Behind the Software Q&A with Netwrix CEO Michael Fimin
As business security breaches grow ever more common, it’s proving absolutely vital for a company to effectively monitor, diffuse and protect against potential security infrastructure weaknesses. Yet as the past year has shown, many organizations fail to recognize the signs of a possible breach before it’s too late — often due to a surplus of data and an inability to organize that data into digestible information.
California-based IT security software vendor Netwrix equips businesses to better manage their security and compliance through its change auditing software. In this Q&A with Netwrix CEO Michael Fimin, we talk about how the company’s change auditing tool — Netwrix Auditor — offers improved visibility of IT processes to help companies of all sizes protect against security and compliance threats.
To start, can you tell us how the idea for Netwrix first came about? Has the Netwrix company mission changed at all, now that 8 years have passed since its founding?
HEADQUARTERS: Irvine, CA
In 2006, Alex [Vovk, co-founder and COO of Netwrix] and I were working at Quest Software, a large enterprise IT software company, and we decided to try and create our own company [since] we knew a lot about the IT security industry. We didn’t [rely on] any investment money, we just started growing incrementally step by step, focusing mainly on the IT security space within the Microsoft IT environment.
Originally we didn’t have any clear ideas on what kind of product we should create, so we started with some basic entry-level tools for IT professionals. It took three or four years before we figured out what [products] would be of the most interest to our customer base and started to focus extensively on IT security. The direction we chose was security auditing software, which allows companies to gain complete visibility into what is happening in their IT infrastructure. We decided that we should pick one direction and focus on delivering the best possible quality, instead of doing several things at the same time and delivering average-quality products.
When you decided to focus on security auditing, did you see a certain need that wasn’t being addressed within the IT security space?What’s interesting is that the space [of security auditing] wasn’t new; it was pretty well defined at the time. Yet the products that were out there were not perfect; some of them were too bulky, and some of them required a lot of training effort and resources.
We decided to create a solution that delivered the same functionality [as the existing products in the space], but in an easier, more convenient way that would not require significant training or personnel to maintain. Netwrix Auditor is something that you install yourself and can get up and running with in less than an hour. [That ease of use] was — and still is — our main value proposition.
For those of our readers unfamiliar with the topic, can you describe the purpose of change and configuration auditing tools, as well as their value in today’s data- and technology-driven world?
It’s all based around the word change. You can’t keep static all of your running systems, your email, your files, your databases — you have to change them on an almost daily basis. As you change things, sometimes you change them for the better, and sometimes you change them for the worse. If you change something that breaks some of your systems, you end up having downtimes and lost productivity.
“Our product provides visibility into what is happening, which can enable early detection.”
Sometimes it can get even worse, if you change access rights and give unnecessary rights to people who are not supposed to have access, [which could cause] a security breach or a compliance problem. The healthcare industry is the perfect example: when people go to a hospital, they provide their personal data [which is protected by HIPAA]. If that data gets exposed because of incorrect access rights, you are subject to significant fines.
Our product helps [by providing] visibility into what is happening, which can enable early detection of all such situations. You can review when somebody grants access rights to another person [to make sure] it has a justifiable business purpose and wasn’t done accidentally or by someone intentionally trying to break the system.
What are some of the standout features in the recently released Netwrix Auditor 6.5?
The main feature of 6.5 is focused around data-access governance. Netwrix is really good at auditing and tracking changes in configuration, and now we’re moving toward answering critical questions such as who has access to what data. Data-access governance allows you to do reviews regularly and easily, and to clearly see who has access to what.
In addition to auditing consolidation, the platform also provides a single pane-of-glass view that shows statistical data, what is changing, what access rights were given, which systems are the most active and which users are the most active.
Can you tell us more about the freeware tools that Netwrix offers? When do you see users opting for the freemium model as opposed to the paid version?
Our free tools provide a great opportunity for startup companies and smaller companies to explore the benefits of our technology without paying anything. Even if a company is small, it has the same issues and challenges as a large enterprise. But unlike large enterprises, [smaller companies] are very tight on budget. Our free tools allow them to start maintaining the security of their sensitive data, and they can upgrade to the paid version as their business grows and needs more functionality.
We are seeing different examples [of how our customers decide whether to opt for the freemium model]. If a customer has a budgeted project, they typically start with a free trial. Those who don’t have a budget or don’t know whether they have a need but are interested in trying out the technology without any commitments typically start with the freeware. Some use the freeware for an extended period of time and never upgrade to the paid version, because it’s a quality product that allows users to accomplish and improve their workflows.
You count some pretty high-profile enterprises (PepsiCo, NASA, Walt Disney Pictures) as customers of Netwrix. What would you say has contributed to your success with such a large number of companies that are known for being household names?
