IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Making the transition from a reseller to a managed services provider

Garry Sidaway, SVP security strategy and alliances at NTT Security looks at how to make the jump between the two

Low angle view of chess pieces on a board with the sun behind them.

Cyber security is now hitting the consciousness of the majority of businesses. And, as more and more organisations embrace technologies to increase productivity and collaboration, a range of information security and risk management challenges are coming to the forefront. 

The focus now is for IT security providers to break down these barriers and deliver the necessary industry independence and separation to ensure that transparent information security enables organisations to embrace the changing business and social climate.  

VARs transferring from being a reseller to a services focused provider offering managed security solutions is absolutely key here. This requires a focus on the business issues and a holistic approach to technology along with a clear understanding of a resilient cyber defence architecture and the services to implement each aspect.

VARs typically have a narrow focus on a limited number of technologies where their expertise is deep but not broad. A services-focused company on the other hand has to make the transition to encompassing a broad and deep understanding of the business challenges just as much as the technologies.  

Here are a few essential steps for resellers shifting to service centricity:  

Security device management to services risk management

The key to transformation is to deliver solutions that deliver an actionable and holistic view of business risk. VARs need to grow and expand their offerings, and move away from limited technology decisions as well as the health and availability of a device. Most customers, for example, do not want alerts on the health of a router but they do care about the risk to the service. Essentially, customers want an end-to-end view of risk to their services and to their business. 

Well-defined managed and professional services

Resellers need to clearly define the services and practices that do not currently form part of their portfolio. These services should be global and cover all aspects of a resilient cyber defence architecture. Each should also provide repeatable business with either direct managed security services or blended services, mixing capabilities across the two service areas.

Resellers must also drive a customer centric approach by combining client facing functions. The service desk must combine separate functions to ensure an end-to-end service from procurement of the service or technology through to management and decommissioning. Finally, they should also implement business reports showing the value of the services and align to industry and compliance standards, ensuring the information provided enables the business to make informed decisions.  

Transformational agile business solutions

In order to provide transformational and agile services, VARs have to build a global brand that encompasses leading edge services with trusted advisors that not only their clients recognise but the industry too. Then, to expand and deliver against this model, an agreed methodology of delivery must be defined to deliver business value and a consistent engagement with clients.

In addition, they should also provide customised bespoke services that meet the changing demands of clients and respond quickly to market drivers that may be outside of information security, yet impact the overall business. Cloud and consumerisation are such drivers – these require engagement with the business as well as an agile approach to provide services that may not become mainstream.  

Essentially, service providers must give organisations access to:

  • Constant threat analysis and risk profiling
  • Greater security expertise
  • Faster user provisioning
  • Outsourcing of administrative tasks such as log management
  • A web interface that allows governance of the security environment and ongoing activities
  • Separation of duties through a strong governance model
  • Security architected into the solution and not bolted on
  • Strong authentication, access and authorisation services
  • Data and information management to meet existing and new regulations 

Finally, we are also witnessing continued acquisition and consolidation in the cyber security market and this speaks to the importance of cyber defences in the modern business world.

Providers focused on a narrow technology base will find themselves isolated and unable to compete. Information security is seen as a niche area and the continued pressure to find the appropriate skills is forcing businesses to look for specialised and focused partners who they trust to make the right business decisions for them in terms of risk management and cyber defence.

For the VARs, this means they must become a part of the future of security and risk management – being forward thinking and positioned for the major growth role they can play in tomorrow’s digital economy.

Featured Resources

Activation playbook: Deliver data that powers impactful, game-changing campaigns

Bringing together data and technology to drive better business outcomes

Free Download

In unpredictable times, a data strategy is key

Data processes are crucial to guide decisions and drive business growth

Free Download

Achieving resiliency with Everything-as-a-Service (XAAS)

Transforming the enterprise IT landscape

Free Download

What is contextual analytics?

Creating more customer value in HR software applications

Free Download

Recommended

Google unveils new Assured Open Source Software service
open source

Google unveils new Assured Open Source Software service

18 May 2022
Malwarebytes hires new channel chief to lead MSP and partner network
Managed service provider (MSP)

Malwarebytes hires new channel chief to lead MSP and partner network

18 May 2022
Palo Alto and Deloitte to deliver managed security services in the US
Managed service provider (MSP)

Palo Alto and Deloitte to deliver managed security services in the US

17 May 2022
US and EU thrash out plans to avert chip production “subsidy race”
Hardware

US and EU thrash out plans to avert chip production “subsidy race”

17 May 2022

Most Popular

16 ways to speed up your laptop
Laptops

16 ways to speed up your laptop

13 May 2022
Preparing for the 3G sunset
Network & Internet

Preparing for the 3G sunset

18 May 2022
(ISC)2 launches free scheme to get 100,000 UK citizens into cyber security
Careers & training

(ISC)2 launches free scheme to get 100,000 UK citizens into cyber security

17 May 2022