Data security startup DataCloak is using artificial intelligence (AI) and “zero-trust” computing to give companies greater control over their sensitive information to combat internal and external threats.
The backstory: Founded in early 2018 by a former senior director and engineers from search giant Baidu, DataCloak provides solutions to ensure sensitive data remains confidential.
The Shenzhen-based company comprises former Google, Tencent and Baidu employees, with CEO Liu Chao setting up the company alongside co-founders Wu Ye and Yang Yifei.
The company has already raised $5 million and is seeking additional funding despite its recent formation.
Unique selling point: DataCloak wants to allow employees of an enterprise to securely access corporate data wherever they are in the world. They do this by combining multiple technologies that allow for increased control over who can access privileged information.
DataCloak follows the “zero-trust” approach to data security, where users are not trusted purely because they are on a corporate network.
The company achieves this by setting up an isolated and secured workspace within an employee’s computer or smartphone, with only registered devices able to access a corporate network.
While files and clipboard data can flow freely into the workspace, information flowing from within can be controlled and later audited, lowering risks of data leaks.
DataCloak provides secure communication between a device and a corporate network from anywhere in the world, and allows for configurable security levels for every device. This permits a company to choose who can access what data.
The platform also features AI-driven security, which learns a workspace users’ normal behavior to identify abnormalities that could act as an alert for a potential threat.
“We try to protect the owners of data during the whole data lifecycle, from generation to transformation, as well as the data flow. This could be the source code from a software company, it could be users’ private data held by banks, or even invoices or customer lists. We don’t trust based on where you are; we don’t trust you based on our account name; we don’t trust a laptop purely because it’s distributed by your company. We use a ‘don’t trust, always verify’ approach” —Cui Yongxin, chief operating officer of DataCloak
The investors: DataCloak has attracted attention from Matrix Partners China, which led its $5 million Pre-A Series in September 2018. The company is currently finalizing its Series A.
The landscape: China’s cybersecurity industry will reach RMB 63 billion ($8.95 billion) this year, according to figures from the China Academy of Information and Communications Technology. Data leaks are a common occurrence in China despite strict laws to limit the fallout.
Enterprises that do not sufficiently protect their customers’ data can face severe penalties, including having their business licenses revoked.
Numerous high-profile tech companies in China have suffered data breaches. In April, drone maker DJI said an employee leak cost the company RMB 1.1 million. Anime-streaming platform Bilibili has also had its share of problems, with user data shared in a Github repository earlier this year.
In some cases, stolen data has gone for as little as $0.01.
Prospects: China’s 2017 Cybersecurity Law and an upcoming law governing cryptography have forced companies to improve their security.
This has created a growing market for cybersecurity companies looking to help other firms with compliance.
Additionally, as more employees bring their own devices to work, increasingly innovative solutions are needed to make sure corporate data remains safe.
Data brings both wealth and power to those who hold it, increasing the need to ensure that it is kept secure and that access to critical data is controlled.