Micro Segmentation for Data in Use
Cyber security is trying to stay one step ahead of cyber criminals. The one constant is that all perimeter security systems will be compromised. Hackers riding in on customer accounts will penetrate. Others will fall to insider threats. But, in the end, all perimeter security is vulnerable.
When a company’s data is at rest, in a database, it is encrypted and thus perfectly safe. Even the FBI could not crack an iPhone that was encrypted in a reasonable time.
When data is moving through a VPN, it can also be encrypted. But when the data is in use, particularly through “collaborative applications” like Google Docs, Dropbox or the host of portals from health care and financial firms, the data is completely vulnerable.
A bad actor can ride in on a customer account and create “lateral intrusion” taking account information across the entire database.
An Austin, Texas startup built a patented solution that stops this kind of attack in its tracks. It is the equivalent of protecting banks, not by stopping robbers with guns, but making sure that when the robber comes into a bank, they can only steal a dollar. All that work for one dollar.
Different way to solve the problem and a solution that is likely to become the new paradigm over the next several years.
This startup wisely chose not to go the VC route for its early financing. First, if it had done so, with no major customers in place, there would have been a low valuation and high dilution.
And it would have become the victim of “preferences,” those small print things that convert entrepreneurs into low level employees around the B or C round.
They chose to “find the customer looking for you.”
This startup, with no offices, working out of the faculty lounge at a major Texas university, worked to find a large corporation that had a unique need: very high security, offered as a service, to differentiate its cloud offerings.
After some beta work and a 3-month pilot, the Fortune 100 company adopted the micro segmentation security product and is taking it into its top few customers.
Now this startup is at the decision maker level, with zero cost of sales, demonstrating its offering to a customer with a huge security need.
Should it ever need to take in VC money, it will do so at point where it has a group of luminary customers, paying full license fees, with Chief Information Security Officers touting the uniqueness of the technology, with a sales force of 1,000 reps (none of whom are on its payroll), cash flow positive—-
This is the better way.