Feeds

HyTrust trousers $13m from VMware and CIA sugar daddy In-Q-Tel

Snowden breach 'a huge wakeup call' for virty security

Next gen security for virtualised datacentres

Business is booming at HyTrust, a maker of policy management and access control software for VMware virtual infrastructure, and whistleblower system admin Edward Snowden, who revealed the National Security Agency's web-spying PRISM project, is doing his inadvertent part to pump it up even further.

"The Snowden breach at the NSA has been a huge wakeup call," Eric Chiu, founder and president of HyTrust, tells El Reg. "Admins have always had access to resources, but in a virtual environment, it is even worse. Admins of virtual infrastructure can copy whole virtual machines. And now customers are shifting from an outside-in security environment to an inside-out model. You have to assume that somebody bad is already in your environment and figure out what you can do to monitor them."

HyTrust has been saying that IT shops should adopt a second approval rule for a lot of things that go on inside the data center for the past year, and the Snowden episode just makes this necessity all that more clear (at least, from the point of view of companies and governments).

The HyTrust virtual compliance appliance, which runs inside of an ESXi virtual machine and can monitor all changes to the hypervisor, its virtual machines, and their software stacks, hooks into LDAP or Active Directory for authentication and supports two-factor authentication with SecurID or smart cards. The HyTrust appliance becomes the "system of record" that snoops on all attempted changes in the virtual infrastructure, as well as approving changes that meet policies.

Funded and ready to expand

At the moment, the HyTrust appliance is restricted to VMware's ESXi hypervisor and its vCenter management console, but Chiu says thanks to $13m that the company just raised in Series C financing, HyTrust can expand out beyond the VMware stack to other hypervisors and cloud controllers used inside corporate and government data centers, as well as the same or similar software layers used on public clouds.

Chiu is not being specific about what other hypervisors or public clouds HyTrust will support next, but he says the company will be able to lock down at least one or two additional platforms this year, with others to follow.

It is ironic that VMware would help fund such moves. But by kicking in some dough, VMware not only keeps HyTrust engaged with its vSphere and vCloud stacks, but also gets insight into the company's future plans and has an inside track on a potential future acquisition.

In-Q-Tel, the venture capital arm of the US Central Intelligence Agency, was also one of the big investors in this third round. Epic Ventures and Trident Capital (which did the company's $5.5m first round) and Cisco Systems and Granite Ventures (which participated in the $10.5m second round) also kicked in dough during the third round.

The In-Q-Tel investment, says Chiu, will help HyTrust enhance its product in ways that help the intelligence community and also benefit both government and corporate customers. At the moment, HyTrust has close to a hundred customers, says Chiu – mostly Fortune 1000–class firms and large governments. He estimates that it has "in the millions of virtual machines under protection at this point."

Chiu says that revenues at HyTrust are expected to triple or quadruple this year, and one of the drivers is that companies want to move from maybe having 50 to 60 per cent of their workloads virtualized to something closer to 80 to 90 per cent. "What is really standing in the way is security for mission-critical workloads and their data," says Chiu, and of course, HyTrust thinks it has just the thing to solve that problem.

The third round of financing is usually a bit early to go public, but it is probably not too early for someone like VMware or Microsoft or Red Hat to swoop in and acquire a company like HyTrust. And that could happen. Chiu says he is working on scaling the HyTrust business right now and might entertain the idea of going public a few years down the road. ®

5 things you didn’t know about cloud backup

More from The Register

next story
The Return of BSOD: Does ANYONE trust Microsoft patches?
Sysadmins, you're either fighting fires or seen as incompetents now
Oracle reveals 32-core, 10 BEEELLION-transistor SPARC M7
New chip scales to 1024 cores, 8192 threads 64 TB RAM, at speeds over 3.6GHz
Microsoft: Azure isn't ready for biz-critical apps … yet
Microsoft will move its own IT to the cloud to avoid $200m server bill
Docker kicks KVM's butt in IBM tests
Big Blue finds containers are speedy, but may not have much room to improve
US regulators OK sale of IBM's x86 server biz to Lenovo
Now all that remains is for gov't offices to ban the boxes
Gartner's Special Report: Should you believe the hype?
Enough hot air to carry a balloon to the Moon
Flash could be CHEAPER than SAS DISK? Come off it, NetApp
Stats analysis reckons we'll hit that point in just three years
Dell The Man shrieks: 'We've got a Bitcoin order, we've got a Bitcoin order'
$50k of PowerEdge servers? That'll be 85 coins in digi-dosh
prev story

Whitepapers

Endpoint data privacy in the cloud is easier than you think
Innovations in encryption and storage resolve issues of data privacy and key requirements for companies to look for in a solution.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Top 8 considerations to enable and simplify mobility
In this whitepaper learn how to successfully add mobile capabilities simply and cost effectively.
Solving today's distributed Big Data backup challenges
Enable IT efficiency and allow a firm to access and reuse corporate information for competitive advantage, ultimately changing business outcomes.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.