Executive Interview With Craig Lund, CEO and Garret Grajek, CTO of SecureAuth

CEO Craig Lund is a seasoned technology-industry veteran with over 25 years of experience managing high-performing teams in some of the world’s leading technology companies and startups. Under his leadership, SecureAuth has become one of the recognized leaders in identity enforcement. Before joining SecureAuth in 2005, Lund worked for IBM where he was a member of the World Wide Security Management division and was responsible for Security Sales Teams for the United States, Canada, and Latin America. He developed and managed the execution of sales strategy for five security product lines that resulted in more than $100 million of annual revenue.

Garret Grajek, CTO is a CISSP-certified security engineer with more than 20 years of experience in the information security and authentication space. As Chief Technical Officer and Chief Operating Officer for SecureAuth Corporation, Garret is responsible for the strategic direction of the company’s Identity Enforcement product offerings. Prior to co-founding SecureAuth, Grajek held leadership roles at some of the world’s leading technology companies including Cisco and IBM, where he was responsible for consumer and network security products.

Droid Report recently interviewed SecureAuth about Craig and Garret’s current roles, discussing industry insights.

Craig Lund, CEO and Garret Grajek, CTO

Droid Report: Hello Craig, could you tell us more about your current role as CEO of SecureAuth and your initiatives for 2014?

Craig Lund: Of course, the number one initiative for companies in SecureAuth’s stage is growth. We have put a plan together to once again double the revenue of the company in 2014, and we have some exciting initiatives in areas like mobile identity security that should help us achieve that goal.

Droid Report: How do you see organizations further evolving in the future with security solutions and mobile?

Craig Lund: Organizations are moving beyond traditional security solutions like standard user authentication and SSO. For 2014, the organization is looking for an integrated solution that addresses security as a process that begins with consuming an identity from any source then authenticating the user with the method of their choosing based upon the value of the resource.

More and more the authentication is not one thing but rather a collection of attributes that collectively paint a picture that is in fact the identity of the user. Our mission at SecureAuth is to provide an integrated platform that facilitates the "SECURE" exchange of attributes for use in fields like healthcare and law enforcement.

Droid Report: What are some challenges which you see companies today in the industry are faced with?

Craig Lund: Security software is too expensive, too hard to deploy, and too hard to use. Security companies need to make inexpensive solutions that are easy to deploy and have no user friction. That is what we strive to do every day at SecureAuth.

Droid Report: Hello Garret, could you tell us more about your current role as CTO of SecureAuth and your initiatives for 2014?

Garret Grajek: As the CTO and technical founder of SecureAuth, I see my role as being the chief spokesman for the existing technology, unique methodology, and innovation of new technology.  

The key initiatives of 2014 will be:

• Integration of risk-based authentication mechanisms, including geo-velocity and third-party risk assessment tools.

• Release of cloud-based authentication with zero enterprise footprints, including PUSH Authentication and without PII storage of identities in cloud to avoid the SnapChat/Target PII type of attack.

• Release of mechanism for easier profile information transfer with up to 200+ attributes that can be transferred to desktop, web, cloud, and mobile apps and auditable for compliance regulations, like Law Enforcement (GFIPM) and Healthcare (Meaningful Use).

Droid Report: Could you share some of the latest news or technology updates about SecureAuth IdP?

Garret Grajek: SecureAuth will be executing Identity Provider (IdP) and cloud-based integration to major development platforms, like Embarcadero Mobile IDE, Eclipse IDE, and Canonical Juju.

SecureAuth IdP also now supports systems for encrypting and data-at-rest, based on enterprise user identities without needing certificate authority or escrowing of keys.

Droid Report: Is there anything else you feel Android users and the Android market should know?

Garret Grajek: SecureAuth includes a dropdown for SecureAuth authentication in major Android development tools and recently won Best Mobile Security Solution at the Barcelona 2014 Mobile Awards for integrated 2-Factor Authentication and SSO for Android mobile applications.

SecureAuth supports full security object registration/inventory/revocation, like NFC Proximity Cards, PUSH Notification Apps, X.509 Certificates, and USB Keys that are extensible to other objects.

SecureAuth Corporation, creators of the groundbreaking SecureAuth Identity Provider™ (IdP) solution for the borderless enterprise, was co-founded by CEO Craig Lund and CTO Garret Grajek in 2005. SecureAuth IdP turns any enterprise into an identity provider capable of enforcing 2-Factor Access Control in a single, cost-effective solution. Fueled by the cloud and mobile phenomenon and the security requirements these disruptive computing platforms require, SecureAuth has experienced an accelerated rate of growth. SecureAuth IdP is the only solution that combines SSO with native 2-Factor Authentication in a single product across all platforms. This is a radical departure from the “old school” approach to deploying and maintaining separate authentication and SSO products – an approach that simply doesn’t work for cloud or mobile.

We would like to thank Craig Lund, CEO and Garret Grajek. CTO for taking the time for this discussion and SecureAuth.