FortyCloud claims its new security-as-a-service product will help companies hosting their networking in a public cloud add a layer of protection on top of their virtual infrastructure.
While many companies use services provided by public-cloud providers like Rackspace and Amazon because of their flexibility and pricing, hosting their networking out in the public can raise concerns about security. It’s more likely that a hacker can wreak havoc in the public cloud rather than a private cloud, according to Amit Cohen, FortyCloud’s co-founder and CEO.
With FortyCloud’s offering, Cohen said that a customer can get “private-cloud-level of security over a public-cloud platform.”
FortyCloud’s product highlights the ever-growing need of security services to be updated to handle the cloud. The firm’s offering is essentially a modern version of a firewall for the cloud era; it also includes optional encryption services and software agents that can be installed on cloud servers.
Using custom gateways that can be loaded up in the backend of a company’s virtual infrastructure, any information passed along into the cloud or even between cloud servers can be monitored by the user. With the ability to observe the networking infrastructure, a firm can set up cloud-based firewalls, VPN access to certain servers, and even block people from accessing certain servers.
A potential customer can dictate its security policies, and FortyCloud will translate those policies to function across all public-cloud platforms. “You define the policy and we enforce them,” said Cohen.
So far, Cohen said that FortyCloud’s services have not caused any significant networking performance problems for its current customers, although if at some point there are networking issues, the customer can contact a cloud provider like Amazon and ask for a bigger machine to handle the load.
While there are plenty of security companies out there, Cohen said that no firm offers the all-in-one approach of FortyCloud. For instance, when asked about CloudPassage, whose security platform also uses software agents that can scan virtual environments and set up configurations, Cohen said that CloudPassage does not offer the networking gateways used for authentication purposes that his company offers.
FortyCloud plans to target potential clients in the advertising technology sector, bioinformatics industry, and healthcare and financial services providers.
The latter two industries operate under strict federal regulations, Cohen said, and because of that they are mandated to ensure that they adhere to federal standards of information security.
The three-year-old company, which counts 15 employees, is based in Tel Aviv with an office in Mansfield, Mass. It completed its first round of funding in 2012, but has not yet disclosed the amount.
Given numerous security breaches and data theft over the past year — from Adobe to ebay to Target — the pressure is on all companies, especially those in heavily regulated industries like those targeted by FortyCloud to do a better job protecting data no matter where it resides. Thus, a flock of new-age security and security-as-a-service providers like this one are coming to the fore.