IGI CyberLabs, makers of the Nodeware vulnerability management solution, has entered into a three-way partnership to help channel pros bring vehicle and boat dealers into compliance with heightened security requirements set to go into effect three months from now.
Under the recently completed agreement, KPA, a regulatory compliance consultancy, and Sensitive Data Protect (SDP), a provider of compliance management technology, will build Nodeware into solutions designed to meet new additions to the Federal Trade Commission’s Safeguards Rule requiring holders of consumer finance information to implement multi-faceted information security programs by December 9th.
The mandate, like the Safeguards Rule itself, applies chiefly to auto, truck, RV, and boat dealers that collect and store loan applications. The new guidelines state that acceptable security plans must include either an annual penetration test or the kind of continuous monitoring and management of vulnerabilities that Nodeware is designed to supply.
Failing to meet those requirements can have expensive consequences for businesses covered by the law, according to Frank Raimondi, Nodeware’s vice president of channel development, who spoke with ChannelPro during this week’s SMB Forum event in Washington D.C. “The fines are hugely significant, because it’s per incident,” he said. “If you’re doing 10 loans a day, each of those loans is an incident of non-compliance.”
Implementing security programs designed by KPA and based on software from SDP and Nodeware is an opportunity for MSPs, according to Raimondi.
“They’re not solution providers,” he says of KPA. “They’re not managed service providers. They kind of overlook the whole environment, and then they’ll bring in the particular pieces that will help [clients] be more compliant.”
IGI CyberLabs has been “doing a little matchmaking” between KPA and channel pros on specific projects, Raimondi adds. “They’re kind of coming to us and saying, ‘Hey, do you have an MSP in L.A., or do you have an MSP in wherever that they’ve got an auto dealership in need of their service?”
MSPs not assisting clients in relevant markets with the coming FTC requirements risk losing those accounts, Raimondi observes. “If any MSP’s got car dealer businesses today and they’re not at least talking to them about this, somebody else is going to be,” he says.
IGI CyberLabs is a wholly-owned subsidiary of Infinite Group Inc. dedicated exclusively to developing and marketing Nodeware. Integrations of the kind announced this week have been a priority for the company since its launch last June. Recent instances include agreements to supply vulnerability management data from Nodeware to cyber insurance provider Cowbell Cyber in March, breach prevention platform operator ThreatAdvice in April, and risk management vendor SecurityStudio in May.
In February, the company integrated Nodeware with SOCSoter’s MSP-focused cybersecurity offering to provide joint users of both offerings immediate assistance with vulnerabilities as they’re detected. IGI CyberLabs announced a deal last month to supply invoice data to Gradient MSP’s billing reconciliation solution via Gradient’s Synthesize integration hub as well. Gradient has an alerts management solution backed by Synthesize coming to market shortly.
“We’re one blade of a Swiss Army Knife,” says Raimondi of Nodeware’s emphasis on integration pacts. “We do one thing very specifically and we’re not interested in adding all the different tools.”
Channel pros can expect more integration deals in the near future, he adds, citing additional cyber insurance partnerships and additional agreements with vendors that help end users comply with regulations like HIPAA as possible examples.
