The enhancements both offer lower price points to appeal to the lower end of the Atmosera TAM, and improve visibility to appeal to larger customers.
Portland OR-based Atmosera, a Tier-I Microsoft Cloud Solution Provider (CSP), has announced the expansion of both its managed information security and its compliance solutions, in order to provide a broader range of offerings that can better meet specific business needs, and provide more consultative solutions.
While Atmosera has been around for over two decades, they pivoted their business when they decided to focus exclusively on offerings for the Microsoft Azure cloud, which still has considerably less attention from solution providers than the longer-tenured AWS. Atmosera made the decision to commit their future to Azure when the platform was in its very early days. Over the last two years, they productized many pre-configured solutions around specific use cases on Azure, including archive, backup, disaster recovery, and cloud migration. Two months ago, they formally rolled all of these out as formal Azure Managed Services SKUs.
The new announcement is all about providing a more diverse set of security and compliance offerings.
“We are changing what had been something of a cookie cutter approach of getting everyone into the same type of security and compliance solutions, to one that is specifically addressed at meeting specific business needs,” said John Trembley, Atmosera’s CMO. “It’s a small change to allow us to be more consultative, and increase operational effectiveness.”
“We were originally approaching the market with a one-size-fits-all approach, and realized that it wasn’t the best suited to customers’ needs or their budgetary requirements,” said Ray Espinoza, Atmosera’s Vice President of Information Security & Chief Information Security Officer. Thus, while previously they offered a single PCI DSS compliance solution, they are now providing HIPAA solutions as well as others which provide a higher degree of visibility.
The new portfolio also has a broader range of price points, to open up more to the lower part of the market for enterprise grade solutions.
“We have tried to provide more entry points to better deal with those customers who want to improve their capabilities, without going to the highest levels of our capabilities,” Trembley said. “We are trying to make that journey a little easier for them. While we are also looking to improve visibility and operational effectiveness for our existing customer base, this improved flexibility will also allow customers who might not have been able to afford this before to consider us.”
“Some compliance regulations, like HIPAA, are more guideline related, while others like IRS 1075 have hundreds of specific controls,” Espinoza said.
Tremblay noted that as Atmosera continues to build on their Microsoft capability, compliance is the area that has grown most rapidly.
“Last year, it was 50 per cent of our deals,” he said. “That and the need higher levels of security led us to bring Ray on board and expand our portfolio.”
Espinoza said that while there is a clear heightened awareness in the market that security is important, most customers still need a lot of guidance.
“These tend to fall into two buckets,” he said. “One is people who think the public cloud is secure and there is nothing to worry about. This is really a reversal of the position until recently where people worried the cloud was not secure. Now they tend to no longer worry that the cloud is higher risk, but they think it’s not risky at all, and that’s not the case. In particular, they don’t know that most of the breaches are at the edge, not in the cloud itself. There is a lot of education to be done there.”
The second bucket is on the compliance side.
“These are the customers who look for the lowest investment they can get away with, and still be compliant,” Espinoza said.
“Azure has tools, but it is still not where you want to be from a security perspective,” he said. “We have invested quite a lot in these.”
The enhanced monitoring also allows Atmosera to close deals with larger companies.
“We will be able to stand behind higher SLA on response times,” he said. “You just don’t get the monitoring capabilities with the large public clouds and their response times are long.”