… organizations looking to automate a growing number of security processes, and that will be another opportunity for partners to provide value — namely by hand-holding customers on the road to security automation.”
|The CSP Opportunity: Modern cloud service and security providers are part ISP, part MSP, part consultant — and very profitable. Our half-day workshop will teach you the technical, security and business strategies to succeed in this lucrative market. Check out our speaker lineup!|
Under the CSP program, Sophos partners can gain the expertise to help customers secure their cloud workloads, critical since it’s a dangerous mistake to think that deploying a service in the cloud moves liability to the provider. Under the Microsoft and Amazon shared-responsibility models, the customer remains accountable for securing the virtual machine, OS, application and data, as well as firewalls, encryption and access management. Sophos will work with CSP partners to sort out what they need to focus on. It will also help maximize revenues from bring-your-own-license (BYOL) deployment options, where customers shift existing Sophos UTM licenses into the AWS or Azure cloud. Customers may also use a pay-as-you-go model.
“To ensure we are protecting partners that are in the Cloud Security Provider program referring customers to marketplace, we automatically give BYOL deal registration for to them in case the customer wants to move to BYOL,” says Krause.
Additional Cloud Security Provider benefits include increased partner margins through rebates when customers buy Sophos products that are available in the Azure and AWS cloud marketplaces; sales and pipeline lead generation from Sophos; free and pay-as-you-go product trials; training and support from Sophos Security Architects who specialize in cloud security and migration; and enhanced lead sharing for partners certified at the Expert level based on these partners’ ability to provide pre- and post-sales support as customers deploy, run and manage applications in Azure or AWS.
While the Sophos program seems designed with parthers in mind, that’s not always the case.
“You’re going to see some cautionary tales,” says GlobalData’s Parizo. “Palo Alto Networks, for instance, announced its GlobalProtect cloud service earlier this year, but offered very little detail on how it’s enabling partners to succeed with it.” He says partners need to scrutinize the enablement angle of emerging cloud-based security solutions.
“Security vendors will inhibit their own success if they don’t have those programs at least partially baked out as they introduce the new cloud-based offerings to the market,” he says.
At least one partner is on record saying Sophos has done its enablement homework.
“The new specialized training, certification and revenue return is all channel-focused,” said Kevin Clements, chief technology officer at Sophos partner SHI International. “Sophos has succeeded in striking the right balance of advancing security into the public cloud and making channel partners a priority.”
Krause says that focus is by design: Sophos has “a select group of partners” that helped design this program, and all of them will join immediately.
“We expect a steady growth over time as more partners expand their service offerings into the public cloud,” she says. “Gartner predicts that by 2020, a corporate ‘no cloud’ policy will be as rare as a ‘no internet’ policy is today. As all of these customers move their infrastructures to the public cloud, our partners will need to help ensure that they are secure.”