If you are considering becoming a 1M/1M premium member and would like to join our mailing list to receive ongoing information, please sign up here.

Subscribe to our Feed

Thought Leaders in Cyber Security: Kris Lahiri, Chief Security Officer, Egnyte (Part 2)

Posted on Tuesday, Aug 20th 2019

Sramana Mitra: I would like you to isolate the different security issues of a content platform and comment on each of them. What are the challenges? How do you differentiate? What are the issues we are dealing with in the current landscape?

Kris Lahiri: I’m going to come at it from a little bit of a deeper technical perspective. Very baseline infrastructure type of issues come up. We look at any content that a customer shares or stores within Egnyte as crown jewels of that company.

Even if a company is making some real hardware or a drug, we still think that all the data that’s involved in that are the crown jewels. That needs to be protected for the company as well as from the platform perspective. As a vendor of that service, we look at that very seriously.

At the infrastructure level, there are a lot of things that we’ve done that may be different. People have now evolved so they may be doing something similar there. All data stored in Egnyte is uniquely encrypted by a customer.

A more traditional, consumer-oriented software probably store things encrypted. They might not have decided to store a unique encryption by each of their millions of users. They could probably save space. We decided against that. We said, “We are only selling to businesses. The chances that two businesses have an identical document may happen, but it’s very rare.” We’ll take on that onus.

The reason I bring this up as a detail is, all of our businesses end up as a unique tenant. Egnyte, from an architecture standpoint, could be described as shared infrastructure, but every customer is a unique tenant.

Hence, whether customer A wants a specific type of encryption standard or customer B needs to have their keys rotated more often, all of these are allowed by the Egnyte platform just because of the way in which we treat each customer uniquely within the platform. That is very foundational infrastructure level aspects of security there.

You go up a layer into the functional aspect of how the Egnyte platform is actually used by customers. There’s a very unique difference there as well. That comes more from the backgrounds of all the four co-founders. Our backgrounds have been, in large scale, IT deployment or large company environments where we’ve just seen that IT would absolutely like and would want to have control over any kind of centralized policy whether it’s data management or email protection.

Based on the types of tools and technology that they have at their disposal, they’ve created an environment that’s impossible to work in. That has resulted in all of this shadow IT that has happened where users are just saying, “I need to get my work done. I’m going to do this in a certain way.” Or they’ve gone down the other path of putting in so many other types of roadblocks and process level that it has frustrated users.

What we took was an angle which says, “Look IT, we will solve your need for centralized control.” Consider a large industry or large company deployment of Egnyte across tens of thousands of users, IT would really want centralization. Identity management solves where they want to keep their users. That helps.

This segment is part 2 in the series : Thought Leaders in Cyber Security: Kris Lahiri, Chief Security Officer, Egnyte
1 2 3 4 5 6

Hacker News
() Comments

Featured Videos