Awhile ago I wrote a about Dome9's security offering and was skeptical about its long-term opportunity. As I saw it, offering an add-on security product to a platform as voracious as Amazon Web Services (AWS) was a recipe for disruption. AWS has a history of intense innovation, and often ecosystem partners have been steamrolled by that process. As I saw it, Dome9 filled a short-term opportunity that would soon be fulfilled by AWS.
But then Dome9 challenged me on my view and invited me to chat with one of its customers. I spent some time talking with Rich Sutton, vice president of engineering at Nexgate, which is now a division of Proofpoint. Proofpoint is a big AWS user and utilizes a number of its services. As such, it was a natural enough to think that were AWS to roll out the sort of advanced identity management features that Dome 9 offers, Proofpoint would be quick to take them up.
Double assurance valuable
Not so, said Sutton, who explained to me that access to Proofpoint's AWS environment is access to the entire business. As such, Proofpoint takes its identity management very seriously, and having an extra layer of security was valuable to them.
To that I replied, naturally enough, that were AWS to offer that secondary level of protection, surely that would meet Proofpoint's needs. That simplistic viewpoint is, in fact, is not the case. Sutton sees Dome9 as a third-party provider that assures their AWS infrastructure is doubly secure.
I dug into that a little, and Sutton explained that privileges to Dome9 cannot be used for anything that is destructive. Proofpoint gives Dome9 credentials that give access but not the ability to destroy AWS infrastructure. For a $2 billion company with 1,500 employees across the globe, that is an important trait. This is especially the case for Proofpoint, which despite being in business since 2002, has inherited much of its AWS footprint by acquiring smaller companies. Given this fact, Proofpoint sees Dome9 as a particularly valuable offering that covers its heterogeneous environment.
This complexity is also something of a cause for concern for Proofpoint, which is looking to streamline its AWS footprint. Sutton has no qualms about suggesting that, given the recent Gartner Magic Quadrant results, AWS is so far in front of the competition that it may as well be called the winner in the public cloud war. As such, Proofpoint is happy to commit to AWS across all of its business and focus not on comparing different public cloud vendors but rather look at tools that allow the company to streamline both the processes and the cost of its AWS footprint.
As such, the company uses a number of third-party tools for access management, cost management, encryption and the like. Its encryption choices demonstrate a similar strategy to its access management ones. As a player in a regulated industry, encryption is critical and it wants encryption that is both deep and comes with the certainty of being independent of the platform of choice—in this case AWS.
Sutton likened the situation to that of Symantec, which still has a strong security presence within enterprises that leverage Microsoft technologies despite Microsoft offering many similar products. As Sutton sees it, AWS will build or buy some things but that doesn't necessarily remove the third-party opportunity.
It just goes to show—ecosystems are complex things, and things are not always as simple as they first seem.
This article is published as part of the IDG Contributor Network. Want to Join?