Managed Security Services Training. Jim Lippard

Managed Security

Services Training

Agenda

•

Sales Landscape

–

Target Prospects

–

Applications

–

Competitive Landscape

•

Product Definition

–

Network Drawings/Architecture

–

Demo

–

Features/Benefits

–

Sales Tools– Collateral, Website, Marketing Tools, etc

.

•

Sales Procedure

–

Sales Procedure Overview

–

Implementation

–

Support

The 3 P’s

•

P

urpose

–

What Is This All

About?

–

What Are Our

Objectives?

•

P

rocess

–

How Will We Do It?

•

P

ayoff

Purpose – What is this all about?

By talking this course you will be able to:

–

Describe features & benefits of Managed Security

Services

–

Identify who to target with the correct solutions and

sell effectively within the competitive landscape

–

Apply the Sales Process for the EarthLink Managed

Security Services

Process – How will we do it?

•

Overall IT Services Training Development Plan

–

Pretest Questionnaire to Establish Baseline

Knowledge

–

Three Product Training Webinars

Payoff – What is in it for me?

By taking this course you will:

–

Enhance your ability to successfully sell EarthLink

Managed Security Services

Targeting & Positioning - SMB

Managed Firewall

•

Customer Premises Based Firewall – any customer with a

network needs a firewall. Unified threat management is not

sufficient, may need this stand alone firewall solution

•

Network Based (Hosted Security) – need to have at least 25

locations with EarthLink MPLS

•

Data Center Firewall - SMBs unlikely to have colocation;

virtualized services already include data center firewall

Secure Remote Access

Targeting & Positioning - SMB

Asset Management

•

Any business that wants to off-load managing their end user

systems for patches

•

They can also off-load managing end user systems for antivirus

and web content filtering with premium asset management.

Laptop Security

•

Any business with mobile users and concerns about loss of

confidential data.

•

Antivirus and web content filtering option for those concerned

about acceptable use policy compliance and worker

Targeting & Positioning - SMB

Remote Data Protection

•

Any business where users store company-critical information on

their own machines, e.g., mobile users working offline.

•

For businesses with a few small servers.

•

Not a good fit for backing up many large servers or databases,

where we would provide a custom backup solution.

Secure File Transfer Portal

•

Any business with regulatory requirements for security or

which exchanges sensitive documents online.

Email Encryption, Email Archive

Targeting & Positioning – Enterprise

Managed Firewall

•

Network Based (Hosted Security) –

•

Customers with EarthLink’s MPLS service with 25+ sites

•

UTM features allow consolidating all network edge security features in

one service.

•

Those with regulatory requirements will need Data Leak Prevention

(DLP) in premium package.

•

Data Center Firewall -

•

Enterprises with regulatory requirements may want dedicated firewalls.

•

Customer Premises Based Firewall –

•

Enterprises who offer services to the Internet from own location or

which requires segmentation between parts of the business (e.g., due

to regulatory requirements

•

UTM features are good for cost savings but presently have limited

reporting and self-service capabilities compared to standalone

solutions.

Targeting & Positioning - Enterprise

Asset Management

•

An enterprise with small IT staff can benefit from self-service

asset management.

Laptop Security

•

Any enterprises with mobile users and concerns about loss of

confidential data.

•

Antivirus and web content filtering option for those concerned

about acceptable use policy compliance and worker

productivity on company-owned assets.

Secure Remote Access

Targeting & Positioning – Enterprise

Remote Data Protection

•

Any enterprise where users store company-critical information

on their own machines, e.g., mobile users working offline.

•

For enterprises with a few small servers.

•

Not a good fit for backing up many large servers or databases,

where we would provide a custom backup solution.

Secure File Transfer Portal

•

Any enterprise with regulatory requirements for security or

which exchanges sensitive documents online.

