Photo: Carl M via Flickr
Last year, Andreessen Horowitz gave seed funding to a startup called CipherCloud.CipherCloud provides a layer of security between enterprise users and cloud applications like Gmail, Amazon Web Services, and Salesforce.com.
Also, despite encrypting the data as it travels from user to cloud, CipherCloud is able to keep it sortable and searchable.
Andreessen Horowitz (aka A16z) invested in CipherCloud because of two simple reasons:
- Cloud applications are increasingly popular.
- The only thing holding back enterprises from adopting them is security fears.
So A16z gave CipherCloud enough money to get started.
Then, less than a year later, CipherCloud came back to A16z and asked for more.
In the interim, it had hired 120 people, gained 40 clients, and still had all its seed funding in the bank.
CipherCloud CEO Pravin Kothari asked for millions of dollars to expand sales, marketing, and develop a few new products.
This morning, A16z announced that it’s given him $30 million.
Seems like a no-brainer from here.
Cloud applications are hugely popular. Security is the main reason enterprises are nervous about adopting them. CipherCloud and Kothari may not win the space, but in a year, it’s certainly shown that it’s worth betting on.
A16z partner John Jack, who led the deal and will join CipherCloud’s board, wrote a blog post about it.
Here you go:
Why Didn’t I Do This?
By John M. Jack, board partner, Andreessen Horowitz
Is there any question in today’s economic environment that enterprises of all sizes continue to search for solutions that fit the “better, cheaper” mantra? Cloud, as we know, meets the criteria and offers other tremendous benefits to such enterprises. However, there has been a consistent theme causing resistance to the adoption of cloud applications—security. Companies are subject to regulatory requirements and internal policies that prevent them from using these applications despite the benefits. European data protection laws, the recent guidance from the UK Information Commissioner’s Office (ICO), and the U.S. Patriot Act introduce another layer of complexity to decision making on using cloud applications. Finally, vendors of cloud applications do not want to give up the benefits they reap from the shared architecture to satisfy a subset of companies.
Enter a unique approach invented by CipherCloud.
CipherCloud encryption software resides within a customer’s network to secure sensitive cloud application data in real-time, while retaining all the native functionality of the application. The information that is encrypted is determined by the customer including, for example, sensitive fields in a database, text of email messages, documents attached to email messages or perhaps only data items occurring in messages that have a certain specific format such as social security and credit card numbers.
CipherCloud also manages the encryption keys for the customer. These keys never leave the customer’s site and are not shared with the cloud provider. This ensures that the data stored in the cloud application by the cloud provider is completely undecipherable to anyone who accesses those servers—whether it be one of the provider’s employees performing a legitimate sys administration task, or a malicious insider like a Bradley Manning seeking to leak information, or an outside attacker who has somehow gained access to the system, or even the U.S. government knocking on the cloud provider’s door with a copy of the Patriot Act in
Additionally, CipherCloud’s solution extends to the most commonly used cloud
applications and technologies:
- Google Gmail
- Microsoft Office 365
- Database Gateway
- Amazon Web Services
- Connect AnyApp
The CipherCloud Connect AnyApp offering enables customers to connect to any number of other cloud applications including third party and homegrown applications in the private cloud. For example, an enterprise interested in using CipherCloud to encrypt data in their SAP SuccessFactors HR cloud application can do so with AnyApp.
Today we at a16z are announcing a significant investment in CipherCloud and the team. We are very excited to work with Founder and CEO Pravin Kothari on introducing this solution to security in the cloud. Pravin has accomplished amazing things as the CEO in his first couple years, including hiring 130 employees and maintaining the same cash balance in the bank he had at his seed round (in which we participated).
Pravin was a co-founder at ArcSight, which went on to become the market leader by all measures in the SIEM security segment. His early work positioned the products in the company to achieve this success. He has a world-class team surrounding him at CipherCloud that we believe will only make the company accelerate its success.
There is much more to like about CipherCloud: 1.2+ million users, 100+ million customer records protected, 40+ customers installed, 10 industries represented and eight countries—a global presence in only two years.
In 2009, when I was CEO of Fortify Software (later sold to HP), my team and I had an innovation meeting. The Fortify founder, the VP of Products and I were in this meeting and discussing an idea around encrypting the data between the user and their cloud applications. Our belief was this would broaden our offerings in application security. After discussing the idea in depth, our conclusion: too hard! CipherCloud figured it out!
I can’t wait to work with Pravin and his team to build this exciting company!