Bromium looks to tackle client security with forthcoming launch

Crosby: Empowering the end user
Crosby: Empowering the end user

The end user is the target. Bromium's Simon Crosby gives some insight as to what to expect from the start-up

Client computing is the battleground for securing the enterprise. That’s according to Simon Crosby, a former Citrix CTO and XenSource founder, who last year left Citrix to help set up Bromium.

He pointed that the server market is a mighty crowded one : “the servers are very much in the hands of the VMware” so Bromium is set to make a play for the end user space, particularly as that’s where the majority of attacks occur. “The green field is the client – there is no end user virtualisation security so that that’s where we’ll go.

The battleground is going to be within the virtualisation software as that’s an easier place to work. “Xen has 100,000 lines of code, not the 16 million lines of code that Windows has,” said Crosby.

But, he added, that there were some challenges thrown up by targeting end user devices. “We tend as humans to task switch, we have a device and will use that single device to play games, send emails etc -  the device itself  is unable to distinguish between them. Virtualisation has the opportunity to change that.”

According to Crosby, end users have suffered from over-zealous IT managers who have been stifling creativity. “Only two industries call customers ‘users’: drug dealers and IT.” He said that such contempt will be overcome and consumers will end up winners.

He said that traditionally enterprises had tried to exert too much control over end users. “From the earliest days of humanity, people had to go out to hunt, initially for food, now it’s for data.  To be productive they had to compete in bad areas. ”Crosby added that traditional techniques had not been adequate: “Blacklisting has had its day; whitelisting doesn’t empower enough - you have to be in that grey area.”

But virtualisation for desktops has not gone down well and Crosby accepts that this is a challenge. “End users do not love virtual desktops and vendors are fighting a losing battle. Unless the technology we use charms the end user, we aren’t going to win that battle.”  When pressed whether Bromium would be able to charm end users, he said it would. “Bromium’s whole play is founded on the notion that we can empower the end user on what we need to do.”

Crosby will not go into much detail about the Bromium technology, save only to say that the security is going to be at the virtualisation level and that the technology is not only applicable to client computing. “Everything we do is equally applicable to the server side – but the market penetration is harder.”

This has implications for cloud computing; Crosby is a firm believer in the notion that public cloud is a secure platform. “From a security point of view, the question is, how far can you trust public cloud?”  He said that cloud offered many advantages. “Amazon will build a more secure system than anyone else. Last year it had its first vulnerability in five years and fixed it quickly. The second point is that highly automated systems are designed to be more difficult to crack.”

He added that even though public cloud had strong elements of security built in, there was still more that could be done. “AES-NI – Intel chipset level for encryption was launched about 18 months ago – there’s little excuse for not using it. As data leaves the virtual machine, data can be encrypted so if  anyone breaks into the datacentre, they just steal a bag of binary bits.”

Bromium is set to launch at the end of the first quarter, Crosby said that there will be different routes to market and the company was already in conversation with different partners.

Read more about:

Sign up for our free newsletter