Honestly I have been chasing Senthil for doing this podcast, it’s been a scream for him swamped with client meetings, attending conferences, and hosting webinars., Finally I got time to do it today, and I sat down with Senthil at his main US office in San Ramon, CA to get his views on the IT industry security readiness, market trends, and how he is navigating Sennovate for the future.
Below we are sharing an abstract of the interview version of my conversation with Senthil.
- Tell me how you build Sennovate, and you can share this interesting journey?
Absolutely. Sennovate has been existing 10 years now, as a company we started in the infrastructure and application services mostly on the administration side, .and we gained lot of expertise in enterprise apps, building on prem, security and identity access type of things besides, we also managed ERP applications database and slowly we transitioned to the cloud platforms and with the advent of AWS platform, we also managed AWS platforms, and various other cloud solutions.
Last 3-4 years we leveraged all our enterprise and integration experience and cloud platform cloud application experience enhance into security integration basically supporting the business applications., so we are focusing taking IAM solution from SSO, MFA privilege access management and we want to drive all these to manage SOC as a service that is our vision.
- What are the emerging trends for cyber security in the coming years
Pretty interesting question. Everyday new trend is emerging that is the beauty of the whole thing. With advent of cloud and cloud products many people have new ideas they come up with a new product, so emerging trends is going to be supporting IOT devices and cognitive devices, or self driving cars and how do you manage identities, and no passwords, basically using retina scan facial recognition, finger printing and how you can deliver that as a service so that way identity is managed in one place, and access is done, this is coming up.
Overall in an enterprise spectrum if you look at, so many technologies are coming. People are buying so many products, but are they really secure? If you don’t really look at the product what alerts/logs they are generating, that is why so many ATM products , lot of orchestration product are available, security orchestration automation and respond is going to be the future, so they try to gather all those logs and alerts together in single place and using AI and ML capabilities, people call it AI ops as well and see the RCA as a single vision of alerts, and how it is behaving, in each every department and how you take some driven take action driven through AI and ML through self learning or sometimes need human attention, that is emerging in few years.
- With more business happening on the cloud, how do you see the market for IAM vendors
It’s the Cloud which is inevitable. For the past ten years, I heard that cloud will die even in my enterprise world. But nowadays cloud is de-facto standard, that applies to any cloud or any IAM vendors. Critical SIM applications like FortiSIEM also provide full cloud capability they deliver product as a service. Its interesting going to evolve and lot of innovation will happen but will through the cloud.
- Your thoughts on AI and ML playing a part in the IAM space – you see some integration happening
With current technology framework it makes it easier to embrace any new technology comes in, when we are talking about AI ML. Any technology comes in has to support the enterprise, businesses and protect business asset and intellectual property. Any technology comes how do you leverage support the business more to be more be efficient and more secure for the benefit of humankind. It will continue to evolve like that in future as well.
- Any preparedness from vendor side or do products exist or yet to deploy
Current modern vendors are really ahead of the curve, most companies are embracing AI, ML and making AI part of their framework that is the only way to be competitive advantage. Even our partners FortiSIEM, Okta and many companies are already working on how AI/ML minimise human errors and at the same time automate with AI capabilities protecting in the night while we are sleeping, and all growing companies are embracing for sure.
- As an industry expert and following the IT security space obviously there might be some best practices for IAM
Best practices are nothing but implementing the process with utmost efficiency and in a secure manner to provide the best RoI for the customer, so whatever we provide is best practice. Best practice norm came from olden days applications of Oracle, IBM they had large application footprint.
Nowadays, smaller applications, multiple applications together protect the enterprise level application. In a broader perspective, following all aspects of the application like Deployment, IAM, SSO, MFA, PAM is what a best practice is. That is why we have DevOps, DevSeCOps which fits into one single image in the process and fix it once and carry through the life cycle. Even ProdOps in the product company they follow the same process so that the product is robust and properly built where once we fix it, the same issues isn’t repeated. That’s the role of DevSecOps which embraces all the best practices together.
- Your thoughts on how businesses should embrace IAM, and how organizations maintain a good security posture
Yup Absolutely. IAM is used to be complex, implementation is a huge project, multiyear multi-million-dollar project which is all history now. Because these days IAM is de-facto standard has to be there in every single organization.
Nowadays with the modern cloud platform, companies provide iDaaS identity as a service. It hardly takes 10 to 15 minutes for each application to kick start and run.
Every organization should stay ahead of the global competition. To meet customer expectations, building credibility for the customer is more important. So, If you are having an environment which is secure and protecting your customer assets, then you are in the game.
With global competition, global access and global threat you need to show credibility to build the customer confidence. They have to at least have the of basics of IAM to get started and to stay and gain customer confidence
Thanks, Senthil for your thoughts, and most of us have a lot to learn from this podcast.