Businesses racing faster and faster to put their data and applications into multiple cloud services will soon have to figure out how to keep an eye on it all. Start thinking about the hundreds of users, the dozens of accounts, and the handful of different cloud services that don’t always speak the same language, and the job of monitoring and securing it all quickly gets complicated.
This is the problem that Brendan Hannigan and Sandy Bird are attacking with their New York-based company Sonrai Security, which announced itself to the world today with an $18.5 million Series A funding round led by two Boston-based venture capital firms, Polaris Partners and TenEleven Ventures. The New Brunswick Innovation Foundation also contributed to the round.
The two cybersecurity entrepreneurs, who led Waltham, MA-based Q1 Labs until it was bought by IBM (NYSE: IBM) in 2011, see the business world soon ditching the traditional data center for mass adoption of multiple cloud services — and no good way to monitor the data once it’s there. (Sonrai is the Gaelic word for “data” and is pronounced like SUN-ree.)
“In this new world, there is new complexity,” Hannigan says. “Many companies have multiple cloud providers by necessity. Some companies will have hundreds of Amazon Web Services accounts and a similar number of Microsoft Azure subscriptions.”
Businesses’ widespread transition to cloud services and storage was highlighted late last year with IBM’s $34 billion deal to buy open-source software maker Red Hat (NYSE: RHT), which develops tools to build and manage infrastructure and applications for IT operations in the cloud.
Hannigan, who took over as general manager of IBM Security after Q1 Labs was bought, says the idea for the new company came up in conversation with Bird, who became IBM Security’s chief technology officer after the Q1 deal. The idea focused on how companies were rapidly moving data and operations onto the cloud. Hannigan cited a “Death of the Data Center” prediction from business forecasting firm Gartner that expects 80 percent of companies will shut off their traditional on-site
“The first thing we did was we said there is this momentous change that is happening,” Hannigan says. “It’s a fundamental change in how applications are built, how they run, and how they are deployed.”
What’s clear, Hannigan argues, is that the old data-center approach to security that focuses on “perimeter security and firewalls” won’t work with data roaming about multiple cloud services accessed by many different user accounts.
And the change calls for a new strategy for monitoring and securing data.
Instead of building walls around the perimeters of a data center, Sonrai ’s system is built on identifying each bit of data and every user that has access. The product sits on top of what could be hundreds of different cloud accounts to track the data and users. From there, it can start to send alerts when users’ patterns change, or the cloud account is compromised by an external attack. The system also translates all the varied terms and systems of Amazon Web Services, Microsoft Azure, and other cloud services, so users can make a single request for information about data or a user, and it’s fulfilled across the different services.
It’s unclear how Sonrai’s control platform differs from others that work across multiple cloud services. VMware (NYSE: VMW) and Cisco (NYSE: CSCO) offer hybrid cloud monitoring systems with security components, as do a crop of startups that seem to be developing competing tools, including Canadian firm Embotics, San Francisco-based Scalr, and Santa Barbara, CA-based Right Scale.
The newly launched company has a lot of work ahead of it, Hannigan says, with plans to develop machine learning tools to give users better intelligence about their data on the cloud.
Polaris Partners’ Dave Barrett and TenEleven Ventures’ Alex Doll are joining the Sonrai board. Hannigan was most recently an entrepreneur partner with Polaris.
Brian Dowling is a Senior Editor at Xconomy, based in Boston. You can reach him at