Thinking outside the (Drop)box: PKWARE targets enterprise file-share encryption



Similar documents
ncrypted Cloud emerges from stealth mode with free data encryption offering

E-Guide SIX ENTERPRISE CLOUD STORAGE AND FILE-SHARING SERVICES TO CONSIDER

Smartcrypt Encryption Key Management

Introducing Databackup.com Cloud Backup. File Locker File Sharing & Collaboration EndGaurd EndPoint Protection & Device Management

SECURITY OF CLOUD STORAGE AND CLOUD COMPUTING

Accellion raises the bar in secure cloud-based file sharing

Ovum Decision Matrix: Selecting an Enterprise File Sync and Share Product,

Whitepaper. Simple and secure. Business requirements for Enterprise File Sync and Share solutions.

With $8.7m series A funding in the bag, Cirro looks to shore up its federation business

EasiShare Whitepaper - Empowering Your Mobile Workforce

Solve the Dropbox Problem with Enterprise Content Connectors. Whitepaper Solve the Dropbox Problem with Enterprise Content Connectors

Top. Reasons Federal Government Agencies Select kiteworks by Accellion

How To Secure Shareware Kiteworks By Accellion

Cloud Computing for Education Workshop

Overview of Microsoft Enterprise Mobility Suite (EMS) Cloud University

Web Threat Detection 5.0, the second major release under RSA for the former Silver Tail

Proposal. Deployment Guide. How to Use CloudBerry Drive with Oracle Storage Cloud Service

Elastica stretches to capture a wide range of SaaS security features with its CloudSOC

SafeNet Data Encryption and Control. Securing data over its lifecycle, wherever it resides from the data center to endpoints and into the cloud

SafeNet Data Encryption and Control. Securing data over its lifecycle, wherever it resides from the data center to endpoints and into the cloud

Top. Reasons Legal Firms Select kiteworks by Accellion

Secure your data. Wherever it is, Wherever it goes, However it gets there...on all major platforms. For every user.

STRONGER AUTHENTICATION for CA SiteMinder

Information governance is old news at Nuix

Manual for Android 1.5

How To Manage A Privileged Account Management

SOOKASA WHITEPAPER SECURITY SOOKASA.COM

Login Consultants touts lightweight automation tools for desktop and server deployments

BYOD File Sharing Go Private Cloud to Mitigate Data Risks

Mobile device and application management. Speaker Name Date

Protecting Data-at-Rest with SecureZIP for DLP

BYOD File Sharing - Go Private Cloud to Mitigate Data Risks. Whitepaper BYOD File Sharing Go Private Cloud to Mitigate Data Risks

SecureAuth homes in on BYOD management and mobile app access

The Hybrid Cloud Advantage White Paper

Microsoft Enterprise Mobility Suite

Performance Analysis of Client Side Encryption Tools

Internet File Management & HIPAA A Practical Approach towards Responding to the Privacy Regulation of the Act

Protecting Your Data On The Network, Cloud And Virtual Servers

Security and Privacy Considerations for BYOD

Continuum courts MSPs with its backup and disaster-recovery service

Market Trends: Secure File Sharing And Collaboration In The Enterprise, Q1 2014

How To Support Bring Your Own Device (Byod)

11 Best Practices for Mobile Device Management (MDM)

The Challenge of Securing and Managing Data While Meeting Compliance

Managing BitLocker With SafeGuard Enterprise

Ensuring Enterprise Data Security with Secure Mobile File Sharing.

Top. Enterprise Reasons to Select kiteworks by Accellion

EMA Radar for Workload Automation (WLA): Q2 2012

Citrix announces 50% YoY revenue growth from cloud partners, Workspace Services

The Benefits of an Integrated Approach to Security in the Cloud

Cloud Backup and Recovery for Endpoint Devices

On the Radar: CipherCloud

Enterprise Content Sharing: A Data Security Checklist. Whitepaper Enterprise Content Sharing: A Data Security Checklist

Nubo Software's UX over IP brings network efficiency to virtual mobile infrastructure

EMA Radar for Application Discovery and Dependency Mapping (ADDM): Q AppEnsure Profile

Contingency Access to Enterprise Encrypted Data

How To Protect Your Data From Harm

Backing up your digital image collection provides it with essential protection.

