General security

Interview: Patrick Oliver Graf, NCP engineering

Infosec
July 31, 2015 by
Infosec

POGrafPatrick Oliver Graf is CEO, Americas, of NCP Engineering. His company sells its remote-access VPNs to government agencies and other organizations. A total of 24 federal, state and local agencies have equipped themselves with NCP's technology for fast, secure access to their network resources and communication of sensitive data. The company has U.S. offices in Mountain View, California.

  1. You've been at NCP in one capacity or other since September 2011, and you ultimately moved on to become CEO, the Americas, NCP engineering about a year ago. What does your role as CEO, the Americas, entail?
    NCP engineering is a fast-growing remote access software vendor. To meet the needs of our customers, it's critical that we understand global market trends and ever-changing requirements related to communication and security solutions. Because the key vendors in our space are located in North America, my role is to identify who fits best with NCP's overall strategy and seek opportunities to jointly address new challenges, such as security solutions for classic remote access, Internet of Things (IoT), connected cars and machine-to-machine (M2M).
  2. What specific hard and soft skills do you need to successfully perform your work responsibilities?
    I've worked for software security vendors for more than 20 years and have acquired fundamental IT security know-how, both on the technical and sales sides. To successfully engage with our global customer and partner base, as well as with our own international employees, it is very important to understand the different mentalities and how to approach them accordingly.
  3. While you currently work in California as CEO, the Americas, you've previously worked in Germany while still under the NCP corporate umbrella. Are there any differences you've noticed between the two countries in terms of how IT professional go about their work?
    Working with customers in the U.S. is less challenging, simply because they are open to trying new solutions – even from vendors that are not well known. U.S. customers definitely make faster decisions, whereas the German mentality requires a very intense and detailed investigation process, and everything new is viewed with skepticism.
  4. What about customers--are clients in either of the two countries more or less in tune with cybersecurity issues than the other?
    I can definitely say that NCP's German and European customers have much higher expectations of security solutions, and are even more sensitive to the country of origin that a solution comes from.
  5. On your LinkedIn profile, you mention that your 20 years of experience include IT skills in secure remote access solutions. What advice would you give to a business looking to roll out a secure remote access solution enterprise-wide?
    The solution must be based on standards to provide flexible interfaces that allow for ease of integration in existing infrastructures. Cross-client platform support, central management capabilities and a rich set of security features are also important decision factors. Lastly, I strongly advocate investing ample time in a proof of concept (POC) that includes a large number of users to ensure that you're choosing the most suitable solution for your organization.
  6. What common pitfalls should businesses avoid if they want to successfully deploy a secure remote access system?
    Businesses must have clearly defined user base requirements, as well as confirmation of which devices and operating systems are being used. They should focus on knowing what kind of data needs to be secured and the authentication methods that allow their data to be safe. Lastly, the selected solution must be scalable to grow with the customer's needs to avoid future issues that may come up.
  7. Since starting up in 1986, NCP engineering has focused on delivering software that enables companies to rethink their remote access. But what is it exactly about what your company provides that differentiates it from all the rival solutions out there?
    In the very beginning, NCP was delivering hardware solutions, but now – and since the early 2000s – it has migrated to become a software security vendor. NCP's solutions are universal and fully compatible with all VPN gateways in the market, and all VPN clients in the market are fully compatible with our VPN gateway. NCP listens to the customer base, and solutions have continuously been developed and enhanced based on customer requests and ideas. And, most importantly, NCP's solution combines a full set of networking capabilities along with maximum, security features.
  8. How can companies work out the return on investment for buying remote access solutions? What things do they need to factor into the equation?
    Implementing a remote access solution means administrators are going to have to support mobile users who are rarely on site. This requires a reliable solution, to keep the helpdesk costs down, and one that provides central management capability.
  9. How does a company know whether or not remote access tools are something they should even be considering?
    If companies have mobile users that are required to exchange sensitive data while on the road or from a remote office, a secure remote access solution is imperative.
  10. With cybersecurity being a hot-button topic these days, do you have any advice for businesses that want to develop a corporate culture that includes cybersecurity best practices?
    A business can invest a lot of money in cybersecurity protection, but one of the most — if not the most — important factors is educating the user base on best practices applied to data security.
Infosec
Infosec