Credant Technologies: Making a NameBy Darrell Dunn | Posted 2007-08-14 Email Print
Modernizing Authentication — What It Takes to Transform Secure Access
Credant offers an alternative to full-disk encryption.
Gartner tracked about two dozen vendors in its 2006 mobile data protection market evaluation. Most of those companies and their products have been introduced in the past five or six years as the need for securing data has grown. One of the vendors that emerged quickly is Credant Technologies.
Since its founding in 2001, Addison, Texas-based Credant has sought to create a portfolio for managing and securing all types of mobile devices by encrypting files based on corporate policies. Gartner analyst John Girard says Credant has been among the most successful of the numerous vendors in the data protection market in large part because of its ability to create an efficient alternative to full-disk encryption.
Since releasing its flagship Credant Mobile Guardian platform in June 2002, the firm has sold more than 2 million seats in about 400 customer installations, the company says.
The flexibility of what co-founder and chief technology officer Chris Burchett calls "intelligent encryption" has attracted a growing number of businesses. Mobile Guardian enables users to protect files by type or creator, based on the policy of a specific business rather than simply by its location on a hard drive of a mobile computing device.
Professional services firm Grant Thornton decided early in 2006 that it didn't want to be the next organization to make headlines disclosing the loss of a mobile computing device, says Kirk Halliday, manager of the systems administration group.
With approximately 6,300 laptop computers and handheld devices within the company, executives became increasingly leery of possible damage from the unfortunately realistic chance that one or more of those systems was stolen or lost.
Halliday tested both disk-level and file-based encryption products before selecting Credant, which it combined with Absolute Software's Computrace, a LoJack-type tracking technology for laptop computers; Computrace uses a software client embedded in the system that can track the computer when a user attempts to log on to the network.
Mobile Guardian is used to encrypt all of the company's files related to accounting and tax work, as well as business advisory services provided to clients by the mobile employees. The encryption is determined by corporate policy; the individual mobile user doesn't have to make any additional effort to ensure the appropriate files have been protected.
Credant's "transparency" to end users was also important, Halliday says. "They continue to run their applications as normal and save files in the same fashion as always, and if our policy has determined it needs to be encrypted, it is, and if not, it is not encrypted," he says. "It's efficient in that it doesn't have the overhead of full-disk encryption."
Rob Marti, director of information security for Integris Health, an Oklahoma City-based healthcare provider, says the growth in regulations protecting patient data that began late last decade, combined with increased use of PDAs by its doctors and related staff, led Integris Health to be a beta customer for Credant beginning in late 2000, before the company's launch.
Integris Health is using Mobile Guardian to manage about 200 PDAs and is deploying the technology to about 150 laptops used within its hospitals. Marti says he has been particularly pleased with Credant's response to requests to add encryption support for various mobile platforms as they have grown in use and popularity.
Burchett believes that Credant's data protection platform is gaining momentum in the market because it was designed with the input of nearly 200 CIOs who were consulted as the company was formed. The initial years for the company have been spent attempting to educate potential users on the benefits of policy-based encryption, he says.
"Those CIOs told us repeatedly that they needed stronger security and end-user transparency, as well as transparency in the I.T. operational process," Burchett says.
"The devil is indeed in the details, and for the level of protection many businesses require today, an intelligent way to enforce protection according to rules established by the company."
Source: Company Reports