OpManager: A single console to manage your complete IT infrastructure. Click here for a 30-day free trial.
Welcome Guest | Sign In
LinuxInsider.com

StillSecure CTO Mitchell Ashley on Securing the Desktop

StillSecure CTO Mitchell Ashley on Securing the Desktop

"I think it's a dirty secret in network security that while we've all been locking down the perimeter, the real danger was with the end user," StillSecure CTO Mitchell Ashley told the E-Commerce Times. "Someone could have a laptop that was compromised long ago and they didn't know it, and suddenly they're in your office, plugging into your network. That's scary."

By Elizabeth Millard E-Commerce Times ECT News Network
04/20/04 3:59 AM PT

Recently, a seemingly endless string of worms and viruses has focused attention on the sometimes-questionable security of firewalls, virtual private networks (VPNs) and even the Internet itself. Network security software provider StillSecure aims to tackle the security issue at the desktop, a level that is often overlooked. With its new Safe Access product, the company believes it will make a splash in the endpoint security pool.

StillSecure CTO and vice president of engineering Mitchell Ashley spoke with the E-Commerce Times about the sophistication of today's attacks, and why they need to be addressed at every level.

E-Commerce Times: There are so many security products on the market right now. What attributes set Safe Access apart from the others?

Mitchell Ashley: We have the approach that if you take the right functionality and package it in a good way and then make it cost effective, that's rare. You certainly see many products that have the latest and greatest technology Visit the VMware Tech Center, and you also see products that have a low cost. But you don't often see the two combined. We try to drive the middle point, to have a security solution for the masses. That's where we spend a lot of time.

ECT: How does Safe Access fit in with your other products?

Ashley: It fits into three product families that we currently have. First is a management system that does scanning but has more of an emphasis on vulnerability lifecycle. The next is a verification product that makes sure vulnerabilities are taken care of. And it also fits in with our Border Guard product, which is an intrusion detection system that identifies malicious traffic and offers different blocking methods. Safe Access fits into this picture because it offers a third layer of protection -- to make sure a company has no vulnerabilities at the endpoint level.

ECT: Why is endpoint security important, if there are other security layers being implemented?

Ashley: It's becoming increasingly important because we've seen attacks recently that are different than attacks in the past. These viruses and worms are targeting the end user. They target specific tasks that an end user would do, like open a .zip file or click on an e-mail attachment that's supposed to download a security patch. These are behaviors that we want them to do, so they've become automatic. But when these same behaviors are the way that viruses get put on a network, that's dangerous. It means that the end user has become the weak link in the chain.

It isn't even that we've left open the front door or the back door. It's that we've locked the front door only to find out that the house has no back wall.

ECT: Do you think companies aren't doing enough to strengthen that weak link?

Ashley: Definitely not. I think it's a dirty secret in network security that while we've all been locking down the perimeter, the real danger was with the end user. And it's an increasing problem, because you have more and more people getting onto a network from other locations like home or hotel rooms. And they're using different kinds of devices.

Someone could have a laptop that was compromised long ago and they didn't know it, and suddenly they're in your office, plugging into your network. That's scary.

ECT: With these new threats, do you think there will be more focus on endpoint security in the near future?

Ashley: I think you're seeing a lot more people talking about it now, and there's a growing realization of how big a problem it really is. There are a number of existing technologies that touch on the threat and address it in some way, like some appliance management and personal firewalls. But nothing really addresses the endpoint in terms of making it a security layer that needs to be defended.

However, I do think that will change. You're starting to see companies like Zone Labs and Check Point looking at the problem, and when the big players in the market are paying attention, change is on the way.

ECT: Why do you think that current endpoint offerings aren't up to the task right now?

Ashley: What's on the market now is like a Band-Aid. It addresses the problem, but not at the level that it should. Companies need to make sure that devices are safe and compliant, and do this with a level of staff involvement.

ECT: It seems that proper security training for staff has also become an issue. How will more endpoint products address that challenge?

Ashley: Up until now, the end user knew that a company had a security policy, and that they were required to follow it. But it was on an honor system as to whether the employees actually read the policy and whether they followed it.

For example, if a policy says that an employee is required to have antivirus software installed at home for when they access the company network remotely, who would be in charge of checking to make sure they have it? The IT department isn't going to show up at an employee's house and look at their computer to make sure they're compliant with the policy.

With endpoint software, there's finally a way to implement policy. Also, there's a checkpoint where you can scan an employee's computer before they get on the network to make sure they're compliant. The next step is enforcement, and that can be done on an ongoing basis. So, when they're on the network, an alert can come up whenever they try to download something. When you add reporting to that, so that security personnel know what's going on, then you have a systematic way to make sure that a network is protected at the desktop level.

ECT: How do you think a rise in endpoint security products would affect the security market?

You'll see existing companies turn their focus toward endpoint security, as well as see some new players enter the market. Every security firm is going to have to take a look at this area.

After talking to customers, I've come to understand that this isn't something the market is just creating on its own. There isn't a push to create endpoint security without a need in the marketplace. This is something customers have been asking for and wanting for some time. It may be a new aspect of enterprise security, but it's being driven by customers. It'll be a fast-moving market once it really gets going.


Facebook Twitter LinkedIn Google+ RSS