B&C: Hi Sergio, first of all, thank you for this interview. Can you explain to our readers what your position and roles are at GFI Software?
SG: I am general manager of GFI’s Infrastructure business unit. My main role is that of providing direction to various teams that make up our unit, enabling them to function effectively and contribute towards the company’s targets and goals. More importantly, my role is to ensure that we are giving our customers and partners the quality products they need, and at a price that is within their budget.
B&C: GFI Software was founded in 1992, so we can say that it's a senior IT company, but unfortunately it's not well-known like Norton, Kaspersky or AVG by users. Which are the main fields where GFI does business? Which are the main products of GFI?
SG: GFI was never a ‘pure’ AV vendor. Our main focus is to provide SMBs with a range of technologies to address their daily IT needs. Rather than restrict our reach to one product type, we have developed internally, or through acquisition, products that cover security, communication, collaboration and network management in SMBs. Our product portfolio can be divided into two areas: on-premise and cloud-based. Our main on-premise products are GFI LanGuard, GFI WebMonitor, GFI FaxMaker, GFI EndPointSecurity, GFI MailEssentials, GFI EventsManager and GFI MailArchiver. Our cloud-based products are GFI Cloud, GFI FaxMaker Online and GFI MailEssentials Online. Another business unit, GFI MAX, caters for managed service providers (MSPs).
B&C : The Cloud Computing is a main topic today. The companies are advertising their own product a lot, and the Cloud Computing seems to be a good revolution. But, anyway, some companies dislike the Cloud Computing. Tamás Miklós, Lead Developer of AIDA64, told us: “Our business users do not really want to put their sensitive hardware and software data into other people's hands. And the more and more dirty secrets unveiled by various agencies collecting data that are travelling on the internet will just make companies even more cautious about managing network audits. Most businesses simply want to set up a SQL server in-house, collect the data in a SQL database there, and analyze the results by a network administrator or a manager”. We see that GFI offers a lot of Cloud services: what do you think about Cloud Computing? It's an opportunity or a risk?
SG: Cloud computing has matured over the past few years and more businesses are seeing the benefits – lower hardware costs, a subscription-based model and easier management of the technology, among others. What is happening, however, is that the growth of cloud computing is regionalized rather than globalized. What I mean is that certain companies in regions like Eastern Europe for example, still believe in having data stored and managed in their office and not a thousand kilometres away, in a data warehouse, run by people they will probably never meet and know so little about. They are still worried about the security of their data and who can see it. They understand the technology but they are not yet totally ready for that big step. Until those fears are gone, on-premise software will remain their primary need. In Western Europe and the US, security concerns are of lesser importance overall. Why? Because data center management has improved enormously and service agreements guarantee a level of service that no small business can dream of achieving. On the other hand, however, recent events have somewhat shaken people’s confidence, not because the data centers had issues, but because it became clear that government snooping was way more widespread than many thought it was. That reignited fears that a company’s data in a remote location (not their office) can be sniffed at, analyzed and what not, without them their consent. Miklos’ comment reflects the reaction many companies had to the news.
In my opinion, there is a middle ground and companies can benefit from Cloud computing without having to worry that strangers could be looking at their data (or worse, taking it). How does cloud help? Rather than installing software on a machine in the office (an additional expense), a company can use a cloud-based service and pay for the functionality that they need. Some companies may opt for a hybrid approach, keep their data on premise but use a cloud service to manage or secure their servers, for example. Some companies will simply not want to part with any data at all and will continue to maintain all the data on premise, securely locked away.
B&C: Today Vipre is not part of GFI professional offer. A lot of expert has asserted that the malware make anti-virus software totally useless. Also, Norton has claimed that anti-virus software is dead, too. What do you think about it? Is it the true, or GFI has a different point of view? Has GFI dropped Vipre support due to these reasons?
SG: That was a very interesting comment. I don’t believe that antivirus, as a technology, is dead. It remains a crucial element in many a product, including GFI’s. What had led to its ‘death’ is most likely a decline in revenues from what for many years was a very profitable business.
What is certainly true of antivirus is that it should not be the only security measure adopted by the IT department. There is much more to network security than stopping malware. There are advanced persistent threats (APTs), phishing attacks, Dynamic Denial of Service (DDoS) attacks, exploit packages that can be bought and used by anyone with a good technical background, zero-day vulnerabilities and many others. The security world has changed a lot since AV first became a must-have on computers. Today, security is complex, ever-changing and attacked by well-resourced expert hackers and cybercriminals. And that means no company can (or should) rely solely on AV. Today, you need more than one technology to keep the bad guys at bay.
With regards to VIPRE, the company became an independent entity last year, enabling it to focus on its core activities, antivirus and advanced malware detection technologies like sandboxing.
B&C: The Network Audit function today is a valued feature by the SysAdmins, so much so that nowadays AIDA64 suite has a specific version for this task (AIDA64 Network Audit). We can see that GFI offers a service called “GFI LanGuard now”. Can you describe us its features? Who are the main customers of this product? What are the main advantages of this solution for the SysAdmins?
