Top Banner
SaaS: Security as a Service Cloud based security reaching mainstream Richard Bowman Director, Security as a Service
28
Welcome message from author
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
Page 1: SaaS

SaaS: Security as a ServiceCloud based security reaching mainstream

Richard BowmanDirector, Security as a Service

Page 2: SaaS

Agenda

• What's the Customer Problem? Why such growth?• What does our solution do? Where does it fit?• Customer Benefits – why should I buy it?• Qualifying Questions – tips on how do I get the conversation started• Tips on common objections• Competition (who to look out for in Australia)• Licensing structures• Summary• Test Quiz

Page 3: SaaS

What's the Customer Problem?• The dependence on email and web platforms for business to communicate has grown exponentially

• At the same time the risk, volume and complexity of the challenges to keep these platforms up and running has grown exponentially

• The traditional approach of buying, running, operating and maintaining expensive gateway based solutions is fast becoming archaic - WHY?

– Significant (often CAPEX) outlay every 3 years– Capacity/effectiveness diminishes quickly – poor performance, scalability leads to unplanned expenditure– User experience and business performance often severely impacted– Significant overhead to install, maintain, operate– These are non-core, non-strategic tasks - tying up expensive resource– Complexity of threat is virtually impossible to stay ahead of – and why invest 100’s of thousands of dollars in trying to?– Organizations have no fixed cost control - completely at the mercy of volume and threat landscape changes

Page 4: SaaS

What does our solution do? Where does it fit?

• McAfee SaaS – Providing a guaranteed outcome at a single, fixed and predictable cost.

• ‘Delivered via our massively scalable global datacenters, it delivers world class security solutions without the need to buy, install, manage and maintain hardware and software’

• Target market – from 5 users to 1,000,000 users and across all verticals

• 43% of ASX 200 currently have their email scanned in the cloud

• 1 in 3 of all Australian business (50+ users) have their email scanned in the cloud

Page 5: SaaS

What is Security-as-a-Service?Subscription-based service that provides access via the cloud to commercially-available security software. Requires no software

nor hardware integration, and all responsibility of uptime, upgrades and operational maintenance is shifted to the vendor

during the term of the subscription.

What is Security-as-a-Service (SaaS)?

Source: Aberdeen Group, “Email Security in the Cloud”, April 2010

Page 6: SaaS

What does our solution do? Where does it fit? SaaS market – massive growth

2008 2009 2010 2011 2012 20132008-2013

CAGR%

SaaS Endpoint (TOPS Serv) 173 199.5 233.8 293.1 403.4 565.4 26.7SaaS Email Scanning 555 700.4 925.9 1216.6 1544.8 1828.4 26.9SaaS Web Scanning 78 115.5 190.9 295 400 513 45.7SaaS VM/Website security 155 186.3 237.8 308.9 411.3 540.4 28.4

Worldwide Security SaaS Revenue by Segment, 2008-2013 (US$ Millions)

Source: IDC 2009 – These figures exclude Network Security SaaS and Identity/Access Management SaaS (not SaaS per McAfee Classification)

Top Drivers for Security SaaS Investment, 2010

Page 7: SaaS

What does our solution do? Where does it fit? McAfee SaaS Global Data Centers

*updated Oct 6, 2010

• SaaS offering since 2000

• $100’s M USD 2010 SaaS annual revenues

• Most recognizable Internet Trustmark

• Security brand and partner enablement tools

• Most widely deployed SaaS endpoint product globally

Page 8: SaaS

Broadest Security-as-a-Service portfolio in the IndustryReal-time Protection with Global Threat Intelligence

Multi-tenant , Scalable Service Platform

McAfee SaaS Management Console

Global Threat Intelligence™

Endpoint EmailVulnerabilityAssessmentWeb

http://!