Comprehensive Agentless Cloud Backup and Recovery Software for the Enterprise

File Sharing: Risk or Remedy?

AppDynamics is making strides with its Mobile Real-User Monitoring offering

Security Architecture Whitepaper

Comprehensive Agentless Cloud Backup and Recovery Software for the Enterprise

Comparing Box and Egnyte. White Paper

SECURE YOUR DATA EXCHANGE WITH SAFE-T BOX

Zoho weaves more of its own apps together, pulls in threads to third-party software

Advanced Configuration Steps

End-to-End Enterprise Encryption:

How To Grow A Cloud Computing Company

Security Overview Enterprise-Class Secure Mobile File Sharing

SAP White Paper Enterprise Mobility

Synergic Partners: Spanish big-data pioneer

WHITE PAPER NEXSAN TRANSPORTER PRODUCT SECURITY AN IN-DEPTH REVIEW

Mac OS X User Manual Version 2.0

Transcription:

Thinking outside the (Drop)box: PKWARE targets enterprise file-share encryption Analyst: Garrett Bekker 6 Jun, 2014 Veteran encryption and file-compression vendor PKWARE entered the market for securing data on popular file-sharing services in 2012 with a consumer-oriented offering (Viivo) that, at the time, was focused mainly on Dropbox. Since we last wrote about the company, PKWARE has introduced a bulked-up version of Viivo that now includes support for enterprise file sync and share (FSS) offerings from Bitcasa, Box, Barracuda's Copy, Google Drive, Microsoft's OneDrive and SugarSync, as well as a variety of device types (Mac, Windows, ios and Android). Viivo 2.5 also includes the ability to search and preview protected files and discover unknown cloud file shares, all intended to help Viivo stand out among a growing crowd of competitors. The 451 Take Viivo has come a long way in the past year, with an enterprise version that includes a variety of new features and one of the broadest coverage models we know of. The recent product enhancements, along with PKWARE's enterprise pedigree, could help ease enterprise concerns regarding the adoption of cloud-based FSS services and the long-term viability of some its freshly minted peers not to mention an attractive cross-selling opportunity. However, while the 'Dropbox problem' remains a thorn in the side of many organizations struggling to come to grips with rogue employee use of cloud-based file-sharing services, enterprise adoption of cloud-based FSS platforms remains tepid, with many organizations clinging to a preference for behind-the-firewall file sharing. Still, Dropbox isn't going away anytime soon, and although Viivo does have the ability to help secure on-premises data, PKWARE is betting that enterprise resistance will gradually soften. Meanwhile, the market Copyright 2014 - The 451 Group 1

remains in flux, and a hybrid product could ultimately emerge as the winning strategy. Context PKWARE has a full suite of file compression and encryption products that span a variety of devices and deployment models, including desktops, mobile devices, servers and mainframes. The company was founded in 1986 by the late Phil Katz, the inventor of PKZIP compression, and the 'PK' of 'PKWARE,' who passed away in 2000 at the age of 37. CEO Miller Newton joined PKWARE in 2009, after serving as CEO of applications and management software vendor Netkey, Lavastorm Analytics, and online jobsite Monster.com (now Monster Worldwide). The company is headquartered in Milwaukee, with offices in New York, London and Ohio, with approximately 70 employees. PKWARE claims to have more than 35,000 customers globally, including more than 200 government entities. Although the company doesn't disclose financial information, we estimate revenue comfortably in the eight-digit range. PKWARE has raised an undisclosed amount of private equity funding from Montreal-based Novacap and Chicago-based Maranon Capital. Products As we have noted in past reports, there is a growing list of companies looking to enable secure sharing, sync, and storage of files and data. The group can be roughly divided into two camps: vendors that are looking to provide a layer of encryption and security on top of public cloud FSS services, like Box and Dropbox, and those that offer a complete platform that is intended to serve as a secure alternative to existing FSS services. PKWARE falls in the former camp, launching its Viivo offering in 2012 as a 'freemium' product providing file encryption for Dropbox users, mainly consumers or 'prosumers.' Like most of its peers, Viivo's core technology is agent-based, and utilizes client-side encryption to encrypt files that are stored on Box, Dropbox, etc. Similar to other FSS encryption providers, Viivo uses a combination of symmetric RSA crypto to secure the files while using asymmetric PKI-based encryption to secure the symmetric keys. Once users have downloaded the software and created an ID and password, they simply place files in their Viivo folder, sync the folder with their FSS provider, and select users with whom to share files on the FSS provider's website each one receives its own unique key. Viivo takes a 'trust no one' approach neither Viivo's nor the FSS provider's servers have access to unencrypted files or keys, leaving customers with full control over their data and the ability to revoke access to files at any time, regardless of their location. Copyright 2014 - The 451 Group 2