SG: GFI LanGuard is a great tool for sys administrators. It is estimated that the majority of malware attacks are the result of software that is not upgraded with the latest security patches. And I’m not talking about the operating system alone, but every piece of software running. GFI LanGuard enables sys admins to automate and manage three pillars of security.
The first is patch management. GFI LanGuard scans and detects network vulnerabilities before they are exposed, reducing the time required to patch machines on your network. GFI LanGuard patches Microsoft ®, Mac® OS X®, Linux® and more than 60 third-party applications, and deploys both security and non-security patches.
The second is vulnerability assessment. With GFI LanGuard more than 50,000 vulnerability assessments are carried out across the network, including virtual environments, mobile and network devices. GFI LanGuard scans the operating systems, virtual environments and installed applications through vulnerability check databases such as OVAL and SANS Top 20. GFI LanGuard enables the sys admin to analyze the state of network security, identify risks to the network, determine its degree of exposure, and address how to take action before it is compromised.
The third pillar is network auditing. GFI LanGuard provides a detailed analysis of the state of your network. This includes applications or default configurations posing a security risk. GFI LanGuard provides admins with a complete picture of installed applications; hardware on the network; mobile devices that connect to the Exchange servers; the state of security applications (antivirus, anti-spam, firewalls, etc.); open ports; and any existing shares and services running on your machines.
Admins can also use GFI LanGuard to maintain a compliant network, control change management on the network, create detailed inventories of all network assets and finally, for management, reduce the total cost of ownership by doing all the above using one product and one dashboard.
B&C: Microsoft's support for Windows XP ends this year. The companies that use Windows XP have two picks: upgrade to Windows 7/8 or buy a better 360° protection suite (like Languard, Webmonitor and Mailarchiver). Do you think that it's a good opportunity for GFI? What do you suggest usually to your clients?
SG: The choice is to either upgrade or take the PC off the network and as far away from an internet connection as possible. If the PC is running some legacy software and no internet connectivity is required, upgrading may not be necessary (an upgrade could cause more harm than good if the software was designed to run on XP alone). However, any XP machines that are on the network and can access the internet are a big risk now that Microsoft no longer supports the OS. These machines need to be identified and upgraded. That is the first step.
The second step is securing the network. This requires a multi-layered approach. By multi-layered we mean different security technologies that address problems at different levels of the network. Your basic security product would be antivirus. Then you would look at patch management and vulnerability management. The majority of companies use email, therefore you need email filtering to protect your email infrastructure and the overall network from malware and phishing attacks. The next level up is web filtering and web security. While antivirus is important, it is often better to stop something suspicious BEFORE it enters the network and not when it reaches a user’s machine. Filtering all online content and blocking certain file types will complement the work of the antivirus product.
Another layer that companies often ignore is network monitoring. If you know of potential problems before they arise, then an IT admin will be better positioned to proactively do something about it. Each layer of in the security plan creates a protective layer around the network and even if one layer fails, there are others in place to stop the threat. There are too many threat vectors today to put all your faith in the security built into the OS or a basic AV product. That is a recipe for disaster.
B&C: In the description of GFI MailArchiver it's written: “Secure archiving for compliance. Minimize legal risk. Archive emails and documents in their original state – in a central, tamper-proof store – to help with compliance, e-discovery and internal investigations”. What does “Minimize legal risk” mean?
SG : Every action on a network has a consequence and poses a risk. In some instances, problems are dealt with internally and that risk is contained and managed. At other times, for example, when a security breach occurs (Target in the US, or recently eBay), the risk becomes more complex and the company may also face the threat of legal action by consumers or the authorities (especially if compliance regulations are not met).
By minimizing legal risk you are reducing the possibility that the actions of individuals or a group of individuals will cause legal problems for the company. Let me give you an example. An employee visits a website and downloads a file that is infected with malware. That malware spreads throughout the network and important customer data is leaked. That is a serious security breach for the company and customers can take the company to court for compensation. The legal risk in this case is very high. Now, if the company had used web filtering software, for example, that file infected with malware would have been blocked and the risk of a breach averted. By using filtering software, the company minimized its legal risk considerably. That is what our security products do.
B&C: You have a good catalog of GNU/Linux and OSX software, but GNU/Linux distros usually have their own control programs: why do GNU/Linux SysAdmins have to buy your software?
SG: In many companies, their IT infrastructure is a mix of Microsoft, Linux and Apple technologies – each OS or platform providing the right balance of technologies that they need. That is why we cater for a wide range of OSs, including GNU/Linux. Our main aim is to help IT admins secure, monitor and manage their network effectively and with minimal administrative overhead. GFI LanGuard enables IT admins to scan, identify and fix any vulnerabilities across all platforms from a single pane of glass. Rather than having multiple control programs, we offer a single dashboard. That is one reason why GNU/ Linux sysadmins buy our software. Our products are cost-effective, built with the IT admin in mind and designed to give them what they need, without bloating the product with features that they will not use.
B&C: Thank you Sergio, it was an absolute pleasure!