Email Encryption, Email Archive

Virtuali-zation

Security Email Network Support Service Depth

Amazon

Rackspace

Secure Works

Perimeter

eSecurity

Windstream

CBeyond

Intermedia

EarthLink

Excellent Very Good Good Fair Low

Virtuali-zation

Security Email Network Support Service Depth

Amazon Rackspace Secure Works Perimeter eSecurity Windstream CBeyond Intermedia EarthLink Infrastructure as a Service Security Services Email/Collabor-ation Services Specialization Connectivity Services Total IT Services

Excellent Very Good Good Fair Low

Product Positioning

•

Overall EarthLink fares well when services are looked at

as a whole across the overall market

•

Looking at specialized positioning and just those

elements rudimentary to those specialized services

–

EarthLink fares okay, but

–

EarthLink isn’t likely not going to win the majority of head to

head larger deals in areas like Virtualization, Security and Email

•

There is a difference when looking at Specialized

Security Services:

Virtuali-zation

Security Email Network Support Service Depth Secure Works Secure Works– SMB Market Becomes more one dimensional and delivered from IT approach No advantage for SMB site locations Advantage lost as not addressing overall business function ops needs

Does not create reduced overall simplicity. Advocate for functional owners is lost Perimeter eSecurity Perimeter eSecurity - SMB Market Limited to hosted No advantage for SMB site locations More IT based, less business ops. No channel advocate for customer No direct channel customer. Advocate for overall needs EarthLink

These leaders in Security are overly niched from business

functional need.

Specialization Positioning - SMB

Decision Maker

Viewpoints & Concerns

•

CIO

–

Business Strategy + IT Strategy = 1

–

Management / end user perception of value & customer

service

–

Reducing risk (availability/uptime, performance, security)

–

Staff growth & development; Leading edge technology

–

Budget Constraints; Making business case to management

–

Smoothing day to day operations; IT Operations Procedures

Decision Maker

Viewpoints & Concerns

•

CEO/COO

–

Ensuring that IT support functional areas of company

–

Ability to execute timely, securely, efficiently

–

Market reputation; eliminating risk & waste

–

Increasing revenue & reducing expense

•

CFO

–

Capex Value (Technology, Infrastructure, Software)

–

Opex Value (labor; 3

_{party) of IT; Impact on Profitability}

–

Risk Management (Financial, CRM System, Order

Processing, fulfillment, Licensing, etc.)

Decision Maker

Viewpoints & Concerns

•

CCO/CSO/Internal Audit

–

Security Policy & Regulatory Compliance

•

HIPAA, GLB, SOX, PCI, CA-1386 breach reporting

•

Acceptable Use, Information Security

–

Ensuring proper implementation, admin of IT controls

Important Things to Remember

•

Be aware of who you are selling to:

–

CEO, CFO, COO, CCO layman biz decision maker vs IT

Lead

•

Biz Decision Maker Message:

–

Take, Cost, Risk, Inefficiency OUT

–

Improve customer satisfaction via Service Level

Agreements

•

IT Lead Decision Maker Message:

–

“We’ve got your back”

Important Things to Remember

•

IT Solutions sales without owning the network

•

Use COP form as a pre-call checklist

•

Customers can buy IT point solutions like dial tone

•

Comprehensive solutions require high trust dialogue

•

Customer reference selling is key to solution selling

•

Whiteboard solution concepts to gain credibility

MANAGED SECURITY

SERVICES

Security Services Products

•

Managed Firewall

•

Secure Remote Access

•

Asset Management

•

Laptop Security

•

Remote Data Protection

•

Secure File Transfer Portal

•

Email Encryption

Key Information Security Attributes

Only authorized users can see or read the information.

Confidentiality

Only authorized users can change or write the information.