Our technology is very scalable, and it works almost equally well in a small business and in a large enterprise. We have customers anywhere from 50 employees up to several hundred thousand employees. There’s almost no difference whether you have a small number of employees or a really large number. We cater to the needs of companies of all sizes.
Those high-profile enterprises help us to get our name out there and allow us to build more credibility. Then smaller companies look at us and say, “If some big name uses this product, then it’s probably a credible product,” and we gain more trust [with our users].
IT Management platforms have traditionally been perceived as expensive, time-consuming and labor-intensive. How does Netwrix defy these stereotypes?
The perception is that a lot of IT management and IT security products are pricey and require expensive professional services or expensive IT staff. But Netwrix Auditor is simple, efficient and affordable. It works right out of the box and doesn’t require extensive effort to get up and running. We also have a highly modular pricing structure, so you can pick only the solutions that you need; you don’t have to buy the whole product. What’s more important [with this structure] is that you pay for only what you need. If you need more functionality in the future — if you need to cover more types of systems and gain better visibility — you don’t have to go to another vendor, because we have it all.
One of our main benefits is great coverage. We support a lot of different types of systems, which the majority of our competitors don’t offer. Our competitors usually have point solutions, where you might buy one product for one company and then have to shop for another product to deal with another vendor. In our case, Netwrix Auditor is a one-stop platform, so you just add components to it. It’s also very simple to use, and you don’t need extended training or to hire additional personnel.
You just released the results of the 2014 Netwrix SIEM Efficiency Survey Report, which provides eye-opening stats on the prevalence of security breaches to IT infrastructures. What are some of the survey’s most important takeaways for today’s businesses?
We surveyed 800 IT professionals across more than 30 industries. The majority of [respondents] were small to midsize businesses, and 62 percent stated that they had encountered security breaches in their IT infrastructure. We keep hearing about all these security breaches like Home Depot, Target and J.P. Morgan in the news — and small and midsize businesses are having the exact same problems.
At the same time, more than half of the companies surveyed enforce their security policies by implementing either a SIEM (Security Information and Event Management) solution or another auditing solution. Even most of those who used a SIEM solution said the solution generated too much noise data, and that it was not easy to make any useful analyses or actionable intelligence.
“If we look at the [recent] breaches, these companies had an auditing solution in place but weren’t using the data.”
If we look at some of the breaches that have happened in the last 12 months, including the most famous Target breach, [these companies] had an auditing solution in place but were not using the data. Our survey pretty much reflects that [scenario]: companies have a SIEM product, but it generates so much noise that it makes the data hard to analyze. The data is not complete and the reports are difficult to understand, and those pieces of information do not give the complete picture.
Our solution is different. Netwrix Auditor is not a SIEM, but it’s an auditing solution that can integrate with SIEM technology and provides functionality that in certain cases is better than SIEM. We can integrate with major vendors like HP ArcSight, Splunk and IBM QRadar, and the data that we collect can be pushed into those systems. But at the same time, smaller companies who have never had a SIEM product can use our auditing product as a standalone solution. In both cases, the company wins. If they use Netwrix Auditor as a standalone product, they get easy-to-use functionality that addresses their security needs; if they already have a SIEM solution from a larger vendor, they can make that solution better.
How can an auditing tool like Netwrix Auditor help address these points of weakness?
A change and configuration auditing product like Netwrix Auditor reduces the noise. The solution clearly shows what is happening, so you don’t have to dig through all of your audit trails and event logs trying to re-create the picture manually — the solution automates that process. [A change auditing product] does not just provide the audit trails collected from different types of systems; it provides pre-correlated, high-quality audit data that is actionable.
Where do you see the future of change and configuration auditing headed? Are there any new capabilities Netwrix is currently working on that users can expect to see released in the near future?
Our vision is to continue expanding visibility not only into what is changing but also into how data is being used and what you can do to make that data more secure, so you don’t have any security breaches or compliance violations.
To accomplish that vision, we’re moving in two different directions that are parallel to each other. One [direction] is expanding the reach into systems like cloud-based services such as Microsoft Office 365, Salesforce.com and Google Apps, because [these tools] are starting to become the new standard in the way businesses process and store their data. The second direction is that we want to combine change and configuration auditing with data-access governance so that [users] have a full understanding of what is changing, what is currently in place and what actions should be taken in order to protect data from breaches.
Looking to learn more about Netwrix and other top IT management tools? Check out our array of free downloadable top IT management software comparison reports for a comprehensive overview of the IT management software industry. You can also check out our other Behind the Software exclusive interviews by visiting the Business-Software.com blog homepage.