Interview with Ratmir Timashev, CEO of Aelita Software

Ratmir Timashev brings a rare combination of business savvy and technical knowledge to his role as CEO of Aelita Software, allowing him to create a vision for the company that is forward-looking, realistic, and in sync with customer needs. Timashev has extensive entrepreneurial experience. In 1993, he founded and served as CEO for Midwestern Commerce, the predecessor to Aelita. Timashev holds a Master’s Degree in Chemical Physics from The Ohio State University.

Introduce Aelita Software to our readers.

Aelita provides software that focuses on migration and deployment, administration and provisioning, operations and security, and backup and recovery. Aelita products improve the usability and security of Windows, Active Directory, Microsoft Exchange and .NET infrastructures, while also extending Windows-centric network management to multi-platform enterprises. While we offer security-specific products in InTrust and Enterprise Directory Reporter, all our products are designed with security considerations in mind.

Which challenges do you face in the marketplace? What do you see as your advantages?

As an industry, I believe we need to rethink our definition of security. If you were to ask most technology people to define security, they would likely point to the blinking light in the data center, or their pager, or some other device that would alert them to an intrusion as it was happening. And that’s great. But there’s more to security than real-time monitoring.

IT security needs to be regarded in a holistic way, not just as a solution for a single point in time. We call that concept “operational security.” It means considering the security implications of every aspect of how you deploy and operate your systems.

Take, for example, the concept of building security. Generally, there are two types of security. The first is the door or window monitor that sounds when the door is forced open or the window is broken. The second is the video camera that records what happened leading up to the break-in, and what happened when the intruder entered the building. Most IT security products offer real-time monitoring. But organizations need to also consider the IT equivalent of a security “video camera.”

One of your products, InTrust, “offers consolidated security auditing and monitoring for Windows-centric and heterogeneous networks.” Introduce its features.

Aelita InTrust is that IT security “video camera.” It consolidates, archives, and analyzes IT audit data from across the network. InTrust allows companies to “recreate” the past to see what happened leading up to an attack, as well as what happened after the attack occurred. This type of information is essential to determine the scope of a security breach.

InTrust can also be used proactively. With the vast amount of IT audit data available through InTrust and its 1,100 reports, you can correlate seemingly unrelated events to detect a possible attack before it occurs.

Lastly, because of heightened security awareness, more and more organizations (and even industries as a whole) are setting forth new security policies and regulations. InTrust’s flexible reporting console can be used to create new reports specifically addressing compliance with these policies and regulations.

In your opinion, how important is a backup and disaster recovery strategy?

It’s critical. Organizations need to understand that while IT systems are good, they are unavoidably subject to potential failure. And there are always the unforeseen issues, such as natural disasters. Imagine the cost to your company if you couldn’t process an order, accept a phone call or access e-mail. It can be in the tens of thousands of dollars per minute. The ability to recover a system quickly and efficiently is absolutely critical.

Aelita also provides backup and recovery solutions. Give us some details.

Aelita offers two products – ERDisk for Active Directory and ERDisk for Windows. ERDisk for Active Directory allows administrators to remotely back up their Active Directory information to a central repository. It also allows admins to recover all of AD, a single object or a single object attribute without taking Active Directory offline.

Imagine if you are a multi-site organization with administrators throughout the United States and around the world. What if one of those admins accidentally deletes an OU, say the entire Germany OU? Without ERDisk for Active Directory, you would have to take a domain controller offline, find the latest tape backup of AD, recover all of AD, bring the DC back up, and start replication. This process could take hours – and worse, the German operation could not log on during this recovery period.

With ERDisk for Active Directory, the admin can, from his workstation, recover just that OU without having to take the domain controller offline. It’s a fast, efficient, invaluable tool for AD administrators.

ERDisk for Windows offers similar functionality for Windows System State information, so that if one of your servers or critical workstations experiences a failure, the System State information can be restored across the network, in most cases, in 10 minutes or less.

One of our customers, BF Goodrich Aerostructures, estimates that centralizing and automating ERD creation with ERDisk saves them 10 to 15 hours a month in administrative time at just one location. That adds up to $27,000 a year savings at that one location and they do this at six locations!

What do you see as the major problems in online security today?

Internal threats are the problem no one wants to think about. Organizations have spent a great deal of money to “keep out the bad guys” when in reality, most security breaches occur internally – caused by disgruntled employees, thrill seekers, or whoever. As I mentioned before, organizations need to understand that complete security is more than just intrusion detection.

We have another product that proactively addresses this situation. It’s called Enterprise Directory Manager (EDM). EDM is an Active Directory management platform that, by design, eliminates internal security threats by simply not allowing your administrators to have privileged access to Active Directory, arguably one of a company’s most critical databases. While all of our migration, administration and recovery products have security designed in, EDM is one of the best examples of this concept of “operational security.”

What is, in your opinion, the biggest challenge in protecting sensitive information at the enterprise level?

Here is where the idea of operational security comes into play. To have a really secure network, you must consider the security aspects of everyday operational activities. For example, many people don’t realize that a rogue user can gain broad administrative access with the Elevation of Privilege attack. Aelita discovered this vulnerability, and our tools can help you protect yourself.

There are also security issues raised during migration – permission settings can be lost when moving accounts, computers, mailboxes and public folders. Are your sensitive resources secure, both during and after migration?

And of course, there are issues such as how to enforce your Active Directory administration policies – how many users have administrative rights to make changes that can affect your entire forest?

There are many facets to security – the biggest challenge today is looking beyond intrusion detection to consider these broader types of questions.

What are your plans for the future

Our plan is to stay the course and maintain focus on three keys that have already contributed to our double- and triple-digit growth over the past five years. Those keys are:

Customer focus: Often, our customers speak directly with our development group. Because we remove the layers that can block communication, the real issues make their way directly to those responsible for making our products great.

Technology bias: Aelita currently dedicates more than 60 percent of its resources to R&D. This is a much higher level than most software companies.

Focus: We are the only company dedicated to the migration, administration, security and recovery of Windows-centric environments. We think that focus of our technology resources makes a big difference when companies compare us to the competition.