Integrity

Three Types of Managed Firewalls

•

Hosted Security (Hosted Network Firewall)

–

Basic: Firewall only

–

Advanced: Content filtering, application control (high-level)

–

Premier: IPS, DLP, antivirus, anti-malware, anti-spyware; more

granular content filtering and application control

•

Shared Data Center Firewall

•

Customer Premises Firewall

–

Basic: Firewall only, 5 monthly changes included

–

Enhanced: Content filtering, 10 monthly changed included

Fully managed hardware based firewall service to protect from both inbound and outbound security threats. 24x7x365 monitoring and protection services from the latest vulnerabilities as well as documented policy change requests and approvals to

ensure that correct policies are applied and enforced.

33

Features

Benefits

Firewall with stateful inspection First line of defense to separate trusted

from untrusted networks.

Content filtering Allow or block sites based on content

categories to keep our malware and for compliance.

Intrusion prevention Alert and/or block known attacks.

Anti-virus(AV), anti-malware, anti-spyware Augment host-based AV by blocking known threats at the network perimeter.

Secure Remote Access

Access method for mobile users, telecommuters, small offices, provided

as firewall feature or standalone. VPN gateway can be on customer

premises or in data center. Connection can be via IPsec client, SSL VPN,

or Site-to-Site. 256-bit AES or 3DES.

Features

Benefits

Active Directory integration

Customer can add and

remove remote access

capability.

Endpoint host checks

Can disallow or restrict

access based on security

and status of client

machine.

Web page menu of sites

Ease of reaching specific

corporate resources.

Asset Management

Features

Benefits

Single, integrated web management

console

Easy remote management of

endpoint assets, self-service or

co-managed.

Software inventory reporting

Ability to manage licenses and end

user compliance.

Patch management

Keep systems up-to-date and know

vulnerabilities.

System monitoring and alerting

Proactive alerting and remote

troubleshooting.

Ability to view and control all PCs and devices in a centralized location to

reduce cost, increase uptime and align your IT Security policies with the

A comprehensive and cost effective laptop security service. Automatically

encrypts data and overwrites information in the event the device is reported

lost or stolen.

Features

Benefits

Remote wipe and file/directory

encryption enforcement

Prevent data from getting into

the wrong hands in event of

theft or loss.

Option: Antivirus protection

Block or remove malware.

Option: web filtering

Enforce acceptable use policy

on equipment outside of

corporate environment.

Minimize cost while enabling you to prioritize recovery of your most

critical operations in the event of a natural or man-made disaster, with

round the clock real-time backups.

Remote Data Protection

Features

Benefits

Automated, scheduled backup

Prevents loss of data due to theft,

hardware failure, or accidental

deletion.

Self-service restore

Ability to quickly recover lost data.

Encrypted and compressed backups Confidentiality of data is protected.

SAS-70 Type II data center

Reliable and secure physical

Email Services and Secure File Transfer

Portal

Standalone versions of hosted email services, and a service for securely

sharing documents to large to send in email.

Product

Benefits

Email archiving

Backups for regulatory

compliance and e-Discovery

requirements.

Email encryption

Protect confidentiality of

sensitive information.

Secure file transfer portal

Protect confidentiality of

EarthLink Business IT Services

Corporate Website

IT Services Sales Toolkit

•

Sales Guides

•

Customer Facing Presentations

•

Product Collateral

•

Case Studies

•

Training Courses

•

Competitive Information

•

Industry Learning Links

Sales Procedure Overview

Solution is proposed to customer with ITSC, AE and SE

ITSC will design & quote the solution. The solution will be reviewed with SE/AE

Send COP form to [email protected]

