Encryption of data itself is paramount and needs to be persistent

During the past 10 years, PGP® technology has earned a reputation for innovative, standards-based, trusted solutions. PGP products are designed to be both user and network-friendly. They have earned a reputation for excellence based on their high technical standards and the practical experience of long-term users. PGP Corporation is committed to standards-based, nonproprietary technologies, ensuring wide compatibility among deployments. In addition, PGP Corporation is the only commercial security vendor to publish product source code for peer review. The unique PGP® Encryption Platform is the cornerstone of PGP product offerings. The PGP Encryption Platform provides a single, leveraged, extensible architecture that reduces IT operational costs and eliminates the duplicative tasks, systems, training, and support issues that plague other approaches. Unlike point solutions that address a single threat or cobbled-together product suites that lack integration, the PGP Encryption Platform delivers an integrated encryption framework across the broadest range of encryption applications.

Name: Phillip Dunkelberger
Age: 50
Position: President and CEO
Popularly known as: Dunk
Previous jobs: Vice President of Sales, Symantec Corp.; CEO, PGP Inc.; President and COO, Vantive; President and CEO, Embark; Entrepreneur-in-Residence, DCM
Education: Westmont College, Santa Barbara, CA BA Political Science
Family:  He and wife Leslie have two cats, Ripley and Riley 
Residence:  Saratoga, CA
Other interests:  Reading, photography, snorkeling and making wine
Favorite Charity:  ASPCA, Marine Mammal – World Wildlife Fund

In the following interview, Phillip Dunkelberger, President and CEO - PGP Corp discusses 1:1 with Rake Narang, Editor-n-chief of Network Products Guide, key threats and protecting corporate assets.

Rake Narang, Editor-n-Chief - Network Products Guide: What are the key threats to enterprises today and how do PGP solutions help enhance security?

Phil Dunkelberger, President and CEO - PGP Corp: There are three main areas of threats:

1. Internal and external threats – A major threat to enterprises today is people (both inside and outside of the organization) accessing data that they shouldn’t have access to, even if they don’t have malicious intentions. People don’t always realize that they’re doing something insecure, for example, the use of mobile devices that may not be properly protected.

2. Supply chain threats – Within an enterprise, information is shared among your ecosystem of suppliers and partners, which can lead to a greater propensity for loss of data and intellectual property. Basically, the more people touching your data, the more chance you have of it falling into the wrong hands. Even though it may not be malicious, many partners may also be working with your competitors and could end up sharing your valuable IP data.

3. Inbound, malicious attacks from criminals – Another major threat comes from outside criminals using malware/trojans in order to steal data. Malware brings down a Web site and most companies will do whatever necessary to get their website, ecommerce engine back up and running as quickly as possible. They often act before taking means to ensure that data behind that site is protected or encrypted. Hackers take advantage of this oversight and leave this malware or trojan on those downed systems which can later be used to exploit data.   Keep in mind today’s criminals are getting more savvy and patient – they will plant the malware/trojan and come back later to retrieve your unencrypted data.

How can companies combat these threats; encrypt the target of these attacks - the data.  Data must be secure at its source, at the perimeter, in transit – wherever it lives or moves. Just as data is ubiquitous, security needs to be ubiquitous as well. PGP’s data encryption solutions protect data at all points – both inside and outside the enterprise, from e-mail to instant messaging to file transfers and more.

Data leaks and breaches, when they happen, put the enterprise out of compliance with state, federal and even international laws.  In addition to providing comprehensive security solutions, PGP’s products also help companies comply with various standards (such as PCI and HIPAA).  

 
"Keeping data secured is important and PGP Corp has solutions that are suitable for integrated applications in enterprises."

Rake Narang: What are the latest products and services provided by PGP Corp? How are PGP Corp solutions different from others?

Phil Dunkelberger: PGP’s newest product is PGP Mobile, which allows enterprise users to easily protect data on smartphones. Also, PGP has recently announced that PGP Universal Server with Gateway Email and key management are currently undergoing Common Criteria evaluation, which is quite significant within the industry.  

