Interview with Ratmir Timashev, CEO of Aelita Software
by Mirko Zorz - Friday, 5 February 2003.
It's critical. Organizations need to understand that while IT systems are good, they are unavoidably subject to potential failure. And there are always the unforeseen issues, such as natural disasters. Imagine the cost to your company if you couldn't process an order, accept a phone call or access e-mail. It can be in the tens of thousands of dollars per minute. The ability to recover a system quickly and efficiently is absolutely critical.

Aelita also provides backup and recovery solutions. Give us some details.

Aelita offers two products - ERDisk for Active Directory and ERDisk for Windows. ERDisk for Active Directory allows administrators to remotely back up their Active Directory information to a central repository. It also allows admins to recover all of AD, a single object or a single object attribute without taking Active Directory offline.

Imagine if you are a multi-site organization with administrators throughout the United States and around the world. What if one of those admins accidentally deletes an OU, say the entire Germany OU? Without ERDisk for Active Directory, you would have to take a domain controller offline, find the latest tape backup of AD, recover all of AD, bring the DC back up, and start replication. This process could take hours - and worse, the German operation could not log on during this recovery period.

With ERDisk for Active Directory, the admin can, from his workstation, recover just that OU without having to take the domain controller offline. It's a fast, efficient, invaluable tool for AD administrators.

ERDisk for Windows offers similar functionality for Windows System State information, so that if one of your servers or critical workstations experiences a failure, the System State information can be restored across the network, in most cases, in 10 minutes or less.

One of our customers, BF Goodrich Aerostructures, estimates that centralizing and automating ERD creation with ERDisk saves them 10 to 15 hours a month in administrative time at just one location. That adds up to $27,000 a year savings at that one location and they do this at six locations!

What do you see as the major problems in online security today?

Internal threats are the problem no one wants to think about. Organizations have spent a great deal of money to "keep out the bad guys" when in reality, most security breaches occur internally - caused by disgruntled employees, thrill seekers, or whoever. As I mentioned before, organizations need to understand that complete security is more than just intrusion detection.

We have another product that proactively addresses this situation. It's called Enterprise Directory Manager (EDM). EDM is an Active Directory management platform that, by design, eliminates internal security threats by simply not allowing your administrators to have privileged access to Active Directory, arguably one of a company's most critical databases. While all of our migration, administration and recovery products have security designed in, EDM is one of the best examples of this concept of "operational security."

What is, in your opinion, the biggest challenge in protecting sensitive information at the enterprise level?

Here is where the idea of operational security comes into play. To have a really secure network, you must consider the security aspects of everyday operational activities. For example, many people don't realize that a rogue user can gain broad administrative access with the Elevation of Privilege attack. Aelita discovered this vulnerability, and our tools can help you protect yourself.

There are also security issues raised during migration - permission settings can be lost when moving accounts, computers, mailboxes and public folders. Are your sensitive resources secure, both during and after migration?

And of course, there are issues such as how to enforce your Active Directory administration policies - how many users have administrative rights to make changes that can affect your entire forest?

There are many facets to security - the biggest challenge today is looking beyond intrusion detection to consider these broader types of questions.

What are your plans for the future


Harnessing artificial intelligence to build an army of virtual analysts

PatternEx, a startup that gathered a team of AI researcher from MIT CSAIL as well as security and distributed systems experts, is poised to shake up things in the user and entity behavior analytics market.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Thu, Feb 4th