Venafi: Securing the Digital Heart
healthcaretechoutlook

Venafi: Securing the Digital Heart

Follow Venafi on :

Jeff Hudson, CEO, VenafiJeff Hudson, CEO, Venafi
Cloud, mobile and IoT technologies have led to a dramatic digital transformation in the healthcare industry. Networks are exploding with machines, each of which has a digital identity that must be secured. But a dark world rife with cybercriminals lurking beyond the walls of today’s digital revolution. These predators want to break into networks by stealing machine identities, the digital hearts of connected devices.

The healthcare industry understands the importance of protecting critical human-related data, but unprotected machine identities can easily be breached by cybercriminals. Most healthcare organizations and care providers lack visibility into their machine identities within their network infrastructure. In addition, many have little awareness about their security posture, let alone which machine identities are active.

A security technology innovator with over 30 patents to its name, Venafi understands that “protecting machine identities is the foundation to protecting the digital world,” explains Jeff Hudson, Venafi CEO. To that end, healthcare corporations use Venafi’s robust platform to create a world where machines are fully protected.

“When machine identities expire, the critical elements of an organization cease to work. This can obscure visibility,” Hudson says. According to Hudson, organizations need to shift their attention from user identities to machine identities as well. “It’s crucial to have a clear understanding of which machines can access HIPAA information,” Hudson continues. If, for example, a machine storing HIPAA information falls into the hands of a cybercriminal or a nation-state, it could imperil the privacy of patients and leave healthcare organizations liable for regulatory penalties and litigation.

The Venafi platform secures machine identities by concentrating on three fundamental areas: visibility, intelligence and automation.


Protecting machine identities is the foundation to protecting the digital world


First, Venafi gives healthcare providers a clear view of the active machine identities with access to various network resources. Second, Venafi provides intelligence on the risks associated with those network resources at machine speed and scale. The platform’s continuous monitoring and reporting capabilities let users make sure only machines with legitimate identities are approved and implement policies to restrict access to sensitive data to these approved machines.

Third, the platform puts this intelligence into action by automating the issuance, renewal and if necessary, revocation of machine identities. The platform also helps clients avoid dreaded network outages by properly configuring keys and certificates of the machines in their network and ensuring they meet compliance requirements.

Let’s look at an example. One of Venafi’s clients, a Fortune 500 healthcare company, managed all their keys and certificates using a spreadsheet for tracking and management. Relying on manual processes made the client vulnerable to network outages as well as cyber attacks. After they became a Venafi customer, the client was able to prevent and remediate outages. Moreover, they were able to automatically update their public key infrastructure (PKI) through Venafi’s companion solutions. Ultimately, with Venafi’s robust platform, the client was able to improve their internal IT services, discover additional keys and certificates, and increase visibility.

Venafi delivers its innovative solutions to Global 5000 organizations, including the top five U.S. health insurers. The company also launched its Machine Identity Protection Development Fund in December 2018, which has set aside $12.5 million to train clients and build connectors between their solutions and the Venafi platform.

Bad actors are always evolving, and machines are quickly growing in types and complexity. In our modern era, Venafi succeeds in helping healthcare organizations tackle the many challenges brought about by the proliferation of machines—and their identities.

Venafi News

Venafi Secures $100M Financing Round Led by TCV

Salt Lake City - Venafi®, the leading provider of machine identity protection, today announced the closing of a $100 million round of financing, led by TCV with additional participation from existing investors, QuestMark Partners and NextEquity Partners. TCV is one of the largest and most respected providers of capital to growth-stage private and public companies in the technology industry and has backed industry-leading companies, including Airbnb, Alarm.com, Cradlepoint, Genesys, Netflix, Rapid7, Silver Peak, Splunk, Spotify and Zillow. As part of the transaction, TCV general partner, Jake Reynolds, joins Venafi’s board of directors.

