The growing drumbeat of charges that the Trump campaign colluded with Russia aren’t helping Kaspersky Lab, which faces ongoing allegations that it’s complicit with Kremlin foreign intelligence and espionage operations (see Larry Walsh’s take on that here).
A new round of publicity from Bloomberg this week, along with confirmation Tuesday to Politico that the General Services Administration has removed Kaspersky from the approved list of vendors for two government-wide purchasing contracts, added fuel and pushed the controversy into the mainstream media. A fairly sensationalized report by ABC, complete with a sweeping drone’s eye view of the company’s U.S. headquarters and a shot of CEO Eugene Kaspersky standing near Vladimir Putin, may well have caught customers’ attention.
Kaspersky strongly denies any wrongdoing, saying that “Kaspersky Lab, and its executives, do not have inappropriate ties with any government.”
How should you respond if asked about the matter?
First, note that Kaspersky Lab has technology partnering agreements with more than 120 providers, including AWS, Cisco, Juniper, Microsoft and dozens of security firms that license the antivirus SDK. It’s not a simple matter of swapping in a new AV system.
From a purely technology perspective, Kaspersky products have historically performed well in terms of endpoint antimalware efficacy and have been used around the world for years with few issues.
“I advise resellers to stay the course,” says Eric Parizo, senior analyst focusing on enterprise security with analysis firm GlobalData. “Eugene Kaspersky simply could not have built and sustained such a successful company, and one highly regarded within the global cybersecurity community, by serving as a close ally of the Russian government.”
Parizo advises partners to remind customers that the caliber of the products, and the employees making and supporting them, remain unchanged despite the negative publicity.
“The Kaspersky GSA delisting is an overreaction caused by a Washington government and media landscape that is hyperfocused on any individual or entity with ties to Russia,” he adds.
Platte River Networks saw a similar politically motivated uproar earlier this year.
Kaspersky is moving ahead with product news. This week it released a new version of its Endpoint Security Cloud, a multi-tenant console for partners and MSPs overseeing customer cloud infrastructures remotely. The new release includes support for Macs and additional automation and management capabilities. Customers who still think Macs are immune to malware are wrong; last year, Kaspersky Lab detected 11.8 million attacks, including MacOS-specific malware, OS-agnostic phishing and man-in-the-middle attacks that affect Apple users. For MSPs, there’s improved billing and reporting and integration with ConnectWise’s Manage and Automate tools.
This month Kaspersky also released a free open-source forensic tool, BitScout, that investigators can use to remotely collect evidence. It allows for full-disk-image acquisition, even with untrained staff, and provides other useful functions, like remote AV scanning and remediation of offline systems and network nodes.
Still, the drumbeat of criticism raises the question of how partners handle it when bad PR around suppliers reaches customers.
The No. 1 piece of advice from channel leaders: Don’t rush into a decision to weaken or break ties with a longtime supplier over what may end up being a short-term distraction. If the provider has good products, a profitable channel program with strong enablement tools and isn’t competing with a direct sales force, see how it handles the PR storm.
What to watch for:
Partners build customer relationships by solving problems, so Parizo suggests keeping an eye on the long-term findings while making the best of the situation.
“If anything, the short-term business disruption for Kaspersky presents an opportunity to potentially negotiate discounted licensing additions or renewals that customers should not hesitate to take advantage of,” he says.
The California Public Utilities Commission's statutory deadline is July 12. dlvr.it/RNsbY7
January 27 2020 @ 23:00:02 UTC