Provilla plugs enterprise data leaks

Data leaks were a big problem even before DuPont employee Gary Min made off with thousands of proprietary documents from his longtime employer, and before hackers infiltrated the network of TJX Co. and began siphoning out customer financial information. Those two events, however, have helped to put corporate data leaks on the front pages, and made the technology of startups like Provilla gotta-have products.

Founded in early 2005, Mountain View, Calif.-based Provilla introduced its first products in Jan. 2007. The company is hoping to cash in on the rising tide of data security concerns driven by the proliferation of laptops, PDAs, and smartphones within enterprise organizations.

LeakProof, the company's product, is a data-leak protection tool that helps customers identify and track the flow of sensitive information to prevent accidents, misuse, or attacks.

LeakProof targets data leaks in everything from e-mail to USB drives, to laptop and handheld devices. Provilla's "secret sauce" is its endpoint-based software agent, and the product's ability to match various types of data with company security and compliance policies in near instantaneous fashion, according Antonio J. Espinosa, the company's chief executive.

"We've been looking at ways to get into the space of information management for two years and saw DLP as the first big opportunity; there is so much innovation taking place with data being transferred between so many mobile devices," Espinosa says.

Today's the company's products cover a wide array of networking gear and PCs, with plans to add smartphone leak protection applications in the coming years.

Thus far the startup employs roughly 20 workers, has landed ten direct customers, and signed on several much larger OEM partners.

In March, the company announced a deal to provide its software to customers of systems management firm BigFix. In April, the company announced a similar deal to source its software to Reconnex, a network security provider.

Espinosa sees the market for DLP addressing enterprises’ need for devices that make fast decisions about whether to block data transfers, rather than using the more network-based information protection applications and devices marketed by Provilla's numerous DLP rivals.

The arrival of smartphones and other multifunction handheld devices in enterprises will accentuate that trend, Espinosa says.

"DLP is all about considering how information gets leaked and enforcing policies at the endpoint, and this trend will only be heightened by the growing array of handheld devices that workers will carry in the future," Espinosa says. "If you understand the fabric of how information flows, there's a lot of analysis that you can do to help business understand how they need to react to the ways that people are using their information."