The funding will be used to accelerate Venafi’s growth and to cement the firm’s growing market leadership. In addition to fueling growth, $12.5 million of the investment will be made available to third-party developers in the first tranche of the new Machine Identity Protection Development Fund. Venafi created the fund to accelerate the integration of machine identity intelligence into a wide range of machines in the enterprise and further enhance and expand the machine identity ecosystem. The fund will allow developers, including consultancies, systems integrators, fast-moving startups, open source developers and cybersecurity vendors to apply for sponsorship. This sponsorship will allow recipients to build integrations that deliver greater visibility, intelligence and automation for Venafi customers across any technology that creates or consumes machine identities.

“Identity is the foundation of security,” said Jeff Hudson, CEO of Venafi. “The cyber world is made up of machines, and all machines require identities for the cyber world to be secure. As a society, we understand the risks associated with human identity theft very well, and we spend over $8 billion per year protecting human identities. However, most organizations don’t yet understand the risks associated with machine identities and, as a result, spend almost nothing to protect them. This leaves our global digital economy at risk. TCV has a long history of partnering with the world’s leading technology firms, so we’re very excited about the opportunity to work with them. Their investment and expertise will help us ensure that the world’s machines, including hardware and software from smart machines, virtual servers, applications, containers, and more, are connected, safe and secure.”

Just as usernames and passwords are used to identify and authenticate humans, machine identities enable the trusted relationships between machines that control the flow of sensitive data. Because machine identities are poorly understood and often unprotected, they are subject to being exploited by cybercriminals. The Venafi platform protects the machine identities whose underlying technology is cryptographic keys and digital certificates by providing unparalleled visibility, intelligence and automation.

“The team at TCV is excited about our partnership with Venafi,” said Jake Reynolds, general partner at TCV. “DevOps and IoT are driving growth in the number of machines thanks to cloud computing, virtualization, and the proliferation of connected devices. Venafi is well-positioned to provide the machine identity protection for enterprise machines, and we look forward to supporting the Venafi team as they continue to scale in this rapidly expanding market.”

With over 30 patents, Venafi delivers innovative machine identity protection solutions for the world's most demanding, security-conscious Global 5000 organizations, including the top five U.S. health insurers; the top five U.S. airlines; four of the top five U.S. retailers; and four of the top five banks in each of the following countries: U.S., U.K., Australia and South Africa.

Venafi Expands Strategic Partnerships in Japan

Salt Lake City - Venafi, the leading provider of machine identity protection, today announced the expansion of its international business in Japan through a new partnership with GMO GlobalSign and master partner NSD Business Innovation.

The Importance of Machine Identities

As organizations focus on the digital transformation of their businesses, encryption has emerged as the cornerstone of security and privacy. Digital certificates and keys are essential to security and privacy because they serve as machine identities. In this role, they control the flow of sensitive data to authorized machines and are used in nearly every sensitive digital transaction, from website transactions and mobile and IoT devices to robots, artificial intelligence algorithms and containers in the cloud.

In addition to this pivotal security role, machine identities also have a major impact on operational stability. When they expire unexpectedly, the device or service using them cannot communicate. Unfortunately, the practices needed to protect them are not well understood or widely followed. As a result, many Japanese organizations suffer from certificate-related outages that negatively impact customer confidence and revenue.

Strategic partnership delivers new solution

Through this strategic partnership, NBI will provide the Venafi technology to customers with specific challenges in managing and automating the lifecycle of digital certificates. Venafi provides comprehensive visibility, intelligence and automation necessary to protect machine identities no matter where they are used in the extended enterprise. As a result, customers eliminate certificate-related outages, reduce security risks and improve compliance with industry regulations.

Special Introductory Offer

To commemorate this strategic partnership, the three companies have created a special, no-cost program for three qualified companies that will discover weak, vulnerable and expiring certificates. If these certificates have not been issued through Global Sign, they can be automatically replaced with new certificates issued by Global Sign. The program will demonstrate how the customers can automate the entire certificate lifecycle and proactively replace certificates before they expire. The assessment will also discover security and compliance risks and provide actionable advice to resolve these issues. This new program is available from April 11, 2019 through July 10, 2019.