An Atlanta-based startup called Ionic Security has raised a $9.4 million Series A-1 round to develop its technology that aims to let employees access data on whatever devices and networks they want without fear of having their data stolen along the way. Kleiner Perkins Caufield Byers led the round, with Atlanta’s TechOperators also pitching in.
Ionic’s Fusion product works in part, Kleiner Perkins General Partner Ted Schlein told me, by attacking all three critical aspects of cloud security: data at rest, data in transit and authentication. It encrypts data all along the line until policies are met and it’s actually unencrypted on the device, but for employees the whole process doesn’t seem much different than standard single sign-on.
Notably, it doesn’t require adding a performance bottleneck such as a VPN or security gateway, either. “If you want to try to attack them,” Schlein said, “you have to go after the endpoint itself.”
Ionic’s authentication process is somewhat unique, too, thanks to what it calls the “skeleton key.” Users get one password to access all their corporate applications and cloud services, Schlein explained, but the IT department retains control because it changes the actual credentials and manages all policies on the backend. This way, if an employee quits or is fired, some just needs to delete that skeleton key in order to ensure the employee won’t be logging into those applications again surreptitiously.
Schlein said he’s excited because it’s one of the few approaches to cloud and endpoint security that actually solves the whole problem. The rest tend to “bite off little parts of the security world as it relates to the cloud,” he said, but it will be a nightmare to stitch together so many different products into a single security strategy.