The move to the cloud, accelerated by the pandemic, continues unabated. By 2025 Gartner estimates that more than 95% of new digital workloads will be deployed on cloud-native platforms, up from 30% in 2021. Part of the motivation is convenience: cloud platforms are accessible everywhere, ideal for remote or hybrid workers. But it’s not all sunshine and rainbows. The cloud also increases exposure to the threat of data breaches.
There is real fear. According to according to a recent Statista survey, data loss and leakage in the public cloud are among the top concerns of companies when it comes to their tech stack. Meanwhile, no less than 93% of organizations Worried about human error causing the inadvertent exposure of their public cloud data.
One of the startups trying to address cloud security challenges is Sentra, which finds data in the cloud, classifies it based on sensitivity and then offers remediation plans for data security teams. Underlining its enthusiasm for cloud security, Sentra today closed a $30 million Series A round led by Standard Investments with participation from Munich Re Ventures, Moore Strategic Ventures, Xerox Ventures, INT3, Bessemer Venture Partners and Zeev Ventures — bringing the total amount to $53 million.
CEO and co-founder Yoav Regev says the new money will be spent on product development and expanding Sentra’s footprint outside of the US, where it is headquartered.
“The promises of flexibility make the cloud one of the most amazing technological advances in recent history. However, this flexibility means that organizations can easily lose control and visibility of their most sensitive information,” Regev told australiabusinessblog.com in an email interview. “Our solution solves this problem by ensuring organizations prioritize protecting this sensitive information while keeping pace with business demand and the speed of data in the cloud.”
After connecting to an organization’s cloud environments, Sentra’s software attempts to find all sensitive data, including personally identifiable information and passwords, and understand who has access to it and how it is used. Using algorithms and contextual data such as access patterns and metadata, Sentra automatically detects when data is duplicated, changed or moved between regions or networks and initiates remedial action if necessary.
Security teams get data access charts that show who has access to what data and exactly how that access was granted.
By default, Sentra also attempts to label data assets that contain proprietary data, including customer data, HR data, and intellectual property. When Sentra detects assets with weak security status (e.g. misconfigurations and compliance violations), Sentra can optionally send alerts or apply built-in data security policies.
“If an organization doesn’t know where its sensitive data is kept and how well that data is protected, it can be easy to envision a scenario where the system is compromised. As a result, they try to protect all data, without paying attention to the level of importance,” said Regev. “In short, not every data breach has to be a showstopper for the business. Knowing and protecting your most sensitive data at all times ensures business continuity in the event of a breach.”
Sentra – co-founded by Regev, Asaf Kochan, Ron Reiter and Yair Cohen, all former members of the Israel Defense Forces elite intelligence unit – primarily targets cloud-native, medium to large organizations with a large amount of data ranging from in the several petabytes. Regev didn’t say how many clients the company currently has, nor any figures on volunteer income. But he said Sentra plans to expand its 40-person workforce by “a few dozen” by the end of the year, indicating some optimism about growth.
Sentra’s challenge will be to compete with startups offering a similar range of services. Securiti, like Sentra, provides a layer of data protection when the data is alive, including governance and access controls. There’s also Dig, which recently raised $37 million for its platform that reviews cloud data and then provides real-time monitoring, and Laminar, which checks for cloud data breaches and tries to fix them.
But Regev isn’t worried. At least not at the moment.
“Since our inception, we have prioritized operational efficiency and have remained focused on growth in a sound, methodical manner that enables us to meet the needs of current customers, as well as our prospects,” said Regev. “Meanwhile, the accelerating shift from data centers to the cloud means that solutions like ours will continue to be in high demand, even in the face of an economic downturn or technology slowdown. Even in times like these, protecting organizational data remains a top priority for business leaders and their customers.”