While there is no shortage of startups addressing cloud security, most of them focus on securing cloud infrastructure, said Nat Kausik, founder and CEO of Bitglass. In contrast, his Campbell, Calif.-based company provides a secure proxy for data traveling between corporate networks and popular software-as-a-service (SaaS) applications like Salesforce.

"The bulk of enterprises do not rent space on Amazon's cloud, but they do use SaaS," said Kausik, explaining his decision to focus on what he sees as a much larger market.  While providers like Salesforce secure their own infrastructures, "once the data leaves Salesforce, it is your problem and not theirs," he said.

Bitglass' security-as-a-service protects data at several key points: while it is in the cloud, upon access and on mobile devices. Employees at companies using Bitglass are automatically redirected to Bitglass when they access Salesforce, Office 365 or other SaaS apps. They are then authenticated via existing identity management infrastructure. Bitglass employs SAML, as well as Active Directory synchronization, for a single sign-on into cloud apps.

Companies can create rules and security policies based on criteria including application, group, device type and geographic location. In addition, Bitglass provides an audit log of every transaction and looks for suspicious activity such as a single user logging in simultaneously from two locations. Companies can also choose to block some data, for instance concealing Social Security numbers in spreadsheets.

"We watermark every piece of data that comes through so it can be tracked," Kausik said. "This is not a hindrance to users, but they are being watched."

Kausik said his company's solutions are especially popular with customers in vertical industries that must comply with strict regulatory requirements and/or share sensitive intellectual property. For instance, he said, many health care providers were violating HIPAA because of security limitations associated with mobile device management (MDM) products. 

"Every medical professional wants email on their mobile device but prior to us the only solution for mobile security was MDM," he said. "Most doctors belong to more than one health care institution, so whose MDM would they install?"

Room to Grow

Founded just last year with four employees, Bitglass now has a staff of 40. It raised $25 million in a Series B round of funding in August, bringing its total funding to $35 million. Kausik said Bitglass was in no hurry to spend the capital and would probably allot much of it for product development.

Kausik previously led two security startups: Fineground Networks, which Cisco purchased in 2005, and Arcot, which CA Technologies bought in 2010. While he would not rule out selling Bitglass at some point, Kausik said he ultimately expects to take the company public.

BitglasslogoProviders of traditional security software do not have a SaaS while those that take an appliance-based approach to security "think of software as something you give away for free," Kausik said, meaning there is ample room in the market for security-as-a-service providers like Bitglass.

He predicts an adoption curve similar to the one that occurred with SaaS apps like Salesforce. Though Salesforce faced initial resistance and was pigeonholed as primarily a solution for smaller companies, their solutions proved so popular with users that Salesforce began taking market share from on-premise software providers like Oracle, SAP and Microsoft, all of which now have cloud solutions of their own.

Quick Facts about Bitglass

Founded: 2013

Founder: Nat Kausik

HQ: Campbell, Calif.

Product Category: Cloud security

Employees: 40

Funding: $35 million, with investors including Norwest Venture Partners, New Enterprise Associates and SingTel innov8.

Ann All is the editor of Enterprise Apps Today and eSecurity Planet. She has covered business and technology for more than a decade, writing about everything from business intelligence to virtualization.

Images provided courtesy of Shutterstock