Amrit Williams, BigFix CTO and Tom Murphy of Bit9 discuss the future of application control as new technologies like cloud computing and virtualization permeate the marketplace.

Subscribe in iTunes:

Subscribe with XML:

FULL TRANSCRIPT

Amrit Williams: Welcome! This is Amrit Williams, your host on Beyond the Perimeter. Today I am joined by Tom Murphy. Tom Murphy is CMO, Chief Marketing Officer, with Bit9. Tom, thanks for joining me today.

I want to shift gears just a little bit Tom and ask you, what is the future of application control? We have got a lot of technologies coming on the horizon; Cloud Computing, virtualization, people are looking for, I am going to work at Starbucks with a device that may or may not actually be a physical instantiation of an OS being streamed to me from someplace else, and I am going to access an application from a third party. How do organizations, how will they look at implementing application control technologies or other controls in a world where they don’t own the assets, and they don’t own the computing paradigm, and they don’t even own the application itself?

Tom Murphy: Well, what we are hearing more and more about is the introduction of virtualization to help have a personal computer; by definition, it’s labeled a personal computer, where someone actually may have that computer for two different uses. Let’s use, home use, for example, and then obviously the business operations.

More and more we are hearing the concept of virtualization to segment a physical machine into two different use cases, where they take the machine home and they are working out of one virtual space, and then they come to work, and they work out of another, and they keep the — the physical machine is the same obviously, but the distinction is made at the virtual layer as to what they do in each one of those layers, and they segment the responsibility.

So what we are hearing a lot about is that, companies want to embrace the use of the same equipment, and make it easier for someone to leverage information from home and take that same machine in. So what we are finding is that they want to have the controls on the established virtual environment, where they are going to be using it for work related, where they are touching information that’s critical to the security of the organization, at the same time, that same machine can go home and they can post stuff on Facebook, they can do Instant Messenger, they can do all the things they want to do.

So what we hear a lot from companies is virtualization on the endpoint, segmentation of responsibilities into buckets. The two most common buckets are, one virtualized environment for corporate environment, and a second ultimately for the home use or the nonbusiness related activities for the end user.

Amrit Williams: So in terms of the future of application control, one of the things we are seeing, as you mentioned in an earlier segment, is Microsoft providing AppLocker and some basic application control functionality in the OS. You have other vendors providing things like file reputation services. Do you think that the commoditization of those functions, either as part of the OS or as part of adjacent technologies, naturally impacts applications’ controls adoption, or that it accelerates adoption, and it’s good for companies that are able to offer broader sets of capabilities like Bit9 does?

Tom Murphy: I think for sure. Actually, it heightens the awareness of the need, number one. And then what it also does is it starts to build out a requirements list for what does it take to do whitelisting.

Now, the thing that I always think is interesting is that, when we look at Windows 7, and we look at what I would say — AppLocker really to me is an advanced set of software restriction policies, and through policy object you — it’s a combination of those technologies, but it’s just an evolution of what existed in the Operating System prior.

Gartner recently did a research note on — when Windows 7 came out and AppLocker and the functionality, and it almost — again, it heightens the awareness of what needs to happen, but in the same note, Gartner highlights the fact that it falls short of some of the real requirements that are needed to ensure you can deliver whitelisting and app control on the endpoint. Those really refer right back to our initial discussion, which is, you have to be able to ensure legitimate software can make its way to the endpoint.

For example, we talked about leveraging Bit9 to watch BigFix’s software distribution, Microsoft currently cannot look at its own SCCM or SMS products to ensure that, that software is automatically whitelisted when it gets to the endpoint. So simple fundamental technology that — integration point — like you said, tuning the whitelist, that simplifies the tuning of the whitelist, and we have to ensure that — we know that, that has to be there in order for a whitelisting product to be adopted.

Amrit Williams: You mentioned something, I think, when I asked about the unnatural commoditization, what I meant to — how I wanted to phrase that was, do you think the commoditization of only some aspects of application control, like software restriction as you mentioned it, somehow impacts people’s understanding of how application control could really provide benefit to the organization? It puts a lot of burden on you guys to express it, no, Application control is not simply software restriction, it does all these other things. I was curious if you thought that was unnatural in the market or was forcing some conversations that may not have had to occur.

Tom Murphy: I do think that whenever a company or organization like Microsoft makes a statement about whitelisting a app control, that people will take on that perspective, and then they evolve from it. So I do think that it’s up to Bit9 to continue to evangelize the depth and the requirements. But I do think that for most customers, if they don’t look at Windows 7 and the functionality of AppLocker, they are doing themselves a disservice, because that is something that Microsoft is offering, and like other products that Microsoft offers, whether it’s software distribution, we know that they should look at those products, by default.

Eventually what happens is, whether it’s the software distribution moving to BigFix, or it’s application locker and application control moving to Bit9, they have to make the assessment as to whether or not the functionality meets their requirements, and we know in many cases that it will fall short of what they are trying to accomplish.

Amrit Williams: Yeah. To kind of sum up here Tom, what we have been talking about, application control is broader than just software restrictions. Those looking to do application control need to understand that for it to be effective it needs to be part of the operations teams, as well as the security teams, and you need to look at how software is actually deployed and placed onto an endpoint, not just how you lock down applications from executing.

Do you have any other thoughts you would like to express to the audience in terms of how they can better think about application control or how their deployments maybe seen as more effective?

Tom Murphy: Sure. I think when you are looking at app control and application whitelisting, the first orientation is to think about security and advanced persistent threats and malware. But I think ultimately the message we are trying to deliver is, you have to know what’s on your endpoints. You have to build and maintain a good configuration, and that’s the foundation for establishing a good security posture, is just knowing and understanding what’s on your endpoints.

Then once you have that, you have got the ability to establish and define policies as to what can and cannot run. But without that initial visibility of what’s running, and the knowledge of what it is, the latter, which is good security, will never get there. So good visibility, knowledge of what’s running, and then the policies to enforce what can and cannot run is, I think, what BigFix and actually Bit9 are delivering.

Amrit Williams: I think Bit9’s technology is phenomenal. I recommend that everyone takes a moment to check it out. If you guys are interested in looking at Bit9’s technology, you can find them on the web at Bit9.com and reach out to the team there, and they will provide more information to you guys.

Tom, I really appreciate you joining me today. I hope to have you back on soon.

Tom Murphy: Pleasure! Thanks Amrit.

Announcer: You have just listened to Beyond the Perimeter, sponsored by BigFix Inc. Views expressed on this Podcast are the personal opinions of Podcast participants and do not reflect official positions of their employers or BigFix.

Thanks for listening.