The PGP Platform is our differentiator. Lots of vendors claim they have a platform approach, but it isn’t one that gives the customer a choice. PGP does. The PGP Encryption Platform is a set of integrated applications that secure e-mail, laptops, desktops, instant messaging, smartphones, network storage, file transfers, automated processes, and backups, among others. By implementing these applications, an enterprise can prioritize its security needs and effectively implement an enterprise data protection strategy.  The beauty of the PGP Encryption Platform is that third parties can also integrate to it.

A recent study from the Ponemon Institute shows that enterprises want to use one vendor for all of their encryption needs. It also shows that enterprises need their platforms to be open and extensible. We provide our customers with these capabilities and truly offer defense in depth.

Along with the Platform, PGP also offers a number of enterprise solutions including:  PGP Whole Disk Encryption (WDE), which comprehensively secures all files on desktops, laptops, or removable media; PGP NetShare which provides security for files shared on network servers; PGP CommandLine, which is an automated encryption and digital signing solution for batch-processed data, network transfers, and backups on servers or mainframes; and the PGP Support Package for BlackBerry, which provides e-mail security for BlackBerry users. The PGP Universal Server is an extensible framework for central management and deployment of the above PGP encryption applications.

In addition, PGP offers a number of solutions for desktop users including: PGP Desktop Professional, which protects sensitive data in e-mail, instant messages, and on removable media; PGP Desktop Storage, which secures data on laptops, desktops, and shared on file servers; and PGP Desktop Enterprise, which secures confidential data throughout the enterprise.

Rake Narang: Will the security vendors always be playing a catch-up game with malware? How do you see the security products and services evolving 2-3 years from today?

Phil Dunkelberger: As long as vendors and customers are using signature-based security and not protecting their data, they will be playing catch-up. The valuable assets that malware goes after is the data.  People have to protect their corporate assets.  Threats are constantly evolving, so the focus needs to be on the data and protecting it at its most fundamental state.

I see evolution occurring as security goes deeper into the infrastructure, such that it is a combination of hardware and software.  While devices like smartphones create new opportunities for threats, we need to continue to innovate solutions that address the data regardless of where it resides.  Encryption of data itself is paramount and needs to be persistent.

All About PGP Corp
Head Office Address: 200 Jefferson, Menlo Park, CA
Founded in: 2002
CEO: Phillip Dunkelberger
Public or Private: Private
Investors: DCM (Doll Capital Management), Venrock Capital, Silicon Valley Bank Ventures, DE SHAW, Intel Capital
Number of Employees: 330
Products:

PGP Enterprise Applications

• PGP Universal™ Gateway Email – Centrally managed secure email without client software.
• PGP® Whole Disk Encryption – Comprehensive disk encryption for securing all files on desktops, laptops, or removable media.
• PGP® Desktop Email – Desktop-based email and instant messaging encryption for desktops and laptops.
• PGP® NetShare – Security for files shared on network servers.
• PGP® Command Line – Automated encryption and digital signing for batch-processed data, network transfers, and backups on servers or mainframes.
• PGP® Support Package for BlackBerry® – PGP email security for BlackBerry device users.
• PGP® Mobile – Comprehensive data encryption for smartphones and removable storage cards.

PGP Management Console

• PGP Universal™ Server – An extensible framework for central management and deployment of the above PGP encryption applications.

PGP Product Packages

• PGP® Desktop Professional – PGP Desktop Email & PGP Whole Disk Encryption protect sensitive data in email, instant messages, and on removable media.
• PGP® Desktop Storage – PGP Whole Disk Encryption & PGP NetShare secure data on laptops, desktops, and shared on file servers.
• PGP® Desktop Enterprise – PGP Desktop Email, PGP Whole Disk Encryption, & PGP NetShare secure confidential data in email, on laptops and desktops, and shared on file servers.

Company’s Goals: To continue to be the leader in enterprise data encryption solutions   
Awards Won:

• 2008 Red Herring 100 North America Finalist
• Wall Street Journal Technology Innovation Award for Network Security 2007
• CNET Networks UK Business Technology Awards,  2007 Security Product of the Year Finalist
• TechWorld Awards 2007, Encryption Product of the Year
• Info Security Products Guide, 2007 Global Product Excellence Award (won 2)
• Initiative Mittelstand, Germany, Innovationspreis 2007 ITK: IT Security