• SIMPLIFY. EXPAND. GROW.

    SIMPLIFY. EXPAND. GROW.

    SMB. CORE MIDMARKET. UPPER MIDMARKET. ECOSYSTEM
    LEARN MORE
  • FEATURED INFOGRAPHIC

    FEATURED INFOGRAPHIC

    2024 Top 10 SMB Business Issues, IT Priorities, IT Challenges
    LEARN MORE
  • CHANNEL INFOGRAPHIC

    CHANNEL INFOGRAPHIC

    2024 Top 10 Partner Business Challenges
    LATEST RESEARCH
  • 2024 TOP 10 PREDICTIONS

    2024 TOP 10 PREDICTIONS

    SMB & Midmarket Predictions
    READ
  • 2024 TOP 10 PREDICTIONS

    2024 TOP 10 PREDICTIONS

    Channel Partner Predictions
    READ
  • IT SECURITY TRENDS

    IT SECURITY TRENDS

    SMB & Midmarket Security Adoption Trends
    LATEST RESEARCH
  • CLOUD ADOPTION TRENDS

    CLOUD ADOPTION TRENDS

    SMB & Midmarket Cloud Adoption
    LATEST RESEARCH
  • FUTURE OF PARTNER ECOSYSTEM

    FUTURE OF PARTNER ECOSYSTEM

    Networked, Engaged, Extended, Hybrid
    DOWNLOAD NOW
  • BUYERS JOURNEY

    BUYERS JOURNEY

    Influence map & care-abouts
    LEARN MORE
  • DIGITAL TRANSFORMATION

    DIGITAL TRANSFORMATION

    Connected Business
    LEARN MORE
  • MANAGED SERVICES RESEARCH

    MANAGED SERVICES RESEARCH

    SMB & Midmarket Managed Services Adoption
    LEARN MORE
  • ARTIFICIAL INTELLIGENCE

    ARTIFICIAL INTELLIGENCE

    SMB & Midmarket Analytics & Artificial Intelligence Adoption
    LEARN MORE
  • WHITE PAPER

    WHITE PAPER

    SMB Path to Digitalization
    DOWNLOAD

Techaisle Blog

Insightful research, flexible data, and deep analysis by a global SMB IT Market Research and Industry Analyst organization dedicated to tracking the Future of SMBs and Channels.
Anurag Agrawal

Dell announces On Demand, PowerOne, expands PCaaS, focuses on customer advocacy, invests in SMB

Dell was always been relevant for small business and education markets but is now in an exalted position to stake its claim within the enterprise segment and the new battleground – the midmarket firms. In this Techaisle Take analysis I cover Dell Technologies’ On Demand offering, Progress Made Real initiative, expanded PCaaS for SMBs, focus on customer advocacy, continued SMB investment, new converged infrastructure PowerOne, Unified workspace solution and channel partner strategy.

Dell Technologies Summit in Austin was a showcase of bold announcements and understated commitments to corporate social good and customer advocacy. Dell has certainly transformed in the last five years. It has moved along a path from a PC company to end-to-end solutions provider to a digital transformation partner to a place where it is driving its own transformation through the power of analytics with a goal of delivering customer success. Dell has catapulted itself into relevancy for the next decade.

In 1984, when Michael Dell founded his namesake company in his college dorm, I was a freshly minted engineering college graduate working through my first job at a tractor manufacturing plant in India. My first interaction with Dell was in early nineties when an India-based firm was awarded a contract manufacturing deal. I was then running the secretariat of a computer manufacturer’s association in India. Since then not only technology has progressed but both the consumers and commercial buyers have evolved. Dell has not only moved with the times but sometimes has been ahead of the curve. One such “ahead of the curve” initiative is “Progress Made Real for 2030” announced at the summit.

Progress Made Real for 2030 stands on four pillars:

  1. Advancing sustainability: for example, one-for-one recycling, that is, every product that Dell sells it will recycle an equivalent product
  2. Cultivating inclusion: committing to 50 percent of Dell workforce to comprise of women by 2030, 40 percent of managers of people will be women, 25 percent of US workforce will be Hispanic or African American
  3. Transforming lives: for example, Dell’s work with Tata Trusts, with a goal to reach 40m under-privileged people from the current 11m
  4. Upholding ethics and privacy

Enabled by a combination of pervasive use of technology and vastly-expanded solution options, the technology user and buyer community has become more diverse in both composition and focus. Business decision makers (BDMs) are not content to await IT’s blessing to pursue technology options that align with business needs: an increasingly tech-savvy business user/management community plays an ever-expanding role in assessing technology options, and even in specifying solutions and managing their rollout. At the same time, the solution options themselves have expanded to become more accessible to non-IT staff. Some technologies, such as analytics and IoT, directly address business management questions. Others, notably cloud, provide support and delivery options that give business units the option of avoiding IT oversight. Even core IT functions, such as storage management (especially with respect to Big Data) and security (particularly with regard to cloud and mobility) are reshaped by system requirements imposed by BDM needs. It is not out of place, as an analyst, to say that Dell has been a little late in recognizing and pursuing the shifting patterns. Regardless, Dell has been a believer of technology democratization and has begun a concerted effort to manage technology chaos with a differentiated customer strategy and drive the ability to scale human capacity. These are very lofty and moonshot initiatives. But then Dell is a founder-led company whose founder is skilled at assembling the proverbial ship piece-by-piece and navigating it through uncharted and occasionally choppy waters.

Dell Technologies differentiated customer strategy is built on four key points:

  1. Driving social impact with purpose-driven relationships
  2. Creating customer advocates for life by honoring customer loyalty and delivering success
  3. Making it easy to do business with Dell by executing on basics
  4. Unlocking customer value by leading with insights

Dell’s customer advocacy team is constantly analyzing 9.5K social conversations per day, looks at 33K customer verbatims in addition to its 16K sales team members sharing feedback. Dell’s plan to delivering a seamless and simplified customer experience is not very different from recently announced customer lifecycle experience, aka race track, by Cisco. End goals are the same, approaches are slightly different. But the fact that all suppliers are landing at the same end-state is significant on how the technology industry has evolved.

Perhaps the most important announcement at Dell Tech Summit was its On Demand offering. Dell went to great lengths to explain its genesis and development but it is clear that it a direct response to the growing popularity of HPE GreenLake. Regardless of HPE commanding the media-waves Dell has jumped headlong into the as-a-service, post-transactional market with Dell Technologies On Demand Autonomous Infrastructure available via DT Cloud. Dell is prepared to deliver solutions today and at scale. And it is also within reach of midmarket businesses. Key takeaways of Dell’s On Demand solutions are:

  1. On-demand, consumption-based and as-a-service solutions for on-prem infrastructure / services is customizable, integrated across the full-stack for Dell's end-to-end portfolio from edge to core to cloud
  2. Dell widened the product of their Flex On Demand offerings for PowerEdge servers and their new PowerOne autonomous converged infrastructure solution (announced at Dell Technologies Summit). With this announcement, Dell’s consumption-based on-demand solutions now cover PCs, servers, storage, CI/HCI, IoT, datacenters, networking and data protection. Ideally applicable for firms with a minimum $250K 3-year contract-value but end-points including PCaaS is available for SMBs (at lower committed contract values).
  3. Dell knows how to create simplicity within complexity. Businesses can customize and select their on-demand path from:
    1. Payment: Pay As You Grow, Flex On Demand, Data Center Utility
    2. Services: ProSupport, ProDeploy, Managed services
    3. Portfolio: Edge, Endpoint, Core, Cloud
  4. On Demand offering provides two options for channel partners to participate:
    1. Referral fee – 7%-10% on committed contract value including tier credit program benefit. Dell owns and manages the customer. The partner still plays an active role in managing the customer relationship. The referral fee model positions the partner to address the customer’s solution needs, and enhance their customer relationship without having to take on the usage and credit risk associated with offering a pay for use solution.
    2. Resell – Partner owns and manages the customer. Allows partner to uplift base usage charge and earn program benefits including rebates, marketing development funds, and tier credit

Pay As You Grow is for committed workloads. The metering coverage in Flex On Demand includes processor, memory, and GB consumed. Data Center Utility adds metering based on VM and per port. The solution is still in its early stages and Dell views this as a journey rather than a destination. But the offering, in early stages, is finding acceptance at many of Dell’s customers. Scalar (a CDW company) has been configuring on-demand solutions with unlimited scalability for major Hollywood studios.

Relative to the cost of conventional hardware and software, on-demand cloud solutions are generally more cost effective than equivalent CAPEX-based on-premise alternatives, and its OPEX-based billing model works well for cash-constrained SMBs and midmarket firms. Cloud’s ‘as-a-Service’ delivery model reduces the need for individual SMBs and midmarket firms to attract and retain specialized IT staff; scale up as the organization grows, and cloud provides SMBs and midmarket firms that are often unable to maintain refresh cycles with ‘always-on’ access to current technology.

SMBs are not being left out from Dell’s strategy. In fact, small and midmarket businesses are two of the fastest growing segments for Dell. Its small business advisory has witnessed tremendous success but the team is not resting on its laurels. It aims to add 100 more small business advisors in the next one year. Each advisor goes through 160 hours of in-person classroom training. Dell has built a progressive hierarchical advisory structure, based on “needs complexity” to help SMBs learn, identify, buy and deploy technology. Small businesses with specific and simple requirements can also use Eva – a chatbot – to help guide through product selection and purchase.

Anurag Agrawal

Cybersecurity - SMBs are maneuvering around the edges of flame

Techaisle’s SMB and Midmarket security solutions adoption research shows that although security is a top IT priority for 85% of SMBs, cybersecurity is still not the most pressing security issue for 80% of SMBs. These SMB firms maybe maneuvering around the edges of cybersecurity flame as 19% of small businesses and 28% of midmarket firms believe that they have established best practices to control cyber-attacks. 31% of SMBs report that they are very confident of recovering from a cybersecurity incident and another 20% say the recovery is dependent upon the type of incidence. Is it really the case that the security-confident SMBs have taken all necessary steps to safeguard data, user and environment? Answer lies in the next set of data points. Only 8% of small businesses and 24% of midmarket firms have tested their responses to breaches or security incidents to ensure that their protocols will be effective in a crisis situation. Less than 10% of SMBs are covered by cyber-insurance and only 5% are considering cyber-insurance.

 techaisle smb midmarket cyber attack priority

SMBs that build effective, responsive security frameworks will be positioned to capitalize on new technologies and on the new efficiencies that they enable. There is no denying that the threats that IT security frameworks address are becoming both more pernicious and a greater threat to the success of IT-dependent businesses – which is to say, nearly all businesses.

In the Techaisle survey, respondents were asked “– what would be the impact on your organization if there was a security/data breach of corporate information?” Responses indicate that the damage would be widespread and substantial. As the chart below demonstrates, the most severe consequence of a breach would be damage to customer privacy and trust, but there would also be damage to corporate reputations and profitability, difficulty in meeting regulatory requirements, and personal reputation damage for both business and IT professionals within the firm.

techaisle smb midmarket impact security breach

The NIST framework does a good job of describing a business’s approach to cyber security, but it doesn’t actually address the approaches used by ‘bad actors’ to attack data and users. To understand how attackers work (and might be stopped), IT security professionals often turn to the cyber (or intrusion) kill chain. This seven-stage view of an attacker’s process, developed by Lockheed Martin in 2011, helps technical leads to align security technology and processes against an attacker’s progressive objectives.

techaisle smb midmarket cyber attacker process
There are many variants on the diagram. Some include responses to the intrusion kill chain, urging businesses to “detect, deny, disrupt, degrade, deceive and destroy” attackers and their malware. Others highlight the key technologies and technology processes used to support these responses: for example, security professionals combating intruders at the reconnaissance stage might use web analytics to detect an intruder’s activities, and then firewall technology to deny access to corporate systems. The specific details vary from scenario to scenario, and evolve over time. What is constant, though, is the need for technically-adept security professionals to invest in capable technologies, to integrate these systems with each other, to develop processes that connect effectively with threats and technology-based ‘shields’, and to align these systems and processes with management’s corporate objectives.

It isn’t an exaggeration to state that in today’s business world, IT infrastructure is business critical infrastructure. SMBs are heavily invested in IT, with IT-dependent processes throughout their operations. This ubiquitous dependence on technology means that systems failure will reverberate throughout all of a company’s daily operations. There is no way to disaster-proof against IT failure with insurance; appropriate investment in IT security processes, technologies and management strategies is the only way to capitalize on the productivity benefits of IT without creating exposure to organizational paralysis in the event of a malware invasion, a hacker attack or an employee’s negligence or malfeasance.

The lack of understanding of a threat associated with a widely-used cloud platform on one hand (and likely, additional confusion with respect to security issues associated with other technologies), and the lack of IT staff resources available to address security concerns on the other, produces a clear conclusion: SMBs need suppliers to step up to delivery of secure IT environments and prevent cyber-attacks.

In many cases, these suppliers will be the mainstream channel partners who supply the SMB’s technology, who act as the IT management presence within the SMB’s business. In other cases, including in many midmarket environments, the source of security products and services will be specialized managed security providers who focus tightly on operating SOCs and protecting client environments. In some scenarios, firms will ‘land’ by entering a client account from one of these positions, and then ‘expand’ to serve a wider range of IT supply needs – crowding out competitors who can’t address the risk and compliance issues that are central to the CEO’s mandate.

Related research

US SMB and Midmarket Security adoption trends

Europe SMB and Midmarket Security adoption trends

Asia/Pacific SMB and Midmarket Security adoption trends

Latin America SMB and Midmarket Security adoption trends

 

Anurag Agrawal

Balancing cloud threats and security measures challenging European SMBs and Midmarket firms

Techaisle’s Europe SMB and Midmarket security adoption trends survey shows that both small businesses and midmarket firms recognize that cloud poses a risk to their data: “cloud usage/services put us at a higher risk of a data breach” is the security-related statement that resonates most with small businesses, and it is one of the top three issues identified by midmarket respondents. However, 24% believe that they are better prepared than most to address cloud security issues. “Our security budget is sufficient to meet our needs” is the most commonly-advanced statement on IT security by small businesses but 52% of midmarket firms believe that their "budget is not sufficient to meet their security needs". Only 8% of European small businesses have formal security protocols in place to respond to a security incident as compared to 32% of midmarket firms.

There is no denying the threats that IT security frameworks address are becoming both more pernicious and a greater threat to the success of IT-dependent businesses – which is to say, nearly all businesses. Survey data also shows that in Europe, 52% of small businesses and 62% of midmarket firms experienced one or more security incidents in the last one year.

At least within the European SMBs and midmarket firms there seems to be adequate awareness of the quantity, variety and severity of threat sources but the unpreparedness is in part due to weak reporting of breaches when they occur, with only events too big to hide becoming the subjects of public discussion. Tougher disclosure legislation will make SMBs more aware of the extent of IT security issues – which in turn will likely boost investment in security solutions and reduce the number of respondents expressing comfort with their current state of readiness.

Despite the dichotomy of potential of security threats and overconfidence, SMBs are concerned about their threat landscape, both at the PC-level as well as with cloud.

Data clearly shows that small businesses and midmarket firms have very different perceptions of cyber-security risks, security approach and attitude, cloud and end-point security concerns and most effective security solutions to protect cloud data.

A review of cloud security threats and mitigation options available to European SMBs illustrates the fact that while cloud brings unique challenges, the measures used to address the expanded threat profile are consistent with those that would represent good practice in any infrastructure context. 37% of SMB survey respondents are concerned with data exposure during transfers to remote locations, 35% are concerned with the potential for cloud-based accounts to be hijacked, and 28% are worried about unauthorized access to or breaches of data repositories in the cloud, insecure interfaces used to access cloud-based systems, the potential for insiders within a cloud service provider to exfiltrate information, and denial of service (DDoS) attacks – all of which represent cloud-specific threats.

SMBs have very strong perception and understanding of technologies and practices that are considered most effective at protecting data in the cloud and addressing their cloud security concerns. These include data and network encryption, intrusion detection and prevention (IDP), the setting and enforcement of security policies, the creation of data boundaries that separate different information sets, use of access control technologies, and unified threat management. Unlike the threats, though, that are specific to cloud/hybrid IT infrastructure, these approaches do not arise uniquely from use of cloud: they can and should be applied within environments that are not cloud based as well. Any business that relies on a network and supports mobile users (necessitating access control) would do well to implement all of these measures.

Techaisle believes that there are different take-aways for suppliers focused on small and midmarket customers. In small business, there is a need to educate buyers about the gaps that exist between current preparedness and risks, and between small business readiness and the approaches that are common within larger organizations: small businesses need to understand where and how to invest in a wider range of security solutions, especially with respect to covering threats associated with mobility and cloud. There is also a need to respond to price-performance pressures.

Clearly, security itself is a complex solution area, and the marketing challenges faced by suppliers – which need to articulate solutions in terms that are appropriate to small and midmarket businesses, to BDMs and ITDMs, and via sources and channels that are relevant to the evaluation and purchase process – are complex in their own right. Security permeates all aspects of IT service delivery – and as a result, success in navigating the solution and marketing needs offers great upside for successful suppliers.

Anurag Agrawal

Key technology trends shaping US SMB IT security adoption, use and management

Techaisle’s 2019 US SMB and Midmarket security adoption trends research investigated 17 different types of IT security solutions. These can be positioned as belonging to one of four broad categories:

  1. Protection of data entering the corporate environment
  2. Protection of the mobile environment, including the following
  3. Traffic inspection and management
  4. Protection of data that is being used within the corporate environment

Analysis of data showing current and planned use of these technologies helps illustrate how security environments are changing, and differences in security approaches between small and midmarket businesses.

The wall and drawbridge: protection against threats entering the corporate environment

The technologies included in the “protection of data entering the corporate environment” category are those that correspond to the castle walls-and-drawbridge analogy used at the beginning of this document. They are broadly used by both small and midmarket firms, with 100% of users in both groups reporting that they have anti-spam/email security and anti-malware/virus/spyware products deployed today. Web/content filtering is also commonly employed within both small businesses and midmarket organizations, with current usage levels at 54% in small business (with another 18% planning to deploy these products) and 62% in the midmarket (with an additional 18% planning to begin use). Firewalls and VPNs are commonly used to secure midmarket traffic – 100% of midmarket respondents report use of firewalls, and 52% are using VPNs, with another 25% planning to begin use of VPNs in the near term – but are not as prevalent in the small business environment, where just 18% of respondents report current use of firewalls, and VPNs are not found in the data.

Extending to the edge: protection of mobile environments

Mobility poses an enormous challenge to the traditional security approach: it isn’t possible to rely on a heavily-guarded drawbridge if there are dozens (or hundreds or thousands, depending on business size) of moving gates that each poke through the wall of the keep. Technologies intended to protect physical devices (mobile security), the data resident on or accessed through those devices (DLP) and the ability of the devices to access corporate resources (MDM/MAM) have developed to help security professionals intercept threats before they reach the perimeter of the enterprise network. Survey data shows, use of these technologies by SMBs is still primarily in the planning stage, though there are examples of current deployments addressing mobile threats. Three-quarters of midmarket firms report current use of DLP, and over 50% have already deployed some form of mobile security. Plans for new deployments of these technologies in both small and midmarket businesses are substantial, with 21%-31% reporting near-term usage intentions. Midmarket businesses are also interested in exploring endpoint forensics – the use of device data to identify anomalous patterns indicating an infection or breach – but this is still years from becoming a mainstream SMB security approach.

Inspecting and managing traffic

Many organizations are coming around to the conclusion that security breaches are more a matter of ‘when’ than ‘if’, and are dedicating resources to identifying and addressing vulnerabilities or intrusions. Four of the technologies/tactics covered by the Techaisle research address this requirement. Breach detection systems – systems that focus on malicious activity within the network – are the most commonly deployed technologies in this area, used by just 6% of small businesses and 69% of midmarket firms. IPS/IDS – a category that combines technologies that attempt to prevent network intrusions and those that monitor and report on attempted incursions into the network – are currently used by half of midmarket firms, with 29% of small businesses and 30% of midmarket organizations planning future deployments. Security information and event management (SIEM) systems, which collect and analyze information from other security technologies deployed by the enterprise, are used by 47% of midmarket firms and in the near-term plans of an additional 28%. And 23% of small businesses and 27% of midmarket firms are planning to engage suppliers to perform penetration testing – ‘ethical hacks’ used to probe networks for vulnerabilities.

Protecting information in use within the corporate environment

The fourth category of security solutions is dedicated to protecting assets within the corporate environment – the data, applications and physical environments used to produce IT-enabled outcomes.
The date demonstrates that at this point, small businesses are not adopting the technologies used to secure information in use, but that midmarket firms are investing in this level of defense. Over half of midmarket businesses surveyed are currently using both security products that protect virtual environments and data encryption, which secures ‘data at rest’ against hackers who penetrate other defenses. Additionally, 26% of midmarket organizations are planning to deploy user behavior analytics, which highlight potential exposures due to employee negligence or malfeasance.

In today’s SMB market, it is critical for vendors to build detailed understanding of the small and midmarket segments, and to align resources and strategies with requirements as SMBs move from initial experimentation with sophisticated solutions towards mass-market adoption.

In this report, Techaisle analyzes 1,245 survey responses to provide the insight needed to build and execute on IT security strategies for the small and midmarket customer segments. Techaisle’s deep understanding of SMB IT and business requirements enables vendors to understand the ‘why’ and ‘when’ of solution adoption, current and planned approaches to solution use, the benefits that drive user investments, and key issues in aligning with buyers and building and intercepting demand.

Research You Can Rely On | Analysis You Can Act Upon

Techaisle - TA