ORLANDO — It’s time for resellers to break the traditional business model when selling security solutions, according to top Computer Associates International Inc. executives.
The company is using its annual channel and user conference
to unveil eTrust 20/20, an enterprise security solution intended to help security managers pinpoint indications of security breaches. The solution will be offered on a new subscription basis.
At CA World’s Channel Symposium question and answer session Tuesday, resellers expressed their concerns to Sanjay Kumar, president and CEO of the Islandia,
N.Y.-based e-business management software vendor about whether the sale e-Trust on a subscription basis would mean it would only be sold direct and would shut out channel partners from building on security opportunities.
But Kumar said resellers will be able to sell on a subscription basis as well. “”As long as you keep them, you get an annuity and we get an annuity,”” he said, adding that security VARs will be able to gain additional revenue from services. That’s because for the first time, users will not be allowed to purchase a CA security solution without the services that are offered with it. The channel partner will “”make money as long as the customer continues to use it — it’s not a one-time shot,”” he added.
Customers don’t need to buy software all the time, Kumar said, which means it will be feasible for resellers to use the subscription sales model. “”They’re willing to work on a subscription basis, do shorter term deals,”” he said.
Pierre Desjarlais, vice-president and general director, eastern Canada for Compugen in Ville Mont-Royal, Que., told CDN Tuesday that he has no problem with the subscription model. “”I think the IT industry is going into a utility model,”” he said. “”It will have to go there. People will have to start to buy IT the same way they buy their other stuff.””
For example, said Desjarlais, people don’t care how every component within a telephone interacts with the other pieces, or how the buttons are set up.
“”What you want is a dialtone,”” he said. “”The same thing with IT. There will come one day that for each employee in a large corporation it’s going to cost so many dollars per month. You’re going to have your hardware, your software, your support and you’re going to have everything supported by a third party or outsourcers.
“”ETrust 20/20 seems to be going in that direction; you find the stuff, you’re using the stuff, you’re paying for the stuff for the time you use it, and when you finish, you finish.””
Barry Keyes, vice-president of brand management for eTrust, said the Enterprise Service Provider program at CA will provide a way to train resellers and to contribute their technical expertise when CA can’t. “”We can provide some level of security knowledge,”” said Keyes. “”But when you integrate (security solutions) into the fabric of the enterprise, you need somebody that understands the business, understands the company’s policies, or can help create those policies — and that’s frequently a third party.””
At Kumar’s security keynote Monday, he said CA is trying to solve a “”very interesting problem that relates to concerns about privacy, intrusion and the rights of employers to look at information”” for monitoring purposes. Corporations have the right to monitor what goes on in their organizations — the problem is that sometimes it’s hard to figure out how much time spent monitoring Web browsing logs is too much.
“”We think there is a better way for companies to pick up abnormal behaviour,”” he said.
The eTrust solution offers a visual “”playback”” functionality which provides analysis and documentation capabilities. It also has five different visualization schemes, including a simpler iconic view and a more complex view where the user can “”walk through the building,”” Kumar said.
Once integrated with existing physical and IT systems, including audit logs, badge readers and human resource applications, the solution provides visualization of each individual’s access of physical facilities and information systems, along with time stamps. It also displays where access is authorized for the individual.