For the past 15 years or so, security pros have relied on the trusty firewall and other hardware to keep bad guys from running amok on corporate networks. For the most part this has meant blocking tainted e-mails and keeping workers away from harmful websites. The latest wave of Web services—Skype, Google Docs, WebEx, Salesforce, etc.—has introduced fresh problems. They can make workers more productive, but they also transfer files, store data, and allow remote computer access in ways that can’t be easily patrolled by the standard sentinels, most of which were developed before these services even existed. Many companies either hope for the best or block the services they can’t control.
Nir Zuk has another option. He’s a veteran of the traditional firewall and security industry who struck out on his own six years ago to create a product for today’s Web. The company he founded, Palo Alto Networks, sells a next-generation firewall that makes modern Web services safe for the workplace and gives companies precise control over how their employees can use them. Instead of the all-or-nothing approach, a company with a Palo Alto Networks box can let workers access, say, the updates on a social network, but not click on links or share sensitive information. “Our customers don’t want to block Facebook,” Zuk says. “They want to use it, but they also want some control.”