'Information Leak' Prevention Vendor Looks To Build Channel

Palo Alto, Calif.-based PortAuthority develops software and appliances to prevent what its calls "information leaks." It detects when certain data is made available outside a company's protected data infrastructure and takes measures to prevent access by unauthorized users.

DiBiase started at PortAuthority this week with a mandate in part to ramp up the company's channel business and recruit new solution providers. The vendor is targeting high-end security partners first, and it's also starting to work with storage solution providers, he said.

As part of the recruitment drive, DiBiase is working on an opportunity registration system. "We want to reward partners who bring in new business," he said.

PortAuthority currently has about 20 U.S. solution providers, about 12 of which are active, according to CEO Peter Foley. DiBiase said he is looking to initially recruit 20 to 30 new partners and drop some of the inactive partners.

Although PortAuthority is about three years old, the company relaunched in June 2005 with new venture capital funding and shifted its focus from software to appliances that stop the distribution of confidential information, Foley said. He estimated the market to be worth about $1.9 billion by 2009, based on IDC predictions.

"Other security companies focus on keeping bad guys out. We focus on keeping the good stuff in," Foley said.

Such technology is especially important given today's news headlines about data leaks and the huge fines companies are paying as a result, Foley noted. "A lot of legal legislation is going up around privacy," he said. "Social security numbers and credit card numbers are the biggest leaks. We're also seeing a lot of confidential data leaks, such as CAD drawings and customer lists."

PortAuthority's appliances sit on the network and initially spend time "learning" which customer data is at risk and the policies governing that data, Foley said. The devices monitor all communications--including TCP, FTP and instant messaging--and if they find data leaking outside the company, they will will audit, block, quarantine or encrypt that data.

While several security and storage vendors recently have merged , including EMC's $2.1 billion acquisition of RSA earlier this month and Symantec's $13 billion acquisition of Veritas Software, Foley said he doesn't plan PortAuthority to become an acquisition target.

"We're keeping our heads low," he said. "Our only exit strategy is to be the best in this category. This is a growing market. There's room for a stand-alone company."