While PC Security Leaders Snooze on Mobile, Two Startups Get VC Funding

By Whitney Phaneuf , written on August 23, 2012

From The News Desk

Two companies focused on securing enterprise data within employee's device applications closed funding rounds today: Mocana raised a $25 million Series D led by new investor Trident Capital and MobileSpaces closed a $3 million Series A from Accel Partners.

If you're working for a startup, you probably abuse the same devices for work and pleasure. If you work for a company big enough to have an IT department, you likely use some corporate-owned devices. In either case, company data will end up on your personal devices, and vice versa. It's this web of professional and personal information, lumped into a trend called BYOD (Bring Your Own Device), that's left IT departments wondering how to implement appropriate security policies. In many cases, startups are beating incumbent PC security players to come up with answers.

"The enterprise customers got ahead of the vendors," says former head of mobility at McAfee David Goldschlag, the co-founder of MobileSpaces. "BYOD and apps is what's steering the ship. The question is how do you secure your data? Managing just the device doesn’t prevent data leakage."

Still in its pilot program with four "brand name" customers, MobileSpaces isolates the apps that require IT policies from ones like Angry Birds. IT departments add the MobileSpaces app to any device, whether it's owned by an employer and employee, and can control the apps that need to be managed by IT and ignore the ones with personal data. Packaged with it is a cloud-based service that pushes updates only to apps with enterprise data.

Already well established and funded, Mocana built its business by offering remote security management on devices from MRI machines to smart grid meters. When it comes to employee mobile devices, CEO Adrian Turner agrees with Goldschlag that it's less about the device itself and more about securing its applications. Where they disagree is part in approach, part in philosophy.

"We assume the phone is hostile, then build a wall around any applications the enterprise cares about. Users have an implicit trust with devices and that trust isn’t deserving," says Turner.

Mocana aims to give IT complete control over a device's apps. An app must first be approved to be on an employee device. Then Mocana adds a layer of security policies, designated by a lock symbol on the app. From there, IT can establish rules such as what apps are allowed to be connected to the network, where apps can pull data from the device and who can access to the app's data.

"The only way to solve BYOD is to take every application, regardless of whether it is internal or external, and effectively give it the same wrap," says Turner.

Turner says Mocana plans to use the funding to further develop products for mobile apps and BYOD, and expand corporate offices internationally. Plans for an IPO are also in the works. Turner doesn't think the PC security players will catch up in time to pose a threat.

"You’d think they’d be well placed, but they’re really not. We don’t think they’re innovating well. A large company is going to look at security through the lens that they’ve been looking at it," says Turner. "We started with a clean slate, thinking, what’s different about these devices."