Welcome!

@CloudExpo Authors: Yeshim Deniz, Pat Romanski, Elizabeth White, Zakia Bouachraoui, Liz McMillan

Related Topics: @CloudExpo, Cloud Security

@CloudExpo: Article

CloudPassage: "Only Security Platform Purpose-Built for Cloud"

Company VP Joerg Rathenberg Interviewed at Cloud Expo

CloudPassage delivers a server security platform that's been "purpose-built for the cloud," according to the company. I spoke at Cloud Expo with Joerg Rathenberg, the company's VP of Marketing. Joerg was with IBM early in his career, "helping to build a new IBM in Eastern Europe as the cold war came to an end," he says.

Today, he focuses on CloudPassage's Halo product, which provides automated vulnerability management, compliance monitoring, network access control, server account administration, and security event alerting through REST APIs in all types of cloud environments.

"CloudPassage is securing cloud servers on the IAAS level," he told me. "Any company that runs its servers in the cloud will need to secure these servers, and CloudPassage will help them do this in an automated and scalable way."

Me: And delivered as SaaS, right?

Joerg: Yes, being a true cloud player, of course our product is delivered as Software-as-a-Service. Pricing is on a utility model - pay as you go - although as you know, we offer a free version as well.

Me: So what sort of customer engages initially with the free version? And how do you convince them to upgrade?

Joerg: The main group of people signing up are the ones responsible for running the cloud servers. In medium and small companies, these can be part of the development team, typically run by DevOps, SysAdmins and others.

In enterprises, often the Business Units go and subscribe to their own cloud servers for development. Here it is often the developers, product managers or product architects who come and sign up for Halo Basic, our freemium product, which is available for up to 25 servers without time limitation. They don't need a credit card or sign contracts, and they can secure their servers within a few minutes.

The upgrade to Halo Professional happens when companies start running more than 25 servers in the cloud. Other features include a very comprehensive API, and full access to two years' worth of detailed security log data. This is important to those companies with compliance requirements like PCI, HIPAA, and others.

Me: What sorts of security and related technical burdens do you eliminate for your customers? And how do you provide them the control they need?

Joerg: Companies go to the cloud to take advantage of economies of scale and flexibility. So, if an e-Tailer does not need the 500 additional cloud servers that the used to get through the holiday season, they simply turn them off and don't have to pay for them any longer.

Any company that subscribes to an Amazon EC2, Rackspace, Terremark, Gogrid or other cloud server solution is sharing the responsibility of securing their cloud servers. The problem is that traditional security systems don't support the architectural challenges and elastic capabilities of the cloud. CloudPassage Halo is the only cloud infrastructure platform expressly designed for the cloud and delivered as a service.

Me: How flexible is this, really?

Joerg: Using Halo, our customers can move their servers from one provider to another anytime they want - such as, if it's cheaper for them to do so - and retain their security. They can scale up and down, automatically deploy thousands of servers and be assured that they are secure. It doesn't matter if these servers are located in the public, private or hybrid cloud.

(Additionally,) a "single pane of glass" allows them to manage their entire cloud infrastructure from one central place. Security functionality includes host-based firewalls, vulnerability scanning, account management, two-factor authentication, and more.

Me: Revisiting an earlier question, then, what sorts of companies - by vertical markets and size - benefit the most from CloudPassage? Put another way, are there any limits to the type of customer that can succeed with your company?

Joerg: Because Halo is delivered as a service hosted in the cloud, it is infinitely scalable. At this stage, a lot of our customers come from business models that are leveraging the cloud. In particular SaaS providers are a perfect match.

Me: Oh, I see...

Joerg: For example, companies like Zappos, Foursquare, Avatar NewYork, ExoIS and others are investing in could deployments and rely on Halo for securing their infrastructure.

Three business models are particularly prominent: App Development - Development shops, integrators, but also Enterprise BU's who need fast, inexpensive and agile environments and need to protect their IP; Permanent App Hosting - these are the SAAS providers, social media and gaming companies that require scalable, elastic computing; Temporary Elastic Workloads - retail, life science, financial services and media companies with seasonal or project-driven spikes who need to protect their IP and their big data deployments.

Me: How do you continue to improve Halo? That is, how much do you learn from your customers? How much additional research are you doing to ensure continuous improvement?

Joerg: We are working closely with a number of Lighthouse customers for different use cases. As an agile development shop we rely on beta programs and are able to react quickly. We also rely on primary research - just  in the process of wrapping up a survey administered to several thousand IT professionals, where we are testing for their cloud plans and their preferences."

Me: What are the Three Big Reasons a company should engage with CloudPassage?

Joerg: First, to remain competitive, companies have to invest in cloud technology today. CloudPassage has everything they need to secure their cloud servers.

Second, to this point CloudPassage offers the only security platform available, that is purpose-built for the cloud and delivered as a service.

Third, we understand that security is one of the main inhibitors for massive cloud deployment. So CloudPassage makes cloud security fast, simple and automated so that companies can leverage the elasticity and the economics of the cloud today.

Follow me on Twitter

More Stories By Roger Strukhoff

Roger Strukhoff (@IoT2040) is Executive Director of the Tau Institute for Global ICT Research, with offices in Illinois and Manila. He is Conference Chair of @CloudExpo & @ThingsExpo, and Editor of SYS-CON Media's CloudComputing BigData & IoT Journals. He holds a BA from Knox College & conducted MBA studies at CSU-East Bay.

Comments (0)

Share your thoughts on this story.

Add your comment
You must be signed in to add a comment. Sign-in | Register

In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.


CloudEXPO Stories
Every organization is facing their own Digital Transformation as they attempt to stay ahead of the competition, or worse, just keep up. Each new opportunity, whether embracing machine learning, IoT, or a cloud migration, seems to bring new development, deployment, and management models. The results are more diverse and federated computing models than any time in our history.
On-premise or off, you have powerful tools available to maximize the value of your infrastructure and you demand more visibility and operational control. Fortunately, data center management tools keep a vigil on memory contestation, power, thermal consumption, server health, and utilization, allowing better control no matter your cloud's shape. In this session, learn how Intel software tools enable real-time monitoring and precise management to lower operational costs and optimize infrastructure for today even as you're forecasting for tomorrow.
"Calligo is a cloud service provider with data privacy at the heart of what we do. We are a typical Infrastructure as a Service cloud provider but it's been designed around data privacy," explained Julian Box, CEO and co-founder of Calligo, in this SYS-CON.tv interview at 21st Cloud Expo, held Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA.
Isomorphic Software is the global leader in high-end, web-based business applications. We develop, market, and support the SmartClient & Smart GWT HTML5/Ajax platform, combining the productivity and performance of traditional desktop software with the simplicity and reach of the open web. With staff in 10 timezones, Isomorphic provides a global network of services related to our technology, with offerings ranging from turnkey application development to SLA-backed enterprise support. Leading global enterprises use Isomorphic technology to reduce costs and improve productivity, developing & deploying sophisticated business applications with unprecedented ease and simplicity.
While a hybrid cloud can ease that transition, designing and deploy that hybrid cloud still offers challenges for organizations concerned about lack of available cloud skillsets within their organization. Managed service providers offer a unique opportunity to fill those gaps and get organizations of all sizes on a hybrid cloud that meets their comfort level, while delivering enhanced benefits for cost, efficiency, agility, mobility, and elasticity.