Many leaders strive to tackle the most pressing needs of the industry. Rajesh Khazanchi, CEO and Co-Founder at ColorTokens, a SaaS-based zero trust cybersecurity solutions company is one such problem solver. He has spent much of his career determined to improve cybersecurity readiness of many organisations. And he's good at it!
In this interview with ET Insights Khazanchi speaks about his company’s zero trust offerings that’s simple and build for today’s digital age. Edited Excerpts:
Can you tell us about ColorTokens? What problem are you looking to solve?
Over the last decade we have seen data centres move to cloud, and the concept of network perimeter become meaningless. People use multiple devices to access their work assets, irrespective of their location. Applications have transitioned from monolithic, to multi-tier, and now to containerized API-based architectures. In short, the compute, storage, and networks have all undergone a transformational change.
And while all this happened, the construct of security completely changed. The traditional security perimeter is almost non-existent and continues to vanish by the minute. It has become a node of one. If I move anywhere, security needs to move with me. Implementing security in a such a fluid environment is difficult.
Security did not evolve along with these developments, it remained siloed, and hardware based. This resulted in the genesis of ColorTokens. Our aim is to accelerate and simplify the implementation of zero trust security framework for enterprises by providing a robust segmentation and access solution on a single platform, all delivered through a SaaS model.
How does ColorTokens define the concept of Zero Trust? How do you fit into what is becoming a crowded marketplace of solutions?
Zero trust is often misunderstood, and many organisations who adopted the concept, find it extremely difficult to implement. It is not about a point solution such as identity management or network segmentation. It is not a product. Implementing a zero trust model takes time, but it will reward businesses in terms of a better security posture in the future.
We have taken an end-to-end approach to zero trust that spans cloud workloads, containers, dynamic applications, endpoints, devices, servers, and users.
With such rapidly changing dynamics, the only way to secure enterprise data is to implement a framework that assumes one is already breached or will be breached. ‘Never trust, always verify’ is the norm.
Reaching a state of zero trust will take years. Is this a concern for enterprises?
Zero trust is not a switch that one can flip. Imagine a rock-solid test player who on an average scores 50 runs in 200 balls. Can you imagine the player to enter T20 format and score a100 of 50 balls? How much can the player change and reach a high-level of performance?
Using outdated/older tools to understand new tricks of the trade is extremely hard. This is because they are based on the constructs of traditional networks.
If someone says that I will use my traditional networking tools to implement segmentation, good luck to them. This is where the zero trust journey takes a wrong turn, and in such a case it will certainly take years to reach a zero trust level. We do this in record time, protecting enterprise environments within weeks versus months.
Security programs are shifting from a prevention to a resilience strategy. How are you enabling the resilience piece?
Chief Information Security Officers want their organisation to become resilient. They want to know that in case of a cyberattack, how quickly can they recover.
Minimise the blast radius of a potential attack. If one can reduce the attack surface, and contain the attack, they are in a good position.
Micro-segmentation policies can prevent lateral movement and reduce the attack surface. Identity, segmentation, and access are the three core things that needs to be looked at while implementing a robust security strategy.
CEO and Co-Founder at ColorTokens
What has been your India story? Can you also speak about your overall growth and expansion? What next?
We have made significant investments in India, and we will continue to do so. Today we have a 250-member team in the country.
Globally, we have witnessed 8X growth over the last 12 months. We are expanding our footprint into Singapore. We are also thinking of doubling our sales team over the next few months worldwide.
Implementing a zero trust framework is high on the priorities for every federal organisation. It is not an option; it is a mandate. There are many large organisations and some federal agencies in the US who use our zero trust security platform.
Implementing zero trust doesn’t have to be confusing or time-consuming. It doesn’t have to throw a wrench into your core business operations. We will continue to simplify, accelerate, and automate micro-segmentation and zero trust security.
