Startup Spotlight: FortyCloud's Multi-layered Cloud Security


Is Tel Aviv giving Silicon Valley a run for its money as a development ground for tech startups? It would appear so. In the past year, IBM purchased Israeli security specialist Trusteer and Google snagged navigational software provider Waze.

As venture capitalist Andrew Yoav wrote on Re/code, the country's Israel Defense Forces "arguably provides the world's best education for tech engineers and entrepreneurs," with IDF graduates less hampered by education debt than many of their American counterparts and thus more willing to take financial risks.

Whether or not an acquisition is a part of their exit strategy, establishing a U.S. office is a key step for Israeli startups looking to attract American customers. One of the latest companies to do so is cloud security company FortyCloud, which CEO Amit Cohen said focuses on helping companies secure data in the public cloud.

FortyCloudLogoFounded in late 2011 by Cohen, CTO Amir Naftali and Chief Architect Noam Singer, all of whom worked for large corporations, the company set up an office in the Boston area shortly after receiving an unspecified amount of seed funding from Israeli venture capital firm Magma Venture Partners in 2013.

Public Cloud Focus

FortyCloud has assembled the components necessary for securing data in the public cloud, including firewall, encryption and access control technologies, and combined them into a single solution, which is now generally available after a year in beta.

"Everything is already integrated. Companies can work with the solution regardless of their expertise," Cohen explained. "It's networking, security and automation -- together and delivered as a service."

The software "can be overlaid on any infrastructure," he added, including those comprised of multiple internal and external data centers. It works on seven different public clouds, including Amazon AWS, Rackspace and Google.

FortyCloud focuses on the public cloud because "for many companies, private cloud is not flexible enough and is too expensive," Cohen said. "We deliver private cloud levels of security over public cloud infrastructure, and at a public cloud price point."

The company targets two key customers, Cohen said: small companies with few if any in-house IT security resources that want a packaged solution; and bigger companies with IT security staffs that are challenged by cloud deployments "so large and dynamic that they cannot do security manually."

The latter group "need[s] a solution to interconnect all their deployments on different infrastructures," he said. "They need to comply with regulations like HIPAA, and no cloud provider offers a full suite of compliance infrastructure. The alternative is a private cloud or an on-site network."

Cohen said FortyCloud's earliest customers include companies in regulation-intensive industries like financial services and health care, companies with dispersed data centers in multiple geographies, and advertising and analytics companies, both of which are heavy users of Amazon's AWS cloud.

While many companies currently use a single cloud provider that may have multiple data centers in different geographies, a growing trend as the cloud industry matures is for companies to contract with multiple cloud providers and create "complex, multi-infrastructure deployments," Cohen said. "There were not many alternatives to Amazon at first, but now you have IBM SoftLayer, Google and others."

Regardless of the underlying infrastructure, FortyCloud "abstracts the security layer," he said.

Cloud Security Market

It's a good time to be a cloud security provider, he said. "Cloud security is such a hot topic that no VC will turn you down for a meeting."

From an adoption perspective, Cohen believes most companies using public cloud today are newer companies that are accustomed to consuming services "so it's natural to consume security as a service." At the same time, larger enterprises are beginning to move to the public cloud – albeit at a slow pace.

"We think the timing is right. There is a big volume of new companies we can serve, and we are maturing as the big guys start to move," he said.

Quick Facts about FortyCloud

Founded: late 2011

Co-founders: Amit Cohen, Amir Naftali and Noam Singer

Offices: Israel and, in the U.S., the Boston area

Funding: Seed round from Israeli VC firm Magma Venture Partners

Product Category: Cloud security

Employees: 15

Customers: About 30

Ann All is the editor of Enterprise Apps Today and eSecurity Planet. She has covered business and technology for more than a decade, writing about everything from business intelligence to virtualization.