Optimize Security Education Opportunities
A VAR turns a two-day security vulnerability management training session into a $150,000-plus install with a transportation company.
Do you ever wish there was a better way to attract new business besides prospecting trade shows and mailing lists and cold calling clients? Entre BTG (Business Technology Group), a systems integrator that specializes in network security consulting, education, and installations, has the perfect solution. The company puts on two-day network security training seminars every six weeks, focusing on topics such as McAfee ePO (ePolicy Orchestrator). ePO is an all-in-one central management tool for McAfee products that addresses antivirus, spyware, intrusion prevention/detection management, firewall, and security vulnerability assessment needs. Jim Hindy, president and CEO of Entre BTG, says the average class size for a training session is eight people, comprising a mix of customers and prospects. The cost of the training is $1,200, which is nearly half the cost of what some of the security vendors charge for similar training. Each one of Entre BTG's trainers is CISSP (Certified Information Systems Security Professional)-qualified, which is a vendor-neutral certification governed by the International Information Systems Security Certification Consortium (ISC2). Hindy admits that direct mail is part of his marketing strategy, but says getting companies to attend a security training session is much easier than getting them to speak with a salesperson about their security issues and what kind of budget they're working with to protect themselves from security problems. "Training sessions are nonthreatening environments where business executives and IT managers volunteer security pain points without being prodded by a salesperson," says Hindy.
Training Yields Open Lines Of Customer Communication
In fact, it was at a training session that Entre BTG first made contact with an IT manager from a large transportation company with offices located throughout the United States. During the training session, the transportation company's IT manager revealed that his company needed to conduct a security vulnerability assessment that could be scored and improved upon over time, per industry regulatory compliance requirements. Hindy's trainer, Senior Network Engineer David E. Stennett, talked to the prospect about Foundstone, a security vulnerability management software solution from McAfee, designed to help enterprises prioritize their IT resources. "The prospect checked into a couple of options, but came back to us within the next month, based on the trust we built during the training seminar," says Stennett. "To alleviate any further reservations, we allowed them to try the software for free for five weeks. At the end of the evaluation period, the software did exactly what they needed it to do: It assessed all of their IT assets and gave them a security vulnerability rating [92%], which they could use to measure their future progress against."
Entre BTG sold the transportation customer Foundstone FS850 and FS1000 scan engine appliances, plus a 5,000-seat McAfee network security license, two days of on-site training, and a software maintenance agreement. The overall installation yielded more than $150,000 in sales revenue for the systems integrator. What's more is that there are much bigger security services opportunities from the same customer this year. "We're working with the customer to add three security software applications to their existing McAfee security suite, including Preventsys, Threat Correlation, and FoundScan Remediation," says Stennett. The first application, Preventsys, is an asset tracking and reporting tool that enables the McAfee scan engine to associate multiple security scans with the same asset, thereby providing more accurate data querying and reporting. The Threat Correlation application will enable the end user to identify newly released network vulnerability problems, run queries against its existing assets, and create a prioritized list of susceptible systems. FoundScan Remediation module is an application that allows the FoundScan scanning engine to automatically open service tickets that can be assigned to asset owners (e.g. a desktop PC or mobile PC user) who are in need of security remediation (e.g. a computer becomes infected with a malware program, or the software detects the computer doesn't have the latest security software patch installed). Each of the aforementioned products will be managed by McAfee ePO, and the three applications are expected to increase Entre BTG's initial sales revenue by 25%. Also, within the next 12 to 18 months, the systems integrator is projecting to earn an additional $500,000 in sales revenue from this customer, following the renewal of the customer's security software licenses, additional security upsell opportunities, network security training, and a secure wireless networking installation opportunity.