Since we last wrote about PKWARE, the company has launched an enterprise version of Viivo and expanded the coverage model beyond Dropbox to include support for Box, Google Drive, Barracuda's Copy, Microsoft's OneDrive, SugarSync and Bitcasa. New features include file name encryption, multi-factor authentication and encryption for ios (Android is expected soon). Other new features include deeper integration with Dropbox for automatic share detection, automatic key management and key exchange for Dropbox shares, as well as deeper integration with Box. Cross-platform support is also a big part of the PKWARE story. In addition to supporting a wide variety of FSS platforms, Viivo plans to support a variety of encryption methods, including PGP and X.509 certificates, and will potentially add the ability to retrieve security artifacts via LDAP or private key storage tools like SafeNet's Luna HSM. Another interesting feature is Viivo's ability to monitor data egress and discover files located in other FSS platforms that enterprise IT admins may have been unaware of. Once Viivo discovers unprotected files in other cloud environments, admins can receive alerts regarding where the data is going and whether it is protected. Viivo also includes dashboard and reporting capabilities that can help pinpoint potential areas of abuse. One of Viivo's interesting features is the ability to preserve the functionality of application features such as search and preview, without affecting existing application workflows, similar in principle to SaaS encryption vendors like CipherCloud, PerspecSys and Vaultive. While the latter utilizes a proxy-gateway approach, Viivo provides users with two folders an encrypted folder within the cloud service provider's environment and an unprotected folder on the local device, which maintains 'persistently decrypted' local copies. Users can perform search, sort and preview on the unprotected local files, which are automatically synced with the encrypted copies on the FSS provider's servers. Of course, this presumes that the local device is in safe hands. While this feature may be convenient, we suspect firms in more restrictive environments may have concerns about lost or stolen laptops, and may opt for additional security measures, such as strong authentication (Viivo has a partnership with Toopher) and MDM, or just disable this feature entirely. It's probably worth keeping in mind, however, that Viivo's primary raison d'être is keeping files safe from the prying eyes of Box, Dropbox, etc., not whole disk encryption PKWARE already has products for that (SecureZIP), and could look to combine some of that functionality with Viivo down the road. In the not uncommon event that a user forgets their password, Viivo utilizes a split-key feature that stores part of the user's private key on Viivo's servers, and a recovery code on any previously authenticated device. As long as the user has access to the original email account and is attempting recovery from a previously authenticated physical device, the password that is used to encrypt the private key can be recovered. And of course, if users can't recover their password, the loss isn't necessarily catastrophic, since users have unencrypted copies on their local devices. Copyright 2014 - The 451 Group 3

