market, Compliancy Group’s Paul Redding tells an audience of solution providers at XChange 2022.

Solution providers should be showing off their compliance certifications to elevate and differentiate their security offerings in an increasingly crowded market.

That’s according to Paul Redding, vice president of partner engagement and cybersecurity for Compliancy Group, a company that developed compliance tracking software for small- and midsize-business owners and solution providers.

Redding, himself a former owner of an MSP business, said that he fell into the trap of telling customers that he had better tools compared with his competition without providing any other differentiation.

“When I used to sell technology, I used to go in and say, ‘I’m a smart guy that’s bringing enterprise technology to the small-business sector. But I sounded like Charlie Brown’s teacher. The client doesn’t respect it, and they don’t understand it,” Redding told solution providers at CRN parent The Channel Company’s XChange 2022 event Monday.

[Related: Security Assessments Can Shift Clients From ‘Basic’ To ‘Advanced’ Security Stack]

Many solution provider serve health-care organizations, which are beholden to HIPAA regulations. But health care is broader than many realize, he said, as businesses that also serve or interact with health-care organizations, such as financial firms or manufacturers, are also subject to HIPAA rules.

“Why target health care? Because it’s 5 million small businesses that make up about 30 percent of the economy,” he said.

The health-care segment is also comprised of mostly privately held organizations that don’t have advanced security in place, and they need partners because hackers know that, Redding added. “It’s also the most attacked segment,” he said.

Compliancy Group’s product is called The Guard, HIPAA compliance software that gives partners what they need to achieve, illustrate and maintain compliance through assessments and employee trainings. The company is now working on offerings to address Payment Card Industry and Canada’s Protection of Personal Information Act with an offering for the European Union’s General Data Protection Regulations soon to follow, Redding said.

The Guard can validate partners and their end customers’ good faith effort that they are following HIPAA laws and issue a seal of compliance. “Think of it like QuickBooks for HIPAA,” he said.

DataNet Systems, an Austin, Texas-based solution provider serving up cloud and managed IT to small and midsize businesses, has “moved away” from the medical vertical but still has several health-care customers. The idea of using compliance as a way to further differentiate the business is “inspiring” to Kevin Keck, owner of DataNet Systems.

“I love that idea and being able to offer more than just HIPAA is what we’re trying to get into,” Keck said.

“If you have just one client on the HIPAA bus, you’re in health care too,” Redding told solution providers.