 from downtown San Francisco. It's theCUBE, covering RSA North America 2018. Hey, welcome back everybody. Jeff Frick from theCUBE. We're on the floor at the RSA Conference 2018. 40,000 plus people packed in Moscone, north, south, west, and we're excited to be here. It's a crazy conference, security's top of mind, obviously, and everybody's aware of this. And our next guest, he's Bill Mann, Chief Product Officer from Citrify. Bill, great to see you. Great to see you. So you guys have a lot of stuff going on, but I think what's interesting to me is you guys have this kind of no trust as your starting foundation. Don't trust anybody, anything, any device. How do you work from there? Why is that the strategy? Well, that strategy is really because we've got a really new environment now, a new environment where we have to appreciate that the bad actors are already within our environment. And if you start believing that bad actors are already in your environment, you have to start changing the way you think about security. So it's a really different way of thinking about security. So what we call this new way of thinking about security is zero trust security. And you might have heard this from Google, with BeyondCorp, and so forth. And with that as the overarching kind of way we're thinking about security, we're focusing on something called next-gen access. So how do you give people access to applications and services where they're remote, they're not on the network, they're not behind the firewall, because who cares about the firewall anymore because it's not secure. So there's four tenets of next-gen access. One is verify the user, verify the device that they're coming from, so they're not coming from a compromised device, then give them limited access to what they're trying to access or what we call limit privilege and access. And the last one is learn and adapt, which is this kind of pragmatic viewpoint which is we're never going to get security right day one. To learn and adapt on what we're doing, look at auditing logs and session logs to change your policy and adapt to get a better environment. So are you doing that every time they access the system as they go from app to app? I mean, how granular is it where you're consistently checking all these factors? We're always checking the factor. We're using actually machine learning to check what's happening in the environment. And that machine learning is able to give that user a better experience when they're logging in. Let's say Bill's logging into Salesforce.com from the same location, from the same laptop all the time. Let's not get in the way, right? But if Bill the IT worker is going from a different location and logging to a different server, that's prompting for another factor of authentication because you want to make sure that this is really built because fundamentally you don't trust anybody in the network. And that's really what you guys call this next-gen access. That's right, that's right, that's right. It's not just, I got a VPN, you trust my VPN, I got my machine, those days are a long, long path. Well VPNs, no no to VPNs as well, right? We do not trust VPNs either. So a big topic ever since the election, right, has been kind of people infiltrating the election, influencing how people think. And you guys are trying to do some proactive stuff that you've announced here today for the 2018 election to try to minimize that. Tell us a little bit more about it. Yeah, we call it secure devote. And if the audience has looked at the recent 60 minutes episode that came on, that did a really good, that walked everybody through what was really happening with the elections, the way the Russians really got onto the servers that are storing our databases for the registration systems and change data and created chaos in the environment. But the fundamental problem was compromised credentials. I mean, 80% of all breaches, believe it or not, are doing compromised credentials. They're not around all the things that we think are the problem. So what we're doing here with secure devote is giving our technology to state and local governments for eight months for free. Essentially they can then upgrade their systems, right? So they can secure the vote. So fundamentally securing who has access to what and why and when. And if you look at the people who are working on election boards, they're volunteers, they're a lot of temporary staff and so forth. So you can just imagine how the bad guys get into the environment. Now we've got a lot of experience on this. We sell to the state and local governments. So we've seen our technology being used in these kind of environments. So we're really making sure that we can do our part in terms of securing the election by providing our technology for free for eight months so election boards can use our technology to secure the vote. So how hard is it though for them to put it in for temporary kind of situation like that? Have you made it pretty easy for them to put it in if they're not an existing customer? Absolutely. I mean, one of the things, one of the fallacies around this whole next gen access space is the fact that it's complicated. It's all SaaS based. It's easy to use. And it's all in bite sized chunks, right? So some customers can focus on the MFA aspects, right? Some customers can focus on making sure that privileged users who have access to the databases are limiting their access, right? So there's aspects of this that you can implement based upon where you want to be able to, what problem you want to be able to solve. But we do provide a very pragmatic, best practices way of implementing zero trust. So we're really providing that zero trust platform for the election boards. All right, well, that's great work Bill and certainly appreciated by everybody. We don't want crazy stuff going on in the elections. Absolutely. So we'll have to leave it there. We'll catch up back in the office. It's a little chaotic here. So thanks for taking a few minutes. Thank you very much. All right, he's Bill Mann. I'm Jeff Rick. You're watching theCUBE from RSAC 2018. Thanks for watching.