Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Two glimmers of hope for enterprise security

Eric Knorr | July 23, 2014
Will the endless stream of security compromises ever stop? No single security product can deliver salvation, but two new solutions, PingID and Tanium, show real promise.

Enterprise security has become the breach-of-the month club. No wonder the pipeline of new security solutions runneth over, promising salvation in the form of APT detection, new encryption schemes, malware early-warning systems, next-generation firewalls, sneaky employee monitoring software, and a whole lot more.

Whether or not such security tools make a dent in the problem -- most security disasters result from sloppy practices -- the demand seems limitless. InfoWorld's own 2014 survey saw a rise from 71 to 84 percent year over year in the number of IT respondents who declared security a "critical or very important" investment priority. Organizations are in a desperate search for technology to correct a security situation that has spun way out of control.

People who understand IT know there can be no magic bullets. But recently I've come across a couple of inventive solutions that stand out from rest.

The first is being announced today: PingID from Ping Identity, a firm that has been a pioneer in enterprise identity management. With PingFederate, it offered one of the first federated identity management solutions; with PingID it hopes to replace passwords -- as well as key fobs and smart cards -- with a two-factor authentication smartphone app. To start working, users sign on to the PingOne cloud service, which sends a one-time token to the app. Users then simply slide a big red button on the smartphone app to gain access to their work applications and services.

Makes sense, doesn't it? For most people, their smartphone is as indispensable as their keychain. Why shouldn't a smartphone be at the center of identity? And the user experience is simplicity itself (see "Ping Identity wants to replace sign-ons with smartphones" for details.)

Another intriguing solution, Tanium, applies highly original search techniques to interrogating endpoints across the enterprise. Most successful attacks occur when individual users download malware or malicious hackers poke their way through unpatched software. Tanium can obtain a near-real-time view of hundreds of thousands of endpoints to detect anomalies and determine which software lacks the latest patches -- and roll all of this into a dashboard view.

According to the company, the solution scales to half a million endpoints and you run use simple English queries across that infrastructure -- such as "show me all systems running Java 1.6" -- and get answers in seconds. To anyone who knows system administration, this sounds crazy, since it can take days to get such answers using conventional tools. The magic is performed by passing compressed messages from client to client, in what Tanium calls a "linear peer-to-peer" architecture, rather than the usual hub-and-spoke architecture employed by system management tools.

 

1  2  Next Page 

Sign up for CIO Asia eNewsletters.