Guardians Of The Network
Photo Credit :
The information highway, or the network, has been for many the hope of humanity in sharing knowledge. Yet the digital world, like the real world, is prone to focused attacks because some groups believe that information, when in the hands of large corporations, is not democratic. There are large gates or forts in the IT world that differentiate between those civilized and those that are not. Today large IT security companies like Symantec, RSA, McAfee and Norton are building these forts for Fortune 2000 enterprises and they secure data centres and networks for these corporations. But with the world of devices and applications converging on small enterprises, there needs to be an overhaul in the way IT security is looked at, both in terms of cost and its reach.
Enter AppKnox, a quirky startup from Bangalore, whose business model is as unique as the individuals who run it. Incubated at Microsoft Ventures, their motto is to ready enterprises for the next wave of IT security, which is about being agile and proactive during the deployment of mobile applications. Three engineers, or the musketeers, Prateek Panda, Subho Halder and Harshit Agarwal have got together to tell the world that they need not build standard fences; instead they ask them to take the fight to the hackers by understanding security at the code's scripting level. "Security is the last piece which software developers think about, it is a procedure for them and therefore several applications out there, on all mobile operating systems, are vulnerable," says Subho Halder, co-founder at AppKnox.
They met at a college in Orissa, seven years ago, and were looking at software programming through a different lens. For them every program could be broken into and reprogrammed to fit their commands. Their search for breaking code took them deeper into the dark world of the black hats, these were the wizards and sorceresses of the computer world or just plain people, who break into computing programs to steal information or to help organisations secure their applications. It’s a good thing that these guys have seen the dark side and are now out there to "serve and protect" the world.
However, their learnings were not treated with fondness. Like all things unconventional, they were shunned by many. Once employed, after college, the curiosity to tell their organisations that their applications could be broken into led them to trouble. Their organisation put the brakes on them and the boys were pulled up for pointing out mistakes. They were hitting at the sanctity of the organisation, or more so the chief technology officer's ego. In fact, an IT services company, where Subho worked, threatened to sack him and warned him not to ever dabble with such things. "It's sad that a good intention is always hushed up because the company does not have good IT security policies and wants to cover it up," Halder says. Nevertheless, these experiences made them stronger since the business or market numbers proved that they could become entrepreneurs.
Organisations spend $71 billion on enterprise information security. By 2020 the number could go up to $100 billion. Gartner predicts that this year alone enterprises would spend $6 billion for cloud based applications. With Gartner predicting that the world will have 50 billion devices being connected, protecting the information highway is going to be like the American movie Tron. For those who have not seen the movie, human beings enter the computer world to fight corrupt computer programs trying to extend their dominance in the physical world.
The genesis of AppKnox in 2014 began with an intention to help software developers focus on security before they release their app. All that the user has to do is to send the binary of the app on AppKnox's website. Voila! The AppKnox "engine" will tell you about the flaws in the scripting code, the source code and the machine code. Their business model is based on software-as-a-service and will also consult with companies in making their IT security stronger for their mobile play. Their service will benefit a whole host of small companies that cannot afford proprietary security software. They have raised pre-seed money of $19700 from a Singapore-based incubator called JFDI Asia and are well on their way to raising angel money.
But why do these market or industry numbers make sense? For that we need to go back to 1985 when the world's first virus was created, by two Pakistani software entrepreneurs, on a floppy disk. They created the software to corrupt information stored in computers. But the virus had to physically move from Pakistan to the USA through a 5 inch floppy disc to corrupt computers. From there on it brought down several university computers. It made those Pakistani engineers, Basit and Amjad Farooqi, world famous. Today information is sent over the network and the highway is open to information bandits. There are millions of viruses that sit in the network to destroy or steal information everyday. Therefore, the need to have more folks patrolling on the "civilized" side.
The business for AppKnox will depend on its ability to sign up more customers. For this, it needs money, but finding it can prove hard for an IT security startup. There is a reason for that because the Indian market is still not concerned about network or mobile security. Earlier an innovative Bangalore-based startup called RedForce Labs, which pioneered protection - from hackers - of online money transfers, could not succeed because banks were not convinced of the hardware-oriented business model. The banks cited that the startup included, in their business model, payment for an external USB device that would infuse protection during money transfers. However, the idea was pure genius because any software can be broken into and the startup made an effort to protect information through a security code infusion from a plugged in external device.
AppKnox seems to be the next extension. And their best bet is to scale up to survive.