English   Deutsch   Русский   中文    

News from the Analyst Summit in London

Jun 06, 2011 by Sachar Paulus

Every Summer, Eskenzi PR organizes the IT security analyst and CISO forum. It basically consists of one-on-one meetings between vendors and analysts and round table discussions between vendors, analysts and end-users, typically CISOs. And the event this year was excellent!

The quality and density of information is quite high, and it allows to grasp trends, both on the vendor as well on the end-user side, quite well in a highly condensed format. So: an ideal opportunity to review a number of technology trends.

Here are a few insights of the event I want to share with my followers. This list is not exhaustive and represents my personal view on the products discussed, and obviously this is not an objective analyst review as it should be. Nevertheless, it might give you some fruit for thought...

  • Regarding Cloud Security, there is always the discussion how to secure the information in the Cloud against the Cloud service provider, in case one might not trust him. Safenet has introduced the concept of pre-boot authentication, well known from Laptop security, to secure virtual machine images in the Cloud. A pretty neat idea - we will see how it will evolve, esp. because it of course uses a proprietary format (as all device encryption software manufacturers do).
  • You don't know where your devices are? What is part of the standard for iPhones, now comes for all mobile IT devices, including Laptops of any kind: location services, including remote destruction, and even selected data retrieval. And the best: the solution is preinstalled in the BIOS of most manufacturers, so just turn on an the security is there. Great, because very pragmatic, solution. Go and visit Absolute Software's portfolio.
  • Standard IRM solutions - and for those not reading my blog regularly, I believe this is a necessary technology for a Secure Cloud usage - are missing the identification and classification means for data to be protected, and thus leave the use alone with that mess. Secure Islands, a small innovative vendor from Israel, provides the solution: it re-uses standard IRM, but integrates nicely into e-mail suites, browsers and local programs. The Secure Islands solution really boosts the usage of IRM because of the high simplicity.
  • Knowing where your data is - and who actually accesses it - is an important prerequisite for secure data management and access management in general. A totally different approach than we usually see is the one followed by Varonis, who enable IT people to discover - and track, if necessary - where the data is that people are using. And this across all shares, web content management systems, ftp servers and alike. Monitor who actually accessed a specific folder with insider information in the last 4 weeks? This information is just a few clicks away. Interestingly, most customers are buying the solution not because of security needs, but for optimizing storage concepts and their implementation.
  • It just happened again this morning: a certificate expired, and I had this damned popup saying that I cannot trust a specific web site any more. I cannot really do anything about it and I blame the web site owner for not keeping its certificates up to date. Venafi takes care about this problem, and helps you manage the thousands of certificates and key pairs that are in use in a professional IT environment.
These are only a few of those companies I have seen, and of course there are more, that do a great Job such as Lieberman Software, Imperva of M86Security.

Overall, one might identify a trend: more and more vendors respond to the demand of end-users that preventive controls are nice and if doable and affordable they are the best one can do, but in the meantime it is necessary to manage the insecurity, so a lot of products focus on more transparency and thus helping at least knowing what is going on - right or wrong.


Author info

Sachar Paulus
Scientific Advisor
Profile | All posts
KuppingerCole Blog
KuppingerCole Select
Register now for KuppingerCole Select and get your free 30-day access to a great selection of KuppingerCole research materials and to live training sessions.
Register now
Customer-Centric Identity Management
As more and more traditional services move online as part of the digital transformation trend, consumer-centric identity management is becoming increasingly vital business success factor. Customers aren’t just physical persons, they are also the devices used by customers, they are also intermediate organisations and systems which operate together to enable the provisioning of the service.
KC EXTEND shows how the integration of new external partners and clients in your IAM can be done while at the same time the support of the operational business is ensured.
 KuppingerCole News

 KuppingerCole on Facebook

 KuppingerCole on Twitter

 KuppingerCole on YouTube

 KuppingerCole at LinkedIn

 Our group at LinkedIn

 Our group at Xing
Imprint       General Terms and Conditions       Terms of Use       Privacy policy
© 2003-2016 KuppingerCole