Home » Tim Eades: Creating Simple And Intuitive Application Security For Hybrid Cloud
The 10 Most Prominent Personalities in the Security Industry, 2018

Tim Eades: Creating Simple And Intuitive Application Security For Hybrid Cloud

Tim Eades

“While hybrid or multi-cloud adoption may cause short-term security concerns, modern cloud-native security companies will help make security and its operational elements easier and more effective,” shares Tim Eades, when asked about the current scenario of the industry. Tim is the CEO of vArmour, a Silicon Valley-based leading security solutions provider company.

With over 20 years of leadership experience in sales, marketing, and executive management, Tim has deep expertise in driving high growth for companies that deliver computing, security, and software to enterprises. According to him, in today’s digitally advancing world, enterprises move to more agile and dynamic infrastructure to reduce cyber-attack surface.

Tim’s passion for security started in the early 2000s. When 9-11 happened, everything became about security – physical and digital. The memory of hearing planes patrolling the airspace above where he lives in Los Altos, still hangs with him today. Because of 9-11, everyone began questioning the security infrastructure of the world’s most powerful country. Those incidents made him think of how technology could help secure the world from threats and attacks. Consequently, he dived deep into the security space and today he is leading vArmour, a prominent cloud security solutions company.

Cyber-attacks On the Rise – What vArmour is Doing About It

Ponemon Institute and Accenture study shows that cyber-attacks are on the rise with security breaches continuing to increase 27.4% annually. In such a threat-prone environment, application security management has always been challenging for security solutions providers. It’s a struggle to get visibility of the application communications in private cloud environments and the problem worsens with the rapid expansion to public cloud. Without clear visibility, it’s difficult to secure these hybrid cloud applications, manage their risk, and comply with audit and compliance mandates. vArmour was started to solve these challenges.

Shipping software for 3 years with a long roster of happy customers, the leading security solutions provider company has focused on the solution to this problem with its hybrid cloud application controller technology. The vArmour Application Controller auto-discovers application to application communications in hybrid cloud environments, builds powerful application communication policies, and then enforces those policies wherever application components run. Only vArmour is able to do all this without appliances, agents, or heavy services engagement.

Learning From Role Models and Mentors

Mentors and role models are like pieces of a jigsaw puzzle and each brings different contextual data and knowledge. Tim learned from the experience, struggles, and unique strategies of his role models. Tim doesn’t like to work sitting in room, but rather, he prefers a walk with executives, mentors, and role models because he finds it helpful for both of them. Having numerous mentors in his life, the intelligent CEO of vArmour sought out a variety of people who he respects and who have challenged industries and traditional thinking to provide their extraordinary offerings. Tim shares that his role models include Parker Harris, the Co-founder and CTO of Salesforce.com, Jay Simons, the President of Atlassian, and Amit Yoran, CEO of Tenable.

Working as a CEO at vArmour

Being a CEO is a thrilling, exciting but also lonely job at times. The CEO is there to create direction, help direct the traffic, look after the customers, excite and empower the employees and you can only to do this role if you truly LOVE IT.

The energetic CEO of vArmour always learns more from failures than from victories. Regardless of the outcome, however, the biggest thing is to not lose the lesson. He advises to writes down your failures, mistakes, or challenges to help you remember and get clarity on exactly what they were, why, and how they were surfacing.

When it comes to his employees, Tim recalls Winston Churchill, that he used to say that a positive thinker sees the invisible, feels the intangible, and achieves the impossible. At vArmour, Tim and his team are surrounded by these “positive thinkers” and he loves it as it is addictive as well as motivating. Especially in the field of cyber security, he believes that as the world is becoming more and more vulnerable, it will need these “positive thinkers” to make it more secure.

The vArmour Approach

Tim realized that without a good understanding of clients’ applications, it is very difficult to create security policies and to secure applications. Adding the extra complexities of supporting applications across the hybrid cloud, the problem becomes even greater. In response, Tim and his dedicated vArmour team devised a patented solution called the vArmour Application Controller.

The Application Controller provides application policy visibility, computation, and management but it does it at massive scale and makes it extremely simple. “Scale” and “simplicity” are product capability paths that often split off in very different directions, but Tim and his team have made them both core design principles.  Tim added they have made massive strides –over the last 18 months especially. “At vArmour, customers are our center of gravity and by living that focus we have become cash flow positive and continue to grow at a great rate,” says Tim.

The vArmour Application Controller supports a variety of security policy models including best practice enforcement and zero trust whitelists. The policy creation is automated via policy computation, and allows the operator to curate the computed policies before deployment, including full validation and testing. Policies for each workload may be drawn up based on type of workloads like database, app, web, etc., and their intended use such as production, development, operations, etc., and the types of data counting personally identifiable information, financial records, etc. Application Controller is supported across virtualized, cloud, or container environments.

Tim’s Key Strategies for Protection

Whether it is payment or billing systems, databases, critical infrastructure, electronic health records, or ERP systems, Tim with his team has been protecting critical applications using the following key strategies:

  1. Discover and Understand
  • Auto-discover applications to visualize and understand app-to-app communications
  • Single view of applications running on multiple computing platforms (physical, virtual, container) across public and private clouds
  • Inventory all of your business applications to better understand your environment and to augment CMDBs
  1. Compute and Validate
  • Automatically compute intent-based security policies, e.g. “How do I create segmentation policies for applications I don’t understand?”
  • Out-of-the-box compliance templates for fast time to value
  • Simulate expected policy outcomes based on modeling policy against traffic history so you can deploy with confidence
  1. Protect and Monitor
  • Deploy consistent policy across hybrid cloud infrastructure from a unified console
  • Policy automation assures continued adherence to policy compliance as workloads are instantiated or migrated
  • Security reports for Active Directory and SQL with detailed insights aligned with security recommendations from PCI, CIS benchmarks, and more.

Future of Security

“Hacking will be even more sophisticated and targeted. As polarization in the world occurs, the cyber-attacks will become more widespread and will have far greater impact on the daily lives of people in many ways consumer privacy is dead. For security vendors only products that balance security efficacy, simplicity (to implement and use) and scale will survive –cloud is driving this and these trade winds are only going to get stronger and it means real trouble for legacy security companies.”– Tim Eades