View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cybersecurity
February 23, 2011

“We see SaaS as the future”: Q&A with Neil Hollister CEO of CRYPTOCard

Jason Stamper talks to authentication and managed security vendor CRYPTOCard about the latest trends including 'passwords as a service'

By Jason Stamper

Neil Hollister CEO CRYPTOCard

Are you starting to see the green shoots of recovery among your customers?
Yes, we saw strong sales throughout 2010. Even within the local government sector, where we have a considerable share, we have seen continued investment in security despite severe budget pressure.

How did you become interested in authentication and managed security?
I only became involved in IT security when we completed the management buyout of CRYPTOCard. I then quickly became interested in password security, and I realised the value of taking authentication to the mass market through the SaaS (Software as a Service) model.

Many IT teams are aware passwords can be a weak link in their security infrastructure. So why hasn’t every firm already implemented stronger authentication?
In the past it has been too complicated and too costly, but we have a plan to change that. First you have to ask why it’s complicated and costly. The in-house, back-end authentication server: if that goes down, nobody can do any work, so it needs managing. Then there is the cost and complexity of buying and administering tokens.

So if you want to do this stuff but don’t want cost and complexity, how do you do it? What if you don’t have to install anything? We offer a managed service that does all the back-end authentication, and integrates with what you need to integrate with in your environment – Active Directory for instance. Then the tokens we can do as iPhone tokens, or SMS tokens, or you can go tokenless, then you effectively rent it all. We’re making strong authentication easy.

How is your firm championing the need to secure cloud environments adequately?
Passwords have always been one of the weakest points for network security, and with the migration to the cloud, this has never been truer.

Content from our partners
How to turn the evidence hackers leave behind against them
Why food manufacturers must pursue greater visibility and agility
How to define an empowered chief data officer

Last year, CRYPTOCard’s survey revealed there is a growing appetite to move to cloud-based services, with over 48% of those surveyed saying they either already used cloud services within their IT infrastructure or were planning to apply them within six months. At the same time, two-thirds of companies surveyed had not considered evaluating and mitigating network security, application security or access control for these cloud environments.

Whilst many organisations have good security policies in place, we have witnessed instances where these have been ignored or bypassed as business managers have acquired cloud applications directly.

So cloud security is the big focus today?
For companies building a portfolio of cloud, the biggest vulnerability is not where the data is stored – 99% of attackers are hitting cloud applications at log-on, finding ways of breaking the password or pretending to be a legitimate user somehow.

We see SaaS as the future for CRYPTOCard, and have invested heavily in our CRYPTOMAS managed service. Our aim is to provide service providers and systems integrators with a SaaS-based two-factor authentication solution they can easily and cost-effectively take to market to customers. We have had considerable success following the signing of HP and Virgin Media and we are looking to expand outside the UK.

We are also seeing increasing need for our solutions within military and defence requirements. For example, we are becoming an associate partner at Niteworks, an MOD/ industry collaboration that advises on applying enterprise technology to the military environment.

There’s an awful lot of hype around cloud today. Is there a risk of your message being lost in the ‘noise’?
We were one or two years early with our cloud vision, I think we recognise that. But it’s absolutely the right message now. We’re going from hearing people saying ‘that’s a nice idea’ to ‘that’s interesting’ to ‘I want to do that’. We think there is also a new wave of interest thanks to the soft token and tokenless technologies.

We’re also seeing interest growing for our grid-based authentication: this is where users are presented a different grid of characters and pick out their ‘token’ based on their own unique pattern that applies to that grid.

What is CRYPTOCard’s message to CISOs/CIOs for 2011?
Don’t forget that passwords in securing digital identities are still the weakest link in your network – particularly with the rise in cloud platforms and technology.

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how New Statesman Media Group may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.
THANK YOU