NEW YORK -- Carrier Network Security Strategies -- Security-as-a-service may need a better moniker (ahem, SECaaS), but if it makes money for service providers, does that really matter?
In a panel moderated by Heavy Reading Chief Analyst Patrick Donegan at the Carrier Network Security Strategies event, executives from Telefónica , Wedge Networks and Intel Corp. (Nasdaq: INTC) examined the opportunities for monetizing security services, and all agreed that there's a sweet spot for sales in the small to midsized business market.
"I would say, just given our history, certainly the small to medium businesses are the best opportunity," said James Hamilton, CEO of Wedge Networks. "And to be able to go to them and say we're going to be able to offer you an extension of this broadband … security [as an add-on service] I think has resonated the most."
Hamilton also explained why SMB customers are more attractive when it comes to security services than other parts of the market.
Large enterprises already address security in house, and that means anything a service provider can offer would only be at a level of augmenting technology and processes already in place. At the other end of the spectrum, there might be some opportunity to sell security services to consumers, but that type of offering would have to be packaged just right, and the model (beyond free antivirus software) isn't well proven yet.
In the SMB market, however, security is something companies need, and, at some level, something they're willing to pay for.
For service providers, the other advantage to the SMB market is the opportunity for standardization. That's true from a technology perspective, but also from an operational perspective. Where large enterprises need customization, the end-to-end process with smaller companies can be refined and then replicated. As Luis Francisco Gonzalez, the head of marketing for part of Telefonica's Global B2B Security business characterized it, that standardization includes everything along the customer journey from the initial marketing of a service, to collecting feedback, and even to helping a customer exit the service if they decide to try another solution.
All of the executives on the panel also highlighted the same reason that security-as-a-service makes sense in the SMB market now. When a service is delivered over software versus proprietary hardware, it's suddenly feasible to offer a try-before-you-buy model -- something the SMB market often requires. With a free trial, customers can see the value of a security service before having to invest any money.
The issue of virtualization also came up with regard to a new possible entry point in the SMB sales process. Bob Ghaffari, director for the Data Center/Network Platforms Group at Intel, noted that service providers now have an opportunity to experiment with virtual CPE offerings, and once a proprietary piece of hardware is subtracted from the customer premises, that opens the door to a discussion of introducing a new software-based security service.
"You're taking a look at an entry point where you're sort of consolidating functions on a standard piece of hardware," said Ghaffari, "and you basically are in a way de-risking the different elements in a small/medium business from having a separate router."
In the near term, the most compelling security application for SMB companies is the virtual firewall. However, Wedge Networks' Hamilton also pointed out that URL filtering has appeal. If security as a service takes off, those applications are likely where the SMB market will spend its money. And it's where service providers should place their early bets.
— Mari Silbey, Senior Editor, Cable/Video, Light Reading