Vidder’s Junaid Islam Explains How its Software Defined Perimeter Prevents Malicious Attacks
Hackers are no longer limited in what they can accomplish. The world has transformed from an in-office corporate structure to a flexible environment that allows individuals to work for companies that are thousands of miles away. This is great for enterprises and for employees, but it has opened the door to new vulnerabilities.
“This is really challenging the existing security model,” said Junaid Islam, founder and CTO of Vidder. “One of the downsides of this new business environment is more cyber attacks. It’s so easy for hackers to get to you because there are so many ways to do it. They could go right after an employee working at home, using a home PC. They could go after a contractor.”
Vidder wanted to create a new security architecture that addressed the problems brought on by the evolving business world.
“Traditionally, security really came in the form of boxes,” said Islam, who spoke to Richard Stiennon at the 2016 RSA Conference in San Francisco. “You used to buy a box that did some security function. That was great when all your computers were in a single place and you could use a box to protect them. But now your assets are everywhere. You might have, still, applications in your datacenter. But you might have something in a cloud, so we developed a security solution based on a new concept called a Software Defined Perimeter.”
Software Defined Perimeter (SDP) allows enterprises to protect their assets wherever they are: in a datacenter, in the cloud, etc.
“We allow you as a company to have a consistent level of security across all of your assets…by having a set of checks that are performed for everybody,” he said. “The key is we do it super fast. When you want to sign in as a user, the first thing we do is check your device and see if your device is known by us. If it’s known, then you go to the next step.”
Then Vidder asks the user to sign in to see if his or her credentials are correct.
“The next thing we do is figure out what you are supposed to do in the company,” Islam continued. “Are you an executive? Are you a contractor? And then the final step is we create access for you. We use the term ‘precision access.’ This very simple mechanism is actually quite powerful. Instead of hackers being able to pretend to be you and access everything, the worst-case scenario is the hacker can only see what you can see.”
As a result, Islam said that Vidder “really changes the threat landscape by many orders of magnitude.”