it comes to conducting business transactions over the
Internet, user names and passwords no longer suffice,
says Deepak Prasad, director, Rainbow Technologies.
He spoke to Network Magazine about new security trends,
his perception of the Indian security market and a new
company initiative called Instant Private Web. by Gaurav
How is the security segment moving?
I believe the security segment is poised for tremendous
growth. Security spending is also on the rise. As per
the KPMG report, the Security Software products market
will experience around 80 percent growth in the Indian
market place, and the total Indian security market is
going to be around $38 million. In the past two years
we grew at a very fast pace in India.
What is your perception about the Indian market?
The Indian market is pretty large in terms of customer
requirements. We have a unique opportunity because of
the work that we've done over the years. We have built
a team of experts here in India and we have a deep understanding
of the Indian market and market requirements. Our access
to this market is also very good. We are now looking
at playing a very strong role here. The Indian IT market
is still in its growing stage. And as far as security
products are concerned it has just begun to emerge.
What are the critical issues regarding Internet security?
As long as enterprises are connected via LAN within
their premises, it is self-contained. When you really
want to leverage the power of the Web then you are geographically
spread out at so many places, and the necessity of sharing
information is so tremendous. When this happens there
is a tremendous amount of comparative advantage that
the business stands to gain by leveraging the Web. When
you are trying to do this, at the back-end you are exposing
your systems as part of the public websites (corporate
From the client side you would want to ensure basic
things such as authentication and authorization. You
only want the right people to log in. Once these people
are able to get into your Web resources, you want to
be able to authorize different groups, like the HR guy
can only access the HR resources, not the sales resources
and so on. So, the movement is towards leveraging the
Web more and more. From a security standpoint there
is a risk. I think, it is basically this risk that is
currently driving the Internet security segments.
How serious are enterprises about security?
I would say, enterprises are very serious. The awareness
is growing. But, it is the gap in terms of security
that keeps them on the other side. In fact the increase
in awareness levels has helped enterprises in deciding
to leverage the power of the Internet. Especially, segments
like Banking & Finance, Software Publishing, Healthcare
and also the Corporates are very much concerned about
their IT security setup.
What emerging security trends do you see in the Indian
There are two major trends that I can see. One is the
distinct movement towards the Web. The power of the
Web to really bring together a vast supply chain network
and by doing this everything almost seems to be connected.
Enterprises are getting to understand this, and they
want to leverage that, and there is a lot of movement
that we would be seeing in the future in terms of applications
moving to the Web.
From a security standpoint, we would need to really
address the security concerns that arise out of applications
moving to the Web. Till date, most of the applications
like, financial accounting, Tally, etc. were standalone
applications. The Web was not a very successful medium.
But, things are changing now or have already changed.
Even customers have realized this, and they have also
the knowledge about different vendors' initiatives in
The second trend I see is the need to go beyond the
password. So, far we have been quite happy using the
traditional model of user names or passwords. As long
as you are really not trying to leverage business advantages
on the Web, this is absolutely fine. But the moment
you are trying to do that, one should not depend only
on a password that can be broken easily or shared between
There is a necessity to move to a level of security
that demands a critical factor, like authentication.
This is something, which we are already using very commonly
in terms of the way we do banking or the way we use
the credit card.
If you go to a shop and transact using your credit card,
does the shopkeeper only take your credit card number?
He does not. He also asks you to sign on the counter-foil,
because the number alone is not enough.
Similarly, the password or user name is not enough.
It has to be supported by another layer of security,
which has to be based on something that you are, or
something that you have. In case of credit cards it
is your signature that is so unique to you. And in other
cases, especially on the Internet, it is something that
you have and that's the token. So, on the Internet you
need something more than the password. So, I believe
the other trend is the removal of password from the
What offerings do you have for the enterprise as well
as for the Internet segments?
For the enterprise, we have come out with an initiative
called Instant Private Web. This is Rainbow's focused
foray into this segment. That is actually made possible
because of our offering called Rainbow NetSwift i-Gate.
This is basically an appliance, which takes care of
the integration to bridge the security gap. We have
introduced this offering in the market and at the same
point of time created the Professional Services Group
that actually takes away any further road-blocks that
any enterprise might have. Our sincere effort is to
help enterprises leverage the power of the Web.
Rainbow's offering is very wide. We have a very strong
position in the anti-piracy segment. We have already
sold 26 million hardware locks for the same. In India,
we have driven the mission anti-piracy.
In terms of anti-piracy and Internet security, Rainbow
offers end-to -end security. From the client side we
have i-Keys, and on the server side we talk about hardware
security modules, which are used by certification authorities.
In the Internet security segment, we are into providing
end-to-end security. We want to be extremely focused
in each of these segments, so that we are able to provide
the most that we can to each of these segments.
What's the uniqueness of Rainbow as a security company?
We are uniquely poised to address the Indian market.
And I think this advantage is unique to India for Rainbow
as compared to the other offices because of the proximity
and synergy that we have with our customers. This is
a fully functional office of Rainbow with a software
R&D center, a technical support team (this support
team also caters to the entire Asia Pacific market)
and the knowledge base that we have on the Indian market.
Security is a very different segment, as you need to
understand not only the technology but also the customer
requirements. And, we have a very deep understanding
of the Indian market and market requirements. No other
company enjoys this comfort. Our technical team consists
of those people who not only understand Rainbow products,
they also understand the needs and how to effectively
build up a security strategy for an enterprise. And,
this is the biggest advantage that we have over others.
Any future plans?
We want to take our dream further, by providing the
best services and solutions, and keep enhancing and
upgrading our products. Just beyond selling, we are
today poised to nurture the software products market
in India. We are also in the process of setting up a
Professional Services Group in India, to provide consulting
services to enterprises desirous of incorporating e-security
in various solutions for different vertical segments
like Banking, Healthcare and Government.
Gaurav Patra can be reached at firstname.lastname@example.org