Connected devices are everywhere and will soon also be implanted in our bodies.
This poses an enormous security challenge. Joe and I discuss the open problems and some partial solutions, including where there are opportunities for new entrepreneurs.
Sramana Mitra: Let’s start by introducing our audience to yourself and to Armis.
Joe Lea: I’m currently Vice President of Product at Armis. I held numerous technical and executive roles throughout my career. Most recently before Armis, I was serving as the Head of Product at a company called Tanium where I built the team and the operating model that spawned a fairly broad portfolio of offerings between the fields of security and systems management.
At the beginning of my career, I attained a PhD in Cognitive Science, which has informed my perspective on technology over the years and led to some early patents that I was awarded with. My passion is around building amazing products and scaling technology companies. I was a fairly early employee at Tanium and that business has built up very significantly over the last four years.
I like to scale companies by surrounding myself with some of the best and brightest minds and talented folks who are relentlessly challenging the status quo. I’m happy to be a part of this article and speak about ideas around new and innovative new cases, scenarios, and challenges within the industry, and what entrepreneurs can do to start to identify those and tackle them. Over the last 24 months, some of the reasons why I jumped over to Armis was the numerous executive level conversations I’ve had with security leaders within large enterprises.
Over that time, I have fielded more and more questions about how to bring visibility and control to all the things that are crossing up in enterprise environments – namely those devices that make up what is commonly referred to as the Internet of Things. Conventional IT is a daunting task. With the proliferation of unmanaged devices, the gaps and visibility are troublesome. At the same time, I’ve been getting more and more of these requests. I’ve directly seen this growing realization among large enterprises.
These devices, both on and off the corporate network, are posing real security threats. I hate to be a fear monger in this space, but I think everyone is starting to understand the potential for mischief among the devices that are coming onto the networks. Nothing is more exciting to a product-minded person than a pervasive problem with an increasingly urgent need for a solution. That’s what led me to Armis.
What makes it more attractive is, until recently, the legacy vendors weren’t paying attention to this space. It was an increasingly pervasive problem that was going unrecognized. Some of that is the laziness of large software vendors where they apply themselves to a particular technical approach in a problem and try to continue to get as much out of the current technical approach that they have, rather than going back to the white board and thinking about how to re-architect and re-approach a problem in a way that solves the problem better.
Discovery and inventory solutions on the market today are simply not delivering on their promises in that space. Most of those solutions rely on antiquated architectures that don’t scale their various network access control solutions that are still cumbersome. They’re rendered ineffective when trying to solve the problem of how to deal with IoT and new devices. There are others out there that naively turn a blind eye to the devices.
Once they’re identified and granted network access, they’re just ignored. Then there’s this swarm of software agents that have been unleashed within enterprises in the name of security and systems management. Those are crippling servers. That approach is completely unviable within the space of the types of devices that we’re talking about.