The “Soft and Chewy Centers” That Put Your Data at Risk

As corporations plow more data and money into cloud computing, criminals are following, and their digital hauls are getting bigger. This summer, for example, JPMorgan said that the accounts of 76 million U.S. households and seven million businesses had been accessed without authorization.

A well-funded startup launching today, called Illumio, claims that its software can reduce the incidence and extent of such breaches by taking a new approach to securing software running in data centers.

The company’s leaders include people with executive experience at the software virtualization company VMware, the networking equipment giant Juniper, and Nicira, a networking startup acquired by VMware for $1.2 billion in 2012 after pioneering a new approach to large-scale networking (see “A New Net”). Illumio has raised $42 million in venture funding.

The startup’s technology is designed to close a dangerous gap that has opened up as computing has come to revolve around large data centers with many networked servers inside, says PJ Kirner, cofounder and chief technology officer at Illumio. The interior of those complex networks is mostly unobserved or protected, meaning that attackers who manage to remotely access the computers can explore mostly as they please, he says. “There’s a soft and chewy inside to these data centers,” says Kirner.

The security technology protecting data centers today mostly takes the form of physical devices, such as firewalls, that form a barrier that monitors and can block traffic to and from the wider Internet. Those devices are not well suited to monitoring connections made inside a data center, where the flow of data frequently varies along with the demands placed on servers and software applications. Illumio’s technology changes that.

Servers inside modern data centers usually run multiple copies of Windows, or Linux-based operating systems at the same time. Illumio’s product works by attaching software “agents” to each of the operating systems inside every server. The data those agents send back to Illumio’s central control panel provide a global view of the data moving around inside a data center. Responses to suspicious activity can then be sent back to the software agents for enforcement—potentially shutting down hacking attacks as they happen.

The change is long overdue, says Mike Kail, chief information officer at Yahoo, a customer of Illumio’s. “Overall, network security solutions haven’t evolved for the past 20-plus years,” he says.

Illumio’s other customers include Morgan Stanley and the Japanese telecom company NTT.