In 2015, a company called FireHost decided to make an interesting pivot. Its core private cloud business was seeing a lot of success on a global scale. If it ain’t broke, don’t fix it, right? So why the pivot?
Well, FireHost saw the market shifting under its feet as public cloud started to take attention away from its offerings. But instead of fading away, as many companies in a similar situation might have, FireHost looked at what it had to offer and realized it was sitting on a gold mine. That company? Armor Cloud Security.
In this episode of Cloud Talk, podcast host Jeff DeVerter sits down with Ryan Smith, Product Evangelist at Armor Cloud Security, to discuss the massive upheaval that happened in the IT industry once public cloud burst onto the scene, and how the more things changed, the more they stayed the same, at least from Armor’s point of view.
So, about that gold mine they were sitting on…
“When Armor was FireHouse, we had a secure and compliant hosting business,” said Smith. “If you wanted to host your applications in our data centers, you could, and security and compliance would be built in. Then this tiny little thing called the public cloud came into existence and dropped infrastructure prices to commodity level. So, we really had to think strategically about the value we were providing our customers. And we homed in on that security and compliance value proposition. We were keeping our customers safe from the bad people out there while keeping them compliant and in line with financial regulations. Those factors were a big reason why our customers went with us.”
And as we’re all aware, security and compliance are no less important today than it was in 2015.
Armor decided to focus on how it could take its value proposition offering to market, taking into account the dynamics of companies moving into public cloud and multicloud, and all the permutations that come from hybrid models. The key was an internal tool it had that allowed its SOC and compliance teams to deliver security and compliance at scale.
“It’s a security platform that lays down the tools you need based on the environment that you're in,” explained Smith. “So if you're in the public cloud with infrastructure, you're going to need workload protection that sits at the host. That host-based agent is going to protect that workload with a variety of services. Intrusion prevention, to make sure bad guys aren't coming into the network. Vulnerability scanning, to make sure your assets are at risk for compromise. And file integrity monitoring to make sure that permissions for key files aren't changing and exposing you to the latest ransomware threats.”
While these facets in and of themselves are impressive, it’s something else that truly takes its offerings to the next level: its Security Orchestration, Automation and Response (SOAR) tool.
“So not only do we deploy the tools you need based on your use cases, but we also bring all of that back into a security architecture and service as well,” explained Smith. “We correlate all that data we're collecting and make sure we can identify patterns via simulation. That allows us to automatically respond to incidents that get identified out of that simulation with playbooks that we've written in our SOAR tool.”
When Armor combines this with 24x7x265 monitoring at a global SOC, it’s easy to see how Armor was able to pivot and remain relevant.
DeVerter points out, a lot of the problems companies face aren’t technical in nature but related to people or processes. Smith, and Armor, couldn’t agree more.
“That's one thing that really attracted me to Armor as a company initially,” Smith said. “It's something unique in that we look at security as an operations problem, and not just a technology problem. Because if it was just a technology problem, we'd go install the XYZ tool off the shelf and the bad guys would never win. But bad guys win every single day.”
Due to the pace of digital transformation, with technology evolving constantly, it’s a lot to ask for your IT team to stay current on everything, while working remote, on different types of hardware, and in hybrid environments.
“You need a partner that can evolve with you, and not just sell you a mousetrap for the latest rodent infestation,” explained Smith. “You need somebody who looks at security and compliance as an operations problem and realizes that each environment is different. Whether it's email or a server, it’s all going to give you unique telemetry to identify threats to that asset. That’s how you do incident identification, how you write playbooks to respond to those incidents.”
About the Authors
Rackspace Technology Staff - Solve
The Solve team is made up of a curator team, an editorial team and various technology experts as contributors. The curator team: Srini Koushik, CTO, Rackspace Technology Jeff DeVerter, Chief Technology Evangelist, Rackspace Technology The editorial team: Gracie LePere, Program Manager Royce Stewart, Chief Designer Simon Andolina, Design Tim Mann, Design Abi Watson, Design Debbie Talley, Production Manager Chris Barlow, Editor Tim Hennessey Jr., Writer Stuart Wade, Writer Karen Taylor, Writer Meagan Fleming, Social Media Specialist Daniel Gibson, Project ManagerRead more about Rackspace Technology Staff - Solve