|By Xenia von Wedel||
|April 19, 2014 11:00 AM EDT||
Thanks for taking the time to answer my questions. Please tell us, what is Appthority all about and what do you do?
Guerra: Appthority is an app risk management company with a Software-as-a-Service solution that analyzes mobile apps for hidden behaviors that pose privacy and security risks. Our main customers are large organizations and we provide them with the first all