Governance & Risk Management , Identity & Access Management , Network Firewalls, Network Access Control
ColorTokens Strengthens Zero Trust With PureID Acquisition
PureID Passwordless Authentication Tool Will Boost ColorTokens MicrosegmentationColorTokens purchased an identity management startup founded by an ex-leader of Citrix, Symantec and IBM to drive the shift from traditional network segmentation to identity-based segmentation.
See Also: The State of Asset Security: Uncovering Alarming Gaps & Unexpected Exposures
The San Jose, California-based microsegmentation vendor said its buy of Royston, England-based PureID will bring microsegmentation and passwordless authentication together to guard cloud operations, said CEO Rajesh Khazanchi. Identity-based microsegmentation is particularly critical in cloud environments since identity-based controls are vital to ensuring security across diverse applications and services.
"Cloud operations are done predominantly by looking at cloud objects and running it or managing it through the identity space," Khazanchi told Information Security Media Group. "We have to do a fantastic job in areas where cloud deployments are there, and a majority of those cloud deployments are managed through identity, so identity-based segmentation becomes one of the core principles."
PureID, founded in 2019, hasn't raised any outside funding and employs at least 20 people on its technical team as well as 10 to 15 nontechnical personnel, Khazanchi said. The company has been led since inception by Ajit Hatti, who spent a year as a product security manager at Citrix, two years as a senior software engineer at Symantec and more than three years as a senior software engineer at IBM.
All of PureID's employees have transitioned to ColorTokens, and Khazanchi plans to double the size of the PureID team in the coming years to support the expansion of identity-based network segmentation. Hatti will serve as chief technology officer for the PureID business, according to Khazanchi (see: Is Microsegmentation for Zero Trust Defenses Worth It?).
From Network to Identity-Based Approaches
Microsegmentation has in recent years shifted from network-centric to identity-based approaches to marry network and identity principles and help achieve zero trust in modern cloud environments. In traditional data centers, segmentation was done through VLANs, but with the rise of cloud operations, identity-based management became critical due to the nature of cloud resources, Khazanchi said.
"If you have a zero trust authentication system, then you are marching toward the vision of zero trust microsegmentation," he said.
PureID's passwordless approach to authentication made it stand out from the pack of identity-based tools, and Khazanchi said client feedback prompted ColorTokens to evaluate the company as a potential acquisition target. The deal closed in the spring, and ColorTokens has already completed a foundational integration, meaning that existing customers can easily use PureID's zero trust authentication features.
By the end of 2024, Khazanchi said, PureID's zero trust authentication feature will be fully incorporated into the ColorTokens microsegmentation platform, which will enable the application of identity-based policies across cloud services. Khazanchi said this integration is expected to enhance security for customers in environments in which options for traditional network-based segmentation are limited.
"Today, if you see any of the segmentation solutions, they are very network-centric," Khazanchi said. "It's IP port protocol. That's where the policies are applied. We also want to apply policies based on the identity of these elements, so that integration would happen towards the Q1 of next calendar year."
Will Identity and Microsegmentation Enjoy a Happy Union?
By bringing identity-based authentication into ColorTokens, Khazanchi said, the company can offer stronger, more granular security controls for services that operate in environments beyond the customer's direct network, such as cloud-based services. The company is initially focusing on five verticals for adoption of PureID: banking, healthcare, energy, manufacturing and federal government.
"We'll offer bulletproof security on every single platform," Khazanchi said. "Whether you are in a data center or in your cloud environment, or you're in a microservices-based environment or API environment, we'll be able to provide that entire segmentation solution on top of that."
The adoption of microsegmentation has historically been slow, due in part to the long-standing separation between identity and network-based security technology, and Khazanchi hopes to bridge that gap by more seamlessly integrating identity into microsegmentation through PureID. He said the focus is on providing customers with quick, scalable solutions that can be implemented within 30 days.
"There's a layer of protection needed for identity, because when they started 15 years back - at that time, multifactor authentication was a fantastic solution," Khazanchi said. "But our attackers are also getting smarter, and that is why the '15 years 'back essential solutions are not going to be relevant."