May
11
2021
--

Jamf snags zero trust security startup Wandera for $400M

Jamf, the enterprise Apple device management company, announced that it was acquiring Wandera, a zero trust security startup, for $400 million at the market close today. Today’s purchase is the largest in the company’s history.

Using a set of management services for Apple devices, Jamf provides IT at large organizations. It is the leader in the market, and snagging Wandera provides a missing modern security layer for the platform.

Jamf CEO Dean Hager says that Wandera’s zero trust approach fills in an important piece in the Jamf platform tool set. “The combination of Wandera and Jamf will provide our customers a single source platform that handles deployment, application lifecycle management, policies, filtering and security capabilities across all Apple devices while delivering zero trust network access for all mobile workers,” Hager said in a statement.

Zero trust, as the name implies, is an approach to security where you don’t trust anybody regardless of whether they are inside or outside your network. It requires that you force everyone to provide multiple forms of authentication to prove their identity before they can access company resources.

The need for a zero trust approach became even more acute during the pandemic when employees have often been working from home and have needed access to applications and other company resources from wherever they happened to be, a trend that was happening even prior to COVID, and is likely to continue after it ends.

Wandera, which is based in London, was founded in 2012 by brothers Roy and Eldar Tuvey, who had previously co-founded another security startup called ScanSafe. Cisco acquired that company, which helped protect web gateways as a service, for $183 million back in 2009. The brothers raised over $53 million along the way for Wandera. Investors included Bessemer Venture Partners, 83North and Sapphire Ventures.

Sapphire co-founder and managing director Andreas Weiskam had this to say about the company: “I’ve had the pleasure of working with co-founders (and brothers) Eldar Tuvey and Roy Tuvey for the last several years now and I can honestly say they’re great entrepreneurs and leaders, having built a real company of consequence.”

He added, “They’ve created a unique security product which addresses mobile threats by leveraging the increasingly important zero trust network. By joining the Jamf family, the two will help shape the future of the zero trust cloud. And it goes without saying that this is a big win for the customers, especially for those in the Apple ecosystem.”

Under the terms of the deal, Jamf is paying Wandera $350 million in cash, then paying them two $25 million payments on October 1, 2021 and December 15, 2021. The deal is expected to close in the third quarter, assuming it passes regulatory scrutiny.

 

Jan
26
2021
--

Google’s BeyondCorp Enterprise security platform is now generally available

Google today announced that BeyondCorp Enterprise, the zero trust security platform modeled after how Google itself keeps its network safe without relying on a VPN, is now generally available. BeyondCorp Enterprise builds out Google’s existing BeyondCorp Remote Access offering with additional enterprise features. Google describes it as “a zero trust solution that enables secure access with integrated threat and data protection.”

Over the course of the last few years, Google — and especially its Cloud unit — has evangelized the zero trust model and built a large partner network around this idea. Those partners include the likes of Check Point, Citrix, CrowdStrike, Symantec and VMWare.

As part of BeyondCorp Enterprise, businesses get an end-to-end zero trust solution that includes everything from DDoS protection and phishing-resistant authentication, to the new security features in the Chrome browser and the core continuous authorization features that protect every interaction between users and resources protected by BeyondCorp.

“The rapid move to the cloud and remote work are creating dynamic work environments that promise to drive new levels of productivity and innovation. But they have also opened the door to a host of new security concerns and sparked a significant increase in cyberattacks,” said Fermin Serna, chief information security officer at Citrix. “To defend against them, enterprises must take an intelligent approach to workspace security that protects employees without getting in the way of their experience following the zero trust model.”

May
21
2020
--

6 CISOs share their game plans for a post-pandemic world

Like all business leaders, chief information security officers (CISOs) have shifted their roles quickly and dramatically during the COVID-19 pandemic, but many have had to fight fires they never expected.

Most importantly, they’ve had to ensure corporate networks remain secure even with 100% of employees suddenly working from home. Controllers are moving millions between corporate accounts from their living rooms, HR managers are sharing employees’ personal information from their kitchen tables and tens of millions of workers are accessing company data using personal laptops and phones.

This unprecedented situation reveals once and for all that security is not only about preventing breaches, but also about ensuring fundamental business continuity.

While it might take time, everyone agrees the pandemic will end. But how will the cybersecurity sector look in a post-COVID-19 world? What type of software will CISOs want to buy in the near future, and two years down the road?

To find out, I asked six of the world’s leading CISOs to share their experiences during the pandemic and their plans for the future, providing insights on how cybersecurity companies should develop and market their solutions to emerge stronger:

The security sector will experience challenges, but also opportunities

The good news is, many CISOs believe that cybersecurity will weather the economic storm better than other enterprise software sectors. That’s because security has become even more top of mind during the pandemic; with the vast majority of corporate employees now working remotely, a secure network has never been more paramount, said Rinki Sethi, CISO at Rubrik. “Many security teams are now focused on ensuring they have controls in place for a completely remote workforce, so endpoint and network security, as well as identity and access management, are more important than ever,” said Sethi. “Additionally, business continuity and disaster recovery planning are critical right now — the ability to respond to a security incident and have a robust plan to recover from it is top priority for most security teams, and will continue to be for a long time.”

That’s not to say all security companies will necessarily thrive during this current economic crisis. Adrian Ludwig, CISO at Atlassian, notes that an overall decline in IT budgets will impact security spending. But the silver lining is that some companies will be acquired. “I expect we will see consolidation in the cybersecurity markets, and that most new investments by IT departments will be in basic infrastructure to facilitate work-from-home,” said Ludwig. “Less well-capitalized cybersecurity companies may want to begin thinking about potential exit opportunities sooner rather than later.”

Apr
10
2019
--

Google Cloud unveils new identity tools based on Zero Trust framework

Google Cloud announced some new identity tools today at Google Cloud Next designed to simplify identity Access Management within the context of the BeyondCorp Zero Trust security model.

Zero Trust, as the name implies, means you have to assume you can’t trust anyone using your network. In the days before the cloud, you could set up a firewall and with some reasonable degree of certainty assume people inside had permission to be there. The cloud changed that, and Zero Trust was born to help provide a more modern security posture that took that into account.

The company wants to make it easier for developers to build identity into applications without a lot of heavy lifting. It sees identity as more than a way to access applications, but as an integral part of the security layer, especially in the context of the BeyondCorp approach. If you know who the person is, and can understand the context of how they are interacting with you, that can give strong clues as to whether the person is who they actually say they are.

This is about more than protecting your applications, it’s about making sure that your entire system from your virtual machine to your APIs are all similarly protected. “Over the past few months, we added context-aware access capabilities in Beta to C?loud Identity-Aware Proxy ?(IAP) and V?PC Service Controls ?to help protect web apps, VMs and Google Cloud Platform (GCP) APIs. Today, we are making these capabilities generally available in Cloud IAP, as well as extending them in Beta to C?loud Identity? to help you protect access to G Suite apps,” the company wrote in an introductory blog post.

Diagram: Google

This context-aware access layer protects all of these areas across the cloud. “Context-aware access allows you to define and enforce granular access to apps and infrastructure based on a user’s identity and the context of their request. This can help increase your organization’s security posture while giving users an easy way to more securely access apps or infrastructure resources, from virtually any device, anywhere,” the company wrote.

The G Suite protection is in beta, but the rest is generally available starting today.

Powered by WordPress | Theme: Aeros 2.0 by TheBuckmaker.com