I’m fond of telling everyone that if you ever find a random feature in a network operating system or security platform that feels very out of place that it’s probably the result of a Fortune 500 company requiring it to be present for a multimillion dollar equipment deal. The power that these companies have in the market is unrivaled. If they want the switch to forward packets and brew coffee from the fiber uplink then some manufacturer will ask if they want regular or decaf.
The people that suffer the most in this environment are the mid-market users. The ones that don’t have millions of dollars in the budget for a security platform. The kind that are forced to get by on whatever they can find. Sometimes that means cobbling together a workable solution from open source technology or old platforms just on the edge of being supported. Other times it means investing heavily in a single solution that does a lot of things poorly because that’s what they could afford.
When you look at how security is handled today, especially for new terms like Extended Detection and Response (XDR), you have to ask yourself if you’re even capable of implementing it. Sure, it would be awesome to have the capabilities to protect against attack and misuse of your customer data. But if you don’t have the budget to installed the numerous boxes that it takes to implement something like this you’re going to be out of luck. Even worse is the mid-market organization that has gone all-in on the cloud and no longer has the shared space to even implement the hardware that they can’t afford.
Exium Dives Into the Middle
Earlier this month I had the opportunity to talk to Farooq Khan, CEO of Exium. You may recall a post from last year that talked about the mobile security aspects of their platform. Now Exium is working on a solution that helps bring affordable XDR to the small and medium enterprise. How can they take something as complicated as XDR and make it work in your average school or hospital?
The secret, according to Khan, is to shift the focus away from the boxes that the traditional vendors are going to try and sell you. Sure, if you buy enough boxes you’ll eventually arrive at a state of XDR nirvana. However the systems themselves don’t deliver XDR to your organization. Instead, it’s the software running on those systems that help you get the job done. Exium has a lot of experience in the software side of securing users.
One thing working in their favor is a new NIST standard for zero trust network architecture (ZTNA). This standard, ratified back in 2020, uses the 5G core network architecture as a way to implement a ZTNA model. After all, what better way to isolate your users and verify their identity than to use the existing way we keep our mobile users separated?
Exium’s Cybermesh platform is designed to address the kinds of modern threats faced by enterprises when trying to keep the bad actors out of the goods. It’s a cloud-based solution that allows organizations to direct data through the system to scan for potential attack vectors and keep users from doing things that could expose the organization, like clicking on phishing emails or visiting questionable sites on company networks. Cybermesh offers SMEs the opportunity to build an XDR practice that doesn’t need massive up-front hardware investment. The pay-as-you-grow model ensures that organizations will use what they need to use and only add more capacity as needed. Rather than buying more hardware than you need today with the worry that you might outgrow it before you refresh again, Exium gives you the ability to elastically grow as your user base grows with you.
For those organizations that need to keep the processing of the security functions on site, such as highly regulated industries, Exium offers an on-prem version of Cybermesh called Cybernode. This unit runs Cybermesh in a small server that can scan your user traffic before it exits the network while also ensuring that any processing that is done isn’t sent to the cloud. That is a good solution for schools or financial institutions like banks that really don’t want there to be any chance of the data getting out to anyone that shouldn’t have access to it. Plus, the Cybernode can be managed from the central Exium dashboard just like their Cybermesh cloud service, which means you can implement the same policies everywhere and be assured that they are implemented properly no matter where your users go.
Bringing It All Together
I like the approach that Exium is taking with bringing their solution down into the SME and mid-market. Too often the buzzword card is designed to pull in Fortune 500 money for solutions that are going to be swapped out in a couple of years. Exium has rightly realized that the market is more than just a few big companies. The real money can be made by ensuring that the backbone of the American business economy, the mom and pop shops out there, have access to adequate security in an increasingly hostile IT world. Exium is going to make sure that XDR is affordable and available for those that need it, not just for those that can overpay for it.
For more information about Exium and their Cybermesh and Cybernode solutions, make sure you check out their website at http://Exium.net