New startup vArmour is joining the mix to solve a persistent data center security problem: How do enterprises keep information safe as file storage increasingly becomes virtual?
There was a time when companies stored sensitive files on specific hardware — that is no longer the case. Cloud technology has made it so that files aren’t stored on one particular hard drive or tower anymore. Instead they move fluidly from server to server. That technology makes data centers more efficient and IT more flexible, but it also compromises security software, which relies on files staying in one place.
“Security likes to be able to lock your stuff in place,” says Jon Oltsik, senior principle analyst at Enterprise Strategy Group.
Security software is designed to know where a given file is and watch it for changes or abnormalities. If a security system knows where all the files are and what all the files are, it can more easily detect malware — or any other file that’s not supposed to be in the system. But with “virtualization,” or the increasing use of virtual computers, a file’s location is more tenuous, and security software has a harder time protecting files and locating intruders.
While data centers employ perimeter security to keep the bad guys out, they’re still getting in — and they know virtualization provides a sort of invisibility cloak once they do. On average, an attacker can live inside a network for 243 days before it’s found, according to research from the Gartner Group.
“Virtualization gives you the ability to move things around, and most companies are securing that capability. But you sacrifice security, or you have to add a lot of manual labor,” says Oltsik. As data centers become more virtual, engineers have to adjust the security settings manually every time a file moves.
Those in network security are highly aware of this gaping hole. Companies like Cisco have been modifying their existing software to plug the gap and are working on new solutions, but the problem is far from solved. Enter vArmour a security company still in stealth that’s building its software from the ground up specifically for virtual environments.
The company’s software will focus on beefing up perimeter security, tailoring it to virtualized centers, and visualizing traffic flows within data centers — so hackers will be easier to spot. Though vArmour is being quiet about the specifics of its technology, it is definitely working with some interesting players.
Dave Stevens and Lane Bess, both former CEOs of security firm Palo Alto Networks, just joined the company’s board as investors, and Derek Smith, CEO of Shape Security, is also an investor. Shape Security was co-founded by ex-Googler Sumit Agarwal and is focused on preventing hacks on enterprises by stopping them at the user interface level (for example, hackers who get into a company’s network through an app). That means the products could be used in tandem.
Currently the company has at least seven angel investors, including the three already mentioned, and raised $6 million in its last round. vArmour plans to come out of stealth this fall.