Rethinking Data Security in a Cloud-based World


With a Bachelor of Mathematics and Computer Science, a Masters degree in Computer Science and a PhD in Computer Science and Math (specifically Cryptography), it's a bit of an understatement that Cedric Jeannot, CEO of I Think Security likes solving problems. And he's pointed his company at solving one of the thorniest problems facing our economy today — cybersecurity.

After finishing his PhD at the University of Louisville in Kentucky, Cedric opted to choose an entrepreneurial path, founding I Think Security Ltd. to commercialize technology based on his doctoral research. "I developed my dissertation on securing corporate documents — and through my research, I discovered there is a massive gap in this specific field of security. Cybercrime is an incredibly complex problem to solve, and it's growing at an exponential rate. Yet most large businesses today continue to run on security technology and infrastructure built 20 years ago. Organizations need to keep up, and there's much need for improvement and innovation in this space. I knew we could make a difference."

Jeannot goes on to explain why traditional approaches to security no longer work in a world governed by the cloud and by mobile technologies. "For the last two decades, securing the enterprise meant keeping information inside the company / keeping attackers out. Efforts were focused on constructing firewalls to contain the infrastructure and corporate data. Policies were developed to prevent people within the enterprise from doing certain things, such as bringing their cell phone to work. But all of those security methods went out the window with the emergence of the cloud and the proliferation of powerful mobile devices. The firewall/containment approach no longer works, because staff members are now working on airplanes, or in coffee shops, and your corporate data is sitting in the cloud. Companies have had to change their entire way of thinking about data security."

I Think Security has helped to pioneer this new thinking, by encouraging its customers to shift their focus away from securing the infrastructure toward securing the data itself. The concept is new to many enterprises, but is gaining traction. "Our way of solving the problem of data security is very different and new for many of our customers. We're helping them understand it's not about containing the data inside the firewall. It's not about worrying where the data lives. It's about securing the data itself, so regardless of its location, you are always secure."

I Think Security has built a platform as a service solution that takes care of data security in any form and injects something (think of a virus but a good one— urges Jeannot) into documents to make the documents secure wherever they may travel. So if you are in China, and you try to open a document, you can't because the intelligence in the document will prevent you from opening it.

"We have determined a way to make the document clever enough, so security policy can actually live within the document itself," says Jeannot. "Then our platform monitors and tracks activity around the document."

The applications for I Think Security's data security platform are limitless and exist across many industries, however the company, a start-up that has only recently graduated from the Waterloo Accelerator Centre, has opted to establish early market traction through a go to market strategy that specifically targets the financial services sector in New York. Jeannot points to the wealth management sector as an example use case of the I Think Security technology in action. "Wealth managers within a bank need to collect information in document from their clients. Knowing that those documents are secure, and can be securely exchanged helps build client confidence and trust in the bank and in the wealth advisor, and in turn, they end up investing more. So while there are many compelling reasons to secure documents, our financial services clients are telling us that improved document and data security is not only helping them reduce risk, but also increase revenue.

Constant innovation is the hallmark of a start-up, and I Think Security has no shortage of opportunity to problem-solve in the security space. "The opportunity is only getting larger and larger as people and companies become more aware of the risks associated with cyber," says Jeannot. For its latest venture, I Think Security has kicked off a Kickstarter campaign to help fund development of an application of their technology for Dropbox. "We have a lot of people coming to us saying they are already using Dropbox for cloud file storage, and we recognize we are not going to displace that technology. So we have developed a product that piggybacks off that infrastructure. It is the first product to secure a document within Dropbox so a Dropbox employee can't see it; secures the copy of the document that sits on your computer; and enables secure sharing of that document. Our approach adds value to the Dropbox solution, as it adds a new level of security, provides a better customer experience, and yet is completely invisible to the end user. Depending on the success of the Kickstarter program Jeannot hopes to soon extend the solution to other cloud storage solutions such as Box, GoogleDocs, and Microsoft Skydrive.

The problems presented by data security are so immense; it is often difficult for the average consumer to fathom the potential harm that can be done. But as awareness grows among consumers and corporations, so does I Think Security's business opportunity.

"Just recently, it was reported that malicious cyber activity costs the US economy as much as $100 billion dollars a year — massive economic impact — yet in the case of most cyber theft, whether financial or IP is that it is invisible to the average individual," Jeannot explains. "You don't see it, and you don't realize the damage until it is far too late."