Fill out the Customer Opportunity (COP) Form with SE

Engage your SE and qualify the IT Services Opportunity

Post Contract Implementation

•

Onboarding specialist enters order into MOSS & scans contract into

system

•

Internal project meeting is held to assign Project Manager

•

Project Manager develops a preliminary project plan

•

Customer call is scheduled to discuss implementation plan

•

Weekly implementation review meetings are conducted with

customers on an as needed basis

•

SOC manages, monitors & supports system to ensure all tasks are

completed

•

Completed order notification letter is sent out to customer upon

completion

•

Customer receives invoice from the MOSS system

Support Process

sends correspondences back to customer via e-mail

Level 1 Tech Escalate to a level 2 Tech

Customer Service Opens up TT

Customer Service chooses the appropriate dept to forward e-mail too

for level 1 support

The Customer Service Rep reviews TT and assigns Dept, Category,

Severity & Scope in dropdown. Customer Initiates a e-mail

at Support@EarthLinkIT. com or calls 1-800-957-4872 TT is automatically generated in MOSS from customer e-mail TT system automatically sends customer e-mail notification that TT

has been rec’d

End NOC/SOC

Manager reviews tt are being worked

daily

Gather Account authorized

contacts, customer acct number & Pin Customer Service

Rep escalates to Level 1 Tech and replies to TT notifying

customer ticket has been escalated to Level 1 support and sets ticket status to

in-progress

Level 1 support verifies category, severity and scope is

correct and If not they will set sub category

Level 1 Tech replies to TT notifying ticket has been escalated to

Level 2. and keeps ticket in-progress

Customer Services Rep. resolves TT and

sends correspondences back to customer via e-mail Yes

No

Level 2 Tech resolves issue and sends correspondences back to customer via e-mail

NO TF Number Is it a simple TT and can be resolved by Customer Service Rep?

Can level 1 Support complete ticket?

Setting Customer Expectations

•

Separate IT Services Invoice

•

IT Services Welcome Letter

Do you have your

internet access from

a central location or

does each location

have internet access?

If internet access is at multiple locations, the IT staff will need to maintain multiple firewalls and consistently enforce the security policies across all

these firewalls.

We offer different managed firewall options that will be best for internet access that is centralized

versus distributed.

Identifying Managed Firewall

49

Do you have your

internet access from

a central location or

does each location

have internet access?

If internet access is at multiple locations, the IT staff will need to maintain multiple firewalls and consistently enforce the security policies across all

these firewalls.

We offer different managed firewall options that will be best for internet access that is centralized

versus distributed.

Identifying Managed Firewall

Who monitors your

firewall? And much

time is spent to ensure

the firewall is running

properly?

Do you have a firewall?

How old is it? Or how

are you protecting

against new threats

from the internet (web

browsing & email)?

A firewall is essential to doing business on the internet. If you do have a firewall, who monitors it and are there

people that can ensure that the firewall is effectively protecting your corporate data.

If it is older than 3 years, it may not be as effective in preventing current threats and attacks to your corporate

environment.

If on staff IT – do you have the time and expertise to ensure that your firewall policies are

tested to ensure effectiveness?

If they don’t feel there is sufficient staff or they don’t have expertise in managing their firewall

or they don’t have a firewall, an opportunity

exists

Identifying Managed Firewall

51

If no, customer already has a single

appliance/device that handles all the firewall functions. Then probe for

. . .

Do you have separate appliances for web content filtering, intrusion

prevention (IPS), and antivirus/anti-spam (AV/AS) at your corporate

internet perimeter?

If yes, this is an opportunity for Managed Firewall. Managed Firewall (FW) is a single appliance that includes

AV/AS, web content filtering & IPS. Managed Firewall options are premise, network or data center managed

firewalls.

Or if one of the devices is end of life, with Managed Firewall, we can turn on only the feature that is needed,

ie content filtering or IPS or all the features.

Do you have a business continuity or disaster recovery plan should the office be unavailable

or unreachable? Offer Remote Data Protection.

•

Customer with ELNK MPLS and 25+ locations and interested in

centralized internet access, position

Hosted Network

Firewall

service.

•

Data Center Managed Firewall

for customers purchasing

any of our hosting services. ITSC will help you determine if

customer needs shared or dedicated managed firewall service

•

Customer Premises Managed Firewall

, for customers that

have multiple locations, branch locations or their own data

center where they would need a firewall at their premise.

