Security startups Egress and SafeMashups make their debut

Two startups, Egress Software Technologies and SafeMashups, each make their debut today with security products that have a crypto-tech edge to make data flowing across the Internet safer.

Egress , a London-based firm with U.S.-based headquarters in Chicago, introduced Switch, client encryption software and a service that lets users encrypt sensitive information in a file to be sent or on media that includes CDs and USB sticks. The recipient of this encrypted data must also be using the Windows-based Switch client software to decrypt it.

[ Frustrated by your PC support? You're not alone. Get answers from Christina Tynan-Wood in InfoWorld's Gripe Line blog and newsletter. ]

Although encryption software is hardly new, Egress believes its special touch is the cloud-based service for it which lets senders exert policy control over the encrypted data, removing the right that recipients were once given to decrypt.

"When the information owner creates an encrypted file, a signal is sent up to the cloud service that says there's now an encrypted file with a list of intended recipients," says Bob Egner, the U.S. president of Egress. But if the sender no longer wants the recipient to be able to decrypt encrypted data, that permission can be removed via the cloud service.

The first version of Switch is out now, and priced at $9.49 per month for individual users while annual subscriptions for business begin at $34 per year.

Also up at bat today is startup SafeMashups, a firm founded by Ravi Ganesan, its CEO, with backing from the University of Texas at San Antonio's technology incubator program housed at its Institute for Cyber Security.

Ganesan, a cryptography expert academically associated with the university, explains that SafeMashups is essentially a protocol for providing a level of trust in code, such as that written in Ajax, when different code from varying sources is combined on the fly over the Web in "mashups."

"The MashSSL is a protocol for a Web application to talk to another Web application through a browser," says Ganesan.

Using MashSSL in application code -- SafeMashups is making a free Web toolkit available online today with demos showing how it would work -- a far higher level of trust in combining code from various sources in Web mashups could be achieved, he says.

The parallel, Ganesan says, is how SSL years ago made transmission of credit-cards across the Internet more secure. "There's a pent-up demand for this in mashups," says Ganesan.

But he also acknowledges that the MashSSL trust-assurance process won't work until it's supported by digital-certificate providers.

While wide support from certificate providers is not yet publicly announced, VeriSign is one certificate vendor with certificates that will support MashSSL, Ganesan says. And at this point, Safemashups envisions a business model based on application developers licensing its technology for commercial use.

Network World is an InfoWorld affiliate