Inside private equity firm Blackstone, employees view financial data using Watchdox, rather than email or physical printouts. Image: Watchdox
In the age of cloud computing, companies like Google and Dropbox want to liberate your data. They give you the power to access your digital files from anywhere — via laptop, smartphone, or tablet, whether you’re dealing with personal stuff or corporate info.
Watchdox wants to feed this same revolution, but even more so than Google and Dropbox, it also wants to ensure that all those files don’t fall into the wrong hands. The Israeli company brings a healthy dose of military-grade security to the loosey-goosey world of mobile devices and cloud computing. Given all the recent press over the vulnerability of our digital data, including this weekend’s piece on NSA spying from der Spiegel, the startup’s timing couldn’t be better.
Watchdox has been preparing for this moment for five years. It launched in 2008 with backing from Shlomo Kramer, the founder of firewall pioneer Check Point Software and, apparently, a veteran of Israeli electronic espionage operation Unit 8200. Originally known as Confidela, the company maintained an air of secrecy until the announcement of its flagship product in 2009. Sales of Watchdox commenced a year later.
The idea behind Watchdox is that it’s no longer enough to lock down your corporate network against hackers. In an era of web apps and pervasive internet sharing, data itself must be locked down too.
“If you just secure the box that the information sits in, it’s going to be downloaded, and as soon as you take it onto an unmanaged mobile device and open it in another app, [the security] is gone,” says Ryan Kalember, Watchdox’s chief product officer. “Nobody really wanted to buy a firewall, but everybody wanted to connect to the internet, and the firewall made that safe to do. Because we protect at the level of the data, it makes Dropbox, mobility, and that collaboration experience safe to do.”
Watchdox works not just by encrypting data, but by making encryption and decryption as convenient as possible and by layering on additional means of security. On desktop and laptop computers, Watchdox streamlines the encryption process by hooking into programming interfaces provided by the likes of Microsoft and Adobe for certain types of files, such as Word documents or PDFs. Such interfaces more smoothly manage encryption keys and the process of unlocking certain documents. In cases where this isn’t feasible — on iPads, for instance, or with documents that aren’t viewed through Microsoft or Adobe software — Watchdox offers its own app for viewing, editing, and annotating documents.
On top of encryption, Watchdox can monitor document access, showing when and from where a particular file has been opened. It also offers watermarking, so that even if someone takes a picture of a screen showing a protected document, there is some way of knowing where it came from. For the truly paranoid, Watchdox offers a “spotlight” mode, where only a small portion of a document is shown on the screen at any one time.
Yes, there are ways of thwarting some of Watchdox’s non-encryption security tools. For example, a dedicated data thief could simply film the viewing of a “spotlight” protected document and create a composite image using bits from each frame. But many of Watchdox’s tools are intended simply to make it more painful to steal or leak information, not to make it impossible. In places like Hollywood, where Watchdox says it has signed up a majority of the large studios, simply making data theft more difficult can have a big impact.
Watchdox says it has also signed up most of the leading private equity companies (Blackstone among them) and most of the largest insurance companies. The tool has also found success among companies with long supply chains, since such outfits are typically worked with a large number of manufacturing partners located in countries with weak intellectual property protection. Nike, for example, uses Watchdox to share product designs and manufacturing instructions — “everything you would need to counterfeit a product,” Kalember says.
Not only does Watchdox help prevent leaks through manufacturing partners, it can also help with quality control — an unexpected side benefit. To wit, the tool can report whenever manufacturing instructions are accessed. “It turns out,” says Kalember, “you can do a really good job telling how well someone will make shoes based on how often someone is looking at the instructions.”
Despite mounting customer wins, including a slew of seven-figure enterprise deals this year, Watchdox remains unprofitable. But it is clearing somewhere north of $10 million in annual revenue — Kalember will only say “eight figures” — and he claims that the company is “not very far from being a profitable business.”
Watchdox, which has raised $36 million to date from venture capitalists, makes its money by selling server software and optional cloud services to large companies who want to encrypt their data. It gives the viewer away for free. The mobile viewer was only completed this year, according to Kalember, which helps explain why growth has been so strong in recent months.
Even as Watchdox nears profitability, competitors like Dropbox and Box are trying to angle in on its business. Given their large base of customers, and given Dropbox’s popularity among non-business users, both are formidable foes. But neither has experience with Watchdox-level security. Dropbox stores files unencrypted even as it ramps up other security tools, and Box is providing certain Watchdox-like tools via partnerships.
“A lot of them are finally getting around to bolting this security capability on,” Kalember says of competitors like Dropbox. In other words, they didn’t do it like Watchdox. They didn’t build for security from the get-go.