ChannelTrends: Are Your Customers Properly Protected on Cyber Monday?

On the Monday after Thanksgiving, also known as Cyber Monday, online retailers offer deep discounts to attract customers. The number of online transactions completed today may not top the brick-and-mortar retail sales of Black Friday, but that gap continues to close with each passing year. A growing number of consumers are choosing the Internet over the annual trek to the mall, preferring the comfort of shopping from their own home or office over the hustle and bustle of the mall and other stores. According to the digital analytics organization comStore, American consumers will click their way to more than $1.5 billion in online purchases today.

While that figure pales in comparison to the total Black Friday sales of more than $59.1 billion, according to the National Retail Federation (NRF), it means that approximately 129.2 million Americans will make purchases online today. That's represents 5 percent growth over 2011 and almost 17 percent from 2010. Not only are consumers increasingly comfortable with online transactions, a startling number of them are using smartphones and other mobile devices to do it - from 3.6 million in 2009 to an expected 20.4 million in 2012.

That shift in retail sales should serve as a signal to solution providers, and not just those that support businesses that sell their products and services online. Regardless of industry, a company's employees are likely sharing personal information online or accessing websites that require a secure network to safely and effectively conduct business and personal transactions. Unrestricted Internet access, which used to be seen as a privilege for employees, has become a right in many organizations, and these companies expect their solution providers to design, implement and support a robust and secure system to meet that need.

With the growth of bring-your-own-device (BYOD) and mobile device management (MDM), the task of keeping devices and networks secure isn't getting easier, but it is creating more opportunity for properly prepared IT professionals. For retailers, Cyber Monday underscores the value of a solution provider that understands the fundamental standards of payment card industry compliance. Cyber Monday should also serve to remind IT channel organizations of how far the industry has come in just the past five years in introducing a variety of innovative solutions and initiatives that have skillfully addressed the continually escalating security demands of Web-centric organizations.

In order to excel in a specific area or with a particular technology, professionals typically undertake rigorous training to hone their skills and knowledge related to that topic. They also pursue certifications and accreditations to ensure they're following industry best practices and have a comprehensive understanding of the latest threats and opportunities they and their customers face. To get from good to great, professionals often push the limits of their field, but only after mastering the essentials.

IT security is no different, as solution providers strive to master the fundamentals of protecting their clients' wired and wireless networks, computers and mobile devices, as well as the scores of data contained within them. With cases of identity theft and industrial espionage rising, VARs and MSPs have to address a variety of new threats facing their customers. The conundrum here is tightening down system protection and safeguards while providing greater remote access to their employees and customers. Mobility challenges add more layers of complexity to the equation, as companies allow workers to use their own devices and applications in the previously well-controlled work environment.

Cyber Monday highlights the challenge that solution providers face in balancing employees' access demands with the infrastructure and data security needed to protect clients' business data. This challenge shows the value of a CompTIA Security Trustmark, as more VARs and MSPs look to validate and promote their abilities in this field. With two endorsement levels, associate and verified, this business accreditation was designed to identify solution providers that consistently follow security best practices, recognize and address regulatory compliance gaps, and help their clients develop proper security policies, processes and long-term protection plans. It's a comprehensive program, covering a multitude of business-critical areas, including:

  • Business security policy.
  • Business continuity plan.
  • Access management.
  • Incident management.
  • Security awareness and training.
  • Data protection.
  • Technical infrastructure.
  • Physical and environmental security.
  • Regulatory and industry compliance.

Retail security issues are just the tip of the iceberg, which is why the CompTIA IT Security Community, a collaborative peer group that was instrumental in the design and launch of the Security Trustmark, is focused on increasing the training options and standards for channel organizations, as well as improving security industry ethics and proficiencies. If you're interested in learning more about the group or would like to join the discussion, contact community director Corey Simpson at CSimpson@comptia.org.

Brian Sherman is founder of Tech Success Communications, specializing in editorial content and consulting for the IT channel. His previous roles include chief editor at Business Solutions magazine and senior director of industry alliances with Autotask. Contact Brian at Bsherman@techsuccesscommunications.com.

About the Author