As business security breaches grow ever more common, it’s proving absolutely vital for a company to effectively monitor, diffuse and protect against potential security infrastructure weaknesses. Yet as the past year has shown, many organizations fail to recognize the signs of a possible breach before it’s too late — often due to a surplus of data and an inability to organize that data into digestible information.
California-based IT security software vendor Netwrix equips businesses to better manage their security and compliance through its change auditing software. In this Q&A with Netwrix CEO Michael Fimin, we talk about how the company’s change auditing tool — Netwrix Auditor — offers improved visibility of IT processes to help companies of all sizes protect against security and compliance threats.
HEADQUARTERS: Irvine, CA
In 2006, Alex [Vovk, co-founder and COO of Netwrix] and I were working at Quest Software, a large enterprise IT software company, and we decided to try and create our own company [since] we knew a lot about the IT security industry. We didn’t [rely on] any investment money, we just started growing incrementally step by step, focusing mainly on the IT security space within the Microsoft IT environment.
Originally we didn’t have any clear ideas on what kind of product we should create, so we started with some basic entry-level tools for IT professionals. It took three or four years before we figured out what [products] would be of the most interest to our customer base and started to focus extensively on IT security. The direction we chose was security auditing software, which allows companies to gain complete visibility into what is happening in their IT infrastructure. We decided that we should pick one direction and focus on delivering the best possible quality, instead of doing several things at the same time and delivering average-quality products.
We decided to create a solution that delivered the same functionality [as the existing products in the space], but in an easier, more convenient way that would not require significant training or personnel to maintain. Netwrix Auditor is something that you install yourself and can get up and running with in less than an hour. [That ease of use] was — and still is — our main value proposition.
It’s all based around the word change. You can’t keep static all of your running systems, your email, your files, your databases — you have to change them on an almost daily basis. As you change things, sometimes you change them for the better, and sometimes you change them for the worse. If you change something that breaks some of your systems, you end up having downtimes and lost productivity.
Sometimes it can get even worse, if you change access rights and give unnecessary rights to people who are not supposed to have access, [which could cause] a security breach or a compliance problem. The healthcare industry is the perfect example: when people go to a hospital, they provide their personal data [which is protected by HIPAA]. If that data gets exposed because of incorrect access rights, you are subject to significant fines.
Our product helps [by providing] visibility into what is happening, which can enable early detection of all such situations. You can review when somebody grants access rights to another person [to make sure] it has a justifiable business purpose and wasn’t done accidentally or by someone intentionally trying to break the system.
The main feature of 6.5 is focused around data-access governance. Netwrix is really good at auditing and tracking changes in configuration, and now we’re moving toward answering critical questions such as who has access to what data. Data-access governance allows you to do reviews regularly and easily, and to clearly see who has access to what.
In addition to auditing consolidation, the platform also provides a single pane-of-glass view that shows statistical data, what is changing, what access rights were given, which systems are the most active and which users are the most active.
Our free tools provide a great opportunity for startup companies and smaller companies to explore the benefits of our technology without paying anything. Even if a company is small, it has the same issues and challenges as a large enterprise. But unlike large enterprises, [smaller companies] are very tight on budget. Our free tools allow them to start maintaining the security of their sensitive data, and they can upgrade to the paid version as their business grows and needs more functionality.
We are seeing different examples [of how our customers decide whether to opt for the freemium model]. If a customer has a budgeted project, they typically start with a free trial. Those who don’t have a budget or don’t know whether they have a need but are interested in trying out the technology without any commitments typically start with the freeware. Some use the freeware for an extended period of time and never upgrade to the paid version, because it’s a quality product that allows users to accomplish and improve their workflows.
Our technology is very scalable, and it works almost equally well in a small business and in a large enterprise. We have customers anywhere from 50 employees up to several hundred thousand employees. There’s almost no difference whether you have a small number of employees or a really large number. We cater to the needs of companies of all sizes.
Those high-profile enterprises help us to get our name out there and allow us to build more credibility. Then smaller companies look at us and say, “If some big name uses this product, then it’s probably a credible product,” and we gain more trust [with our users].
The perception is that a lot of IT management and IT security products are pricey and require expensive professional services or expensive IT staff. But Netwrix Auditor is simple, efficient and affordable. It works right out of the box and doesn’t require extensive effort to get up and running. We also have a highly modular pricing structure, so you can pick only the solutions that you need; you don’t have to buy the whole product. What’s more important [with this structure] is that you pay for only what you need. If you need more functionality in the future — if you need to cover more types of systems and gain better visibility — you don’t have to go to another vendor, because we have it all.
One of our main benefits is great coverage. We support a lot of different types of systems, which the majority of our competitors don’t offer. Our competitors usually have point solutions, where you might buy one product for one company and then have to shop for another product to deal with another vendor. In our case, Netwrix Auditor is a one-stop platform, so you just add components to it. It’s also very simple to use, and you don’t need extended training or to hire additional personnel.
We surveyed 800 IT professionals across more than 30 industries. The majority of [respondents] were small to midsize businesses, and 62 percent stated that they had encountered security breaches in their IT infrastructure. We keep hearing about all these security breaches like Home Depot, Target and J.P. Morgan in the news — and small and midsize businesses are having the exact same problems.
At the same time, more than half of the companies surveyed enforce their security policies by implementing either a SIEM (Security Information and Event Management) solution or another auditing solution. Even most of those who used a SIEM solution said the solution generated too much noise data, and that it was not easy to make any useful analyses or actionable intelligence.
If we look at some of the breaches that have happened in the last 12 months, including the most famous Target breach, [these companies] had an auditing solution in place but were not using the data. Our survey pretty much reflects that [scenario]: companies have a SIEM product, but it generates so much noise that it makes the data hard to analyze. The data is not complete and the reports are difficult to understand, and those pieces of information do not give the complete picture.
Our solution is different. Netwrix Auditor is not a SIEM, but it’s an auditing solution that can integrate with SIEM technology and provides functionality that in certain cases is better than SIEM. We can integrate with major vendors like HP ArcSight, Splunk and IBM QRadar, and the data that we collect can be pushed into those systems. But at the same time, smaller companies who have never had a SIEM product can use our auditing product as a standalone solution. In both cases, the company wins. If they use Netwrix Auditor as a standalone product, they get easy-to-use functionality that addresses their security needs; if they already have a SIEM solution from a larger vendor, they can make that solution better.
A change and configuration auditing product like Netwrix Auditor reduces the noise. The solution clearly shows what is happening, so you don’t have to dig through all of your audit trails and event logs trying to re-create the picture manually — the solution automates that process. [A change auditing product] does not just provide the audit trails collected from different types of systems; it provides pre-correlated, high-quality audit data that is actionable.
Our vision is to continue expanding visibility not only into what is changing but also into how data is being used and what you can do to make that data more secure, so you don’t have any security breaches or compliance violations.
To accomplish that vision, we’re moving in two different directions that are parallel to each other. One [direction] is expanding the reach into systems like cloud-based services such as Microsoft Office 365, Salesforce.com and Google Apps, because [these tools] are starting to become the new standard in the way businesses process and store their data. The second direction is that we want to combine change and configuration auditing with data-access governance so that [users] have a full understanding of what is changing, what is currently in place and what actions should be taken in order to protect data from breaches.
Looking to learn more about Netwrix and other top IT management tools? Check out our array of free downloadable top IT management software comparison reports for a comprehensive overview of the IT management software industry. You can also check out our other Behind the Software exclusive interviews by visiting the Business-Software.com blog homepage.