Email Continuity

EmailArchiving

PCI Compliance

WebsiteCertification

Page 9: SaaS

What does our solution do? Where does it fit? SaaS Services Available today in APAC

Available in APAC today

In Country Data Centre Required

Data Centre Exists

Data Centre Forecast

SaaS Endpoint (TOPS Service)

Yes - all No No No

SaaS Email Scanning

Yes - all No Hong Kong, Sydney, NZ

NZ Nov

SaaS Email Continuity

Yes - all No Hong Kong, Sydney, NZ

NZ Nov

SaaS Email Archiving

No Yes No No

SaaS Web Scanning

Yes Yes Sydney, NZ HK FY11

SaaS VM/Website security

Yes - all No No No

Page 10: SaaS

What does our solution do? Where does it fit? McAfee SaaS: Endpoint Protection

Smart protection through product integration• Automatic updates and upgrades• McAfee Global Threat Intelligence

Quick deployment to all users, regardless of location• Deploy over the Internet to save time and resources

Simplified management through an online console• Customize security policy• Analyze reports• Manage users from any web-browser

Industry’s First Integrated Security SaaS Solution

Page 11: SaaS

What does our solution do? Where does it fit? McAfee SaaS: Vulnerability Assessment

A Better Way to Protect your Network

Scan for vulnerabilities with actionable reporting• Daily perimeter and web application scanning• Benchmarked against the world’s most widely

adopted network perimeter standard

No hardware or software to deploy or maintain• Online service is easy to deploy• Includes tools and services Level 2-4 merchants

need to validate PCI compliance

Page 12: SaaS

What does our solution do? Where does it fit? McAfee SaaS: Web Protection

100% Cloud-based Deployment Reduces Complexity and Costs

Easy-to-use Online Management• Intuitive interface• Per-user policies and reporting

Web 2.0 Threat Protection• In-the-cloud Web filtering• Real-time reputation-based filtering• Transparent user authentication • Filtering for remote users• SafeSearch

Page 13: SaaS

What does our solution do? Where does it fit? McAfee SaaS: Email Protection

Comprehensive Email Security• Highest spam blocking• Patented worm and fraud defenses• Deep content and attachment inspection

100% Cloud-Based• Simplest deployment possible• Virtually “instant on” capabilities • No need to install hardware or software

Blocks over 99% of Spam In-the-Cloud

Page 14: SaaS

What does our solution do? Where does it fit? How it works - Evolution of Email Protection

Email UserMcAfee SEWS

Quarantine

Remote User

FirewallAppliance & Software

Server Software

CustomerEmail Server

Page 15: SaaS

Customer Benefits –why should I buy it?

Let’s focus on SaaS Email scanning – the most likely engagement in Australia today….but true of all SaaS

Having your email scanned in the cloud…..

• Mitigates complexity of risk• Drives risk further away from network/users• Frees resource for more critical security projects

• Gets rid of a huge burden/hassle• Less complaints/abuse from users• Platform agnostic• Easy/quick to set up

• For a fixed predictable cost (often, but not always OPEX)• Whilst lowering internal management costs• Delivering better protection lowers risk to brand• Freeing up peoples time - better use of internal resource

Page 16: SaaS

Qualifying Questions – how do I get the conversation started?

The reality – 40% will be open to SaaS, 40% will be frosty and 20% will be neutral

Key point – nearly 100% think they know all about it but most actually don’t really understand it

Before questioning, think laterally – indicators of potential good sales cycles:-

• What other SaaS do they use? A SalesForce client is going to be very open!• Are they outsourced/have they outsourced functions?• Are they under pressure to reduce CAPEX?• Are they resource constraint?• Do they view themselves as progressive with technology?• Have they bought software/hardware solutions in the past and seen them become redundant/ineffective..

Page 17: SaaS

Qualifying Questions Security related - Key questions

Area of key focus- can they honestly say they have the skill set, time and funding to be world experts in stopping some of the most sophisticated threats their organisationfaces? And why would they want to be as a Law Firm/Manufacturing firm etc

• How confident are you at being able to combat the rising threat to your organization via email and the web in the coming years?

• What service level/accuracy contractual commitments do you get from your current software/hardware provider?

• What are the most critical security project priorities for you over the coming 2 years? (we are looking for them not to say email and web – this is a resource angle)

Page 18: SaaS

Qualifying Questions Finance related - Key questions

Core motivations are minimizing unpredictable capexexpenditure and having a guaranteed outcome in relation to solving what are big risks to the organisation.

•How much control do you have over the cost of keeping your core communication tools up and running?

• To what extent is the organisation driven to reduce unpredictable capital expenditure?

• How ‘core’ to your businesses strategy do you consider the task of blocking SPAM and unwanted content from you network?

Page 19: SaaS

Qualifying Questions IT Admin related - Key questions

The key angle here is uncovering potential pain and frustration around what can be seen a menial task for a well qualifies IT professional

• What do you consider the most interesting and important areas of you role?

• How much time over the past years have you spent deploying, managing and troubleshooting in relation to email and web protection?

