By Ariel Blum
BYOD may sound like a party invitation, but it stands for “Bring Your Own Device” and it’s a growing trend in corporations worldwide. With employees increasingly unwilling to part with their personal iPhones, iPads and other mobile gadgets, bosses are begrudgingly allowing them to hook up to the company’s network.
However, there’s a danger in this practice that Israeli startup Skycure seeks to solve.
You see, when you connect your mobile device to the Wi-Fi at the local Starbucks, that network may not be as secure or encrypted as the one at work. A hacker sitting just a table away could be hopping onto your device as you check your email or browse for last night’s sports scores. Then, when you plug back in at the office, it’s off to the races.
Think it’s not so likely? Skycure co-founders Yair Amit and Adi Sharabani hijacked the phones and tablets of participants at the September 2012 DevCon conference in Tel Aviv to show just how easy it really is. The poor participants saw their screens swipe without their control; emails written without permission; apps opened and photos changed.
“Everyone knows that hackers can alter your data and steal your personality,” says Amit, CTO for Skycure. “But what’s less known is that this is a great way to penetrate the corporate network as well.”
The answer, according to Amit, is the creation of a “mobile firewall” that does for phones and tablets what the long-established firewalls have for years provided to protect corporations’ computer assets.
“Firewall” is an imprecise term, Amit insists. A “hybrid security” system might be more accurate, in that there are components on both the phone and on the company’s network to block intruders.
If you’re thinking at this point, “I want one of those,” you’re slightly out of luck. Skycure will be selling its technology to enterprises only.
Solid funding
Skycure is financially well positioned to press its case: The company raised $3 million from the Israeli VC Pitango months ahead of the product’s release in early 2013.
“We’re in the process of developing the product, recruiting the best people and enjoying every minute,” says Amit.
The company currently has six employees and is growing to 10 with the new financing. Amit and Sharabani have self-funded the company until now, in part from their successful exits from Watchfire, another security startup, which was bought by IBM in 2007.
Skycure is in discussion with potential clients – Amit says he’s not naming names, although he reveals that most are in the financial services area. Pricing is still under discussion. The service might charge a one-time fee or sell a monthly license.
Skycure’s Yair Amit, left, and Adi Sharabani
Computer security is big business – Norton and McAfee are well-known names with huge resources. What’s to stop them from entering the same market where Skycure is now building its expertise? The same question could be asked about any startup going up against the big guns, Amit counters. But Israel has the security chops to hold its own. Let’s not forget Check Point, the still-reigning dean of the security titans.
“Yes, it’s challenging to enter markets like the US and Europe,” Amit admits. “But in the field of security, when we knock on the door, there is recognition that Israel’s technology expertise is valuable.”
Worked with LinkedIn
Skycure received a lot of attention earlier this year when its founders “exposed” a practice at LinkedIn that was putting users’ data at risk. The goal was benign – LinkedIn was uploading its members’ calendar data from their mobile phones to LinkedIn’s servers in order to share meeting information and synchronize schedules.
But LinkedIn was doing it without asking for the user’s permission. With millions of users of its mobile apps, the story shot across the blogosphere.
“We worked with LinkedIn to improve the way their app behaved,” Amit says. Today, users have full control over what gets shared.
Amit, 29, has been interested in security for as long as he can remember.
“I’ll look at a line into an entrance to somewhere and I’ll analyze the process, to see how I can sneak in,” he says. He pauses. “I don’t actually do such things – it’s just the way my mind works!” he emphasizes.
Fortunately for the rest of us, it’s exactly that kind of thinking that’s needed to keep the hackers at bay while we’re surfing the web and ordering our chai lattes over lunch.