Strategy Although Viivo started out with a freemium version targeting the 'prosumer' market, the enterprise market has been a primary focus since the launch of the enterprise version in October 2013. The free version of Viivo is still available for personal files and for sharing files with non-viivo users, as well as on a 14-day trial basis for enterprise customers. The enterprise version of Viivo follows standard per-user-per-month pricing, starting at $9.99. Unlike most of its startup peers, PKWARE is already on the vendor list of its 35,000 enterprise customers across the usual industries of financial services, healthcare and government many of which are potentially ripe targets for cross-selling Viivo as a complement to their existing encryption and compression products. Ultimately, we could see the logic of combining Viivo with PKWARE's SecureZIP Desktop product for Windows file encryption. Competition The FSS market is very competitive, and the race to secure the various flavors of FSS offerings is running rapidly, with new startups entering the fray and existing vendors adding new features and support for a growing list of FSS platforms. As noted above, we segment the field of entrants into two camps: those like PKWARE that provide security layered on top of existing FSS services such as Box or Dropbox (Cloudfogger, Invenia AS [Ensafer], ncrypted Cloud, Sookasa and SafeMonk [SafeNet]), and vendors that are looking to provide a complete enterprise alternative to consumer-oriented FSS platforms with security and file storage combined (Accellion, Covata, Egnyte, Intralinks, WatchDox, onecloud, AdeptCloud [Hightail] and TeamDrive). In the former camp, vendors can be further grouped according to market focus (consumer/smb/enterprise) and coverage models (Box, Dropbox, Google Drive, Microsoft's OneDrive, Barracuda's Copy, Bitcasa, etc.). On the 'prosumer' side, Viivo claims it is most likely to encounter Boxcryptor (Secomba) and Cloudfogger, while it considers its primary enterprise rival to be Sookasa, given a somewhat similar architecture, as well as ncrypted Cloud and SafeMonk. Both ncrypted Cloud and SafeMonk provide encryption for files stored in Dropbox, although ncrypted Cloud recently added support for Google Drive and OneDrive. SafeMonk remains completely focused on Dropbox for the foreseeable future. Content Raven is taking a hybrid approach, with the ability to layer security on top of public FSS services, in addition to providing a complete FSS platform. Given its ability to discover cloud file shares, Viivo is also beginning to overlap somewhat with cloud Copyright 2014 - The 451 Group 4

application control (CAC) vendors such as Adallom, Netskope and Skyhigh Networks, which have the ability to discover cloud applications, as well as SaaS encryption vendors such as CipherCloud and PerspecSys, which have recently announced a discovery component to their offerings in an effort to help enterprises get a better handle on exactly what their employees are doing. While members of the former group are likely to be less direct competitors with Viivo, there is the potential to compete for budget dollars. Logically, providers of cloud file-sharing services could also be viewed as potential competitors, given that the market is highly competitive and the perceived lack of adequate security controls could be a hurdle to greater enterprise adoption. To illustrate, Box has added security features of its own with the recent acquisition of security analytics vendor dloop, to provide granular info on what is happening with files stored within Box, while Dropbox has also beefed up its internal security team. SWOT Analysis Strengths Weaknesses PKWARE has a long history in compression and encryption, which could be a comfort for enterprise customers evaluating alternative providers that are barely out of stealth mode. With support for various FSS providers and encryption flavors, Viivo has one of the broader coverage models of its peer group. The ability to preserve key application features and to discover files in other cloud platforms could help Viivo stand out in a market that is already starting to look fairly homogenous. Opportunities Threats Until recently, the FSS market had been growing at a rapid clip, although the postponement of Box's planed IPO and recent S-1 filing have dampened market enthusiasm somewhat. The ability to cross-sell into PKWARE's customer base could be a key advantage over its less mature peers. The focus on cloud-based FSS platforms could scare some enterprise customers away, although Viivo does have the ability to support on-premises platforms like SharePoint. Like many of its peers, Viivo is agent-based, although many of PKWARE's existing enterprise customers already have PKWARE agents installed, which could help smooth adoption. FSS vendors like Box and Dropbox are bulking up their own security efforts, which could be good enough for some customers, and IT behemoths like Citrix, HP, IBM, Microsoft and Oracle are lurking. Copyright 2014 - The 451 Group 5

Reproduced by permission of The 451 Group; 2014. This report was originally published within 451 Research's Market Insight Service. For additional information on 451 Research or to apply for trial access, go to: www.451research.com Copyright 2014 - The 451 Group 6

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information