• If we could completely solve all the challenges you face in relation to stopping unwanted email content, how interested would you be in exploring how we can do this for you?

Page 20: SaaS

The pain – how do I handle objections?

We have millions of users, across some of the most risk averse organisations on our SaaS platform. Have confidence!

If 43% of ASX have adopted, there is good reason.

Trust of a third party – can you read my email etc etc?!?!• Response – do you encrypt all your email today?

– If not, then it is like sending a postcard in the post..– Bouncing around ISP’s, no SLA’s, anyone can read it– We are one more ‘hop’– For the split second we have the mail – safest part of journey– We scan in memory – don’t store unless they want us to

Page 21: SaaS

The pain – how do I handle objections?

Do I lose control over my traffic/environment?• Response – No. Secure online Portal allows complete control, management, policy, reporting, searching, trouble shooting

– One of our strongest areas is our intuitive management process and tools– There will always be a few customers who feel they have very bespoke requirements. If we can’t meet these – we stack up the benefits of SaaS vs potential downside and sell hard.

Will you add latency to my traffic?• Response – How long does it take you to send and receive email today?

– They will not know! It is different for all mail from all locations– Could be 2 seconds, could be 2 minutes – We take milliseconds to scan. Even if we added 10 seconds latency to an email, what business impact would it have?

Page 22: SaaS

Competition in Australia

Who are you most likely to come up against?

Firstly – the majority of clients will still be ‘in house’

• Use the SaaS vs In House proposition

SaaS Competition – you will mainly come across…

• MessageLabs (Symantec Hosted Services)• Websense• MailGuard (local Australian provider)• Webroot

Page 23: SaaS

How do I price it? – very easy

A 5-25 MFE SaaS Email Prot 1:1 GL EPDECE-AA EPDECE-AA-AA 41.40

B 26-50 MFE SaaS Email Prot 1:1 GL EPDECE-AA EPDECE-AA-BA 40.21

C 51-100 MFE SaaS Email Prot 1:1 GL EPDECE-AA EPDECE-AA-CA 39.02

D 101-250 MFE SaaS Email Prot 1:1 GL EPDECE-AA EPDECE-AA-DA 34.71

E 251-500 MFE SaaS Email Prot 1:1 GL EPDECE-AA EPDECE-AA-EA 31.23

F 501-1000 MFE SaaS Email Prot 1:1 GL EPDECE-AA EPDECE-AA-FA 27.81

G 1001-2000 MFE SaaS Email Prot 1:1 GL EPDECE-AA EPDECE-AA-GA 22.55

EPDMcAfee SaaS Email ProtectionLICENSE: Per User Email Account. DELIVERABLE: activation email only [Assurance]. PRODUCT CONTENT: Security-as-a-Service that scans and filters spam, viruses, worms and unwanted content in incoming email and filters outbound email.

Standard Offering1yr Subscription License with 1yr Gold Software Support

Example:- 500 users, SaaS Email Scanning, 12 months

500 x $31.23 = $15,615

That is it! Nothing extra, all 24x7 support and updates included

Page 24: SaaS

Single management console

Page 25: SaaS

Summary

• The market for SaaS security solutions is growing much faster than Software and Appliances

• We have a competitive swap out opportunity with nearly 4 out of 10 of all your customers in ANZ

• ANZ is one of the most mature markets for SaaS globally – a huge opportunity for us all. Your customers are buying now!

• Until this year, little focus and presence of SaaS outside the SaaS Endpoint Space in Australia

• Sydney and Auckland datacenters now fully live for Email and Web Scanning

• We have a great solution – deliver a great service to your customers and help them reduce their costs

Page 26: SaaS

McAfee Tools & Resources

McAfee SaaS Product SpecialistsSaaS Solution Brief, Datasheet, Articles,

Case StudiesSaaS Online Demos

• http://mxlogic.com/sales/eds/demo1.htm

• www.mcafee.com/tpdemo

• www.mcafee.com/scdemo

• www.mcafee.com/tpinstall

• www.mcafee.com/tp_dashboard

SaaS Total Cost of Ownership Calculator• http://tco.mcafeesaas.com/

Page 27: SaaS

SaaS Next steps and Resources

So easy to create a compelling event through a Trial

Available on all SaaS solutions

SaaS Lead APAC – Richard Bowman+6594888186

www.mcafee.com/saas

Page 28: SaaS