Interview: Paul Martini, CEO, iboss

Written by

The evolution of the cloud is one of the top trends in modern-day cybersecurity, with more and more organizations and services turning to cloud-based architectures as digital transformation continues to gather pace.

Protecting the increasingly large amounts of data moving to and residing in the cloud has therefore become a key priority across the tech industry, and one company that has been built on a focus of securing user internet access on any device, from any location, is iboss.

Since 2003, iboss has dedicated its efforts to providing consistent cloud security that is applied whether users are working within the office, remotely or on the road, and Infosecurity recently spoke to founder and CEO Paul Martini to learn more.

What was the vision for iboss when you founded the company?

iboss was founded with a vision that mobility would drastically change the way people connect to the Internet. We believed mobile phones, laptops and the boom in cloud applications would drive bandwidth up exponentially. Our background is in securing internet access and cloud connectivity. Providing secure internet access in a world where users are not restrained to a fixed network perimeter is drastically different but the need to protect users as they access the cloud is more important than ever. At iboss, we focus on securing internet access on any device, from any location in the cloud. We’ve moved internet security to the cloud where the applications live. This allows organizations to secure users from malware regardless of their location as the security follows the users, not the organization’s perimeter.

What’s the biggest challenge of securing the cloud?

Securing cloud use for users that are bound to an office or fixed network perimeters is a relatively straightforward task, as a ‘castle and moat’ strategy can be used. In this scenario, network security appliances are installed at the network perimeter and all data entering or leaving the four walls of the organization is scanned for malicious or risk content.

However, in today’s environment, users are no longer restrained to the four walls of the organization and can access the cloud from anywhere. The boom of cloud application adoption has also driven bandwidth to new heights. The combination of bandwidth and mobility is the death of the network security appliance. Appliances cannot keep up with the volume of traffic and the amount of equipment is growing exponentially, leading to unreasonable costs in both equipment and labor. In addition, the appliances can only secure users while they work within the organization. Users that work outside the organization must send all their traffic back to the appliances for security which leads to slow speeds and high costs. The cloud demands fast internet connections to be productive and appliances cannot keep up.

Moving security to the cloud allows security to follow the users wherever they go. This means compliance, malware defense and data loss prevention are always applied as users connect to security in the cloud at all times. In addition, since security lives in the cloud, it can scale elastically to provide the capacity needed to process an ever-increasing amount of bandwidth and connectivity.

What are the key security risks of using the cloud?

The cloud is the future – there is no choice as vendors will continue to create SaaS applications rather than ship software CDs or appliances. Securing cloud applications with technology designed to secure physical servers simply doesn’t work. Network security appliances are designed to be installed in a perimeter, yet the perimeter is going away. Cloud applications are designed to be used with fast internet connections yet the faster the connections go, the slower the appliances become. Cloud applications must be protected with cloud security. When approaching security in the appropriate way, cloud application use can be safer than software installed on premises because the vendors take care of patches and upgrades versus typically overstrained employees working for organizations. Improperly secured cloud application use can lead to sensitive data loss, malware infections and breaches as users are always connected to the cloud, continually putting them at risk. With internet security that follows the users wherever they go, secure cloud access can be achieved as policies and security are always in place.

Has the evolution of the cloud outpaced security development in recent years?

The evolution of cloud adoption and cloud applications has outpaced internet security vendors who have not shifted to a cloud-first mentality. The vendors delayed cloud strategy in favor of designing faster internet security appliances.

Going forward, will complex cloud environments make security more complicated, or can the cloud enhance security and help keep data more safe?

As we move forward, cloud applications will shift toward a full SaaS model. This means cloud virtual machines and appliances will diminish in favor of software offered as a complete service. As this trend continues, the need to patch and upgrade will be handled by the vendors themselves leaving organizations to focus on receiving the benefits of the cloud offering. Cloud security will also continue to move to a SaaS-based model. At iboss, we offer internet security in the cloud as a 100% SaaS offering allowing security administrators to focus on policies and security instead of managing appliances.

What’s hot on Infosecurity Magazine?