- 18 Hot IT Certifications for 2014
- CIOs Opting for IT Contractors Over Hiring Full-Time Staff
- 12 Best Free iOS 7 Holiday Shopping Apps
- For CMOs Big Data Can Lead to Big Profits
Page 4 of 5
Start-up Skyhigh Networks wants to tackle some specific security problems associated with business use of cloud services. Mainly, that’s how to spot any “rogue” cloud services that were set up by a corporate employee without the IT department knowing about them and secondly, to identify “high-risk exposure” that cloud use brings to the enterprise.
To do that, Skyhigh in February introduced a service aimed at tracking thousands of cloud services. The basic technique Skyhigh uses is to collect logs from firewalls and perimeter gateways to learn what URL or IP address that an employee is trying to access associated with a cloud service, while also coming up with a “risk score” for it. Cloud services are ranked according to several risk factors that include “is it multi-tenant, can I use an enterprise ID, does it do penetration testing,” said Rajiv Gupta, CEO of the Skyhigh, which he co-founded in 2011 with Sekhar Sarukkai and Kaushik Narayan.
All of the monitoring information collected through the Skyhigh service is batched and sent to a dashboard for review by the IT department. Another aspect of the service seeks to ensure encryption of data. The Skyhigh service has been in use with Torrance Memorial Medical Center, Cisco and data-hosting firm Equinix, among others.
Gupta notes that it’s not unusual to see companies with “more than 200 cloud services, some more than 1,000” these days. The Cupertino, Calif.-based start-up has disclosed it has received $6.7 million in venture-capital funding, with Greylock accounting for $6.5 million of that.
Another start-up debuting in February was Stormpath, with its identity and access-control cloud-based service primarily intended for use by software-development teams that are building web applications.
The cloud service can be used in a variety of ways to provide a ready-made authentication layer and workflow process that developers can turn to for use in programming environments, says Alex Salazar, Stormpath’s CEO. “You don’t have to worry about storing passwords, or groups, or roles for users.”
Salazar founded the San Mateo, Calif.-based company in 2010 with chief technology officer Les Hazlewood. Stormpath’s identity management service competes not only against open-source cloud provider ForgeRock’s Open SSO product but also products from IBM and Oracle.
Stormpath has received $8.2 million in venture funding led by New Enterprise Associates and Pelion Venture Partners, with participation from Flybridge Capital Partners, following an earlier round of about $1.7 million.
Another start-up, vArmour Networks, is taking on the challenge of firewall security in fully virtualized networks, including the emerging area of software-defined networking. Beginning to emerge from stealth mode, vArmour was established in Santa Clara, in January 2011 by CEO Roger Lian and Michael Shieh, field applications engineer. Both have backgrounds working at NetScreen, the firewall vendor acquired by Juniper.
With vArmour, Lian and Hsieh say they’re creating a firewall for fully virtualized network environments, including SDN. “We’re pioneering a new type of software-defined security,” Lian says. Shieh adds that traditional firewalling methods defined by physical appliances “is not sufficient” for SDN or other kinds of fully-virtualized networks.