– any business that stores or processes credit cards will need to keep this

environment behind their firewall ( so opportunity for premise based managed firewall).

– we can also manage almost any customer owned firewall at their location.

53

How do you protect

your corporate

environment from

threats from your

remote users?

Do you have users that

need to access

corporate resources

while traveling or

when working

remotely?

If yes, secure remote access provides authenticated, encrypted, access to corporate

LAN/WAN via the public Internet.

If no, probe for other services such as Laptop Security.

Our solution can ensure remote devices are in compliance with your security policies for the latest AV signatures and web content filtering.

Identifying Secure Remote Access

How and when do

you implement

vulnerability and

system software

patches?

How many users

do you have? How

many dedicated IT

staff?

If the IT staff is managing so many devices they can’t keep track of them all, this would indicate a need for Asset Management (AM). AM is a tool to

audit and inventory all the devices & software. Basic level is self service, for your IT staff to use,

or you can offload this activity for ELNK to manage.

With Asset Management, you can schedule patches during off work hours and push these

patches to all the devices.

Identifying Asset Management

Are users complaining

about slow

performance?

When you

implemented these

patches, has the patch

impacted production?

Have you had to roll

back a patch?

If a patch has been implemented in production, a roll back can easily be done from a central console

with Asset Management

With Asset Management, you can pull a disk utilization report to identify the amount of CPU & disk

space per device to determine which devices need technology

refresh or upgrades.

If no, see next page.

Identifying Asset Management

Do you know if any

workstations or

laptops contain

unlicensed or

unapproved

software? How do

you keep track?

If you do not know what you have on your workstations & laptops, Asset Management will enable you to easily audit all devices and track all

software and its associated versions. This will enable you to ensure compliance.

If yes, probe for other services.

Identifying Asset Management

57

Encrypted hard drive. . . Even if it is not connected to

the internet . . .

Remotely wipe the hard drive clean

What is stored on corporate laptops? Customer contracts, customer billing information,

HR lists, passwords?

If you have proprietary and confidential information on corporate laptops, Laptop Security can protect that information

should that laptop be lost or stolen.

If the laptop does not log in after a specified time, the hard drive is programmed to be wiped clean. The specified time is determined by

your corporate policy.

When a laptop is reported lost or stolen and it has the Laptop Security service, the hard drive will be wiped clean as soon as the device

connects to the Internet. This will render the laptop useless.

As an added measure, the data on the hard drive is encrypted, so should this device get into the wrong hands, the data will be unreadable.

Enforce AUP for

remote devices

Do you have an

Acceptable Use

Policy (AUP)?

What regulations

do you need to

comply with?

If customer is regulated by HIPAA, GLBA, SOX and an employee loses his corporate laptop, it is critical

that corporate data needs to be destroyed so data cannot be accessed. This can be done with Laptop

Security.

With Laptop Security, you can enforce your AUP even when users are working remotely. If yes, how do you

enforce your AUP?

If no, highly recommend an AUP be created to protect corporate assets

and assure compliance.

Laptop Security

59

If one of your senior

executives loses

his/her corporate

laptop, how would it

impact the business?

If your office or data

center was destroyed

in a natural disaster,

how long would it

take to recover?

If your workstations or

servers have a hard

drive failure, how do

you recover the data?

If you have an existing backup solution, have you tested it?

Do your end users have ability to recover their own data? Remote Data Protection allows end users to recover their own data easily through

the customer portal.

Has he/she backed up their data? Would you be able to find these files? Remote Data Protection, provides backup for servers, desktops and laptops. Data is backed up via the Internet and is encrypted and stored in a remote data center for easy access

should a device be stolen or lost.

If you have it all covered, have you tested your back up solution? If no, Remote Data

Protection is key piece of your disaster recovery plan in addition to virtualization. If

yes, how about your individual laptops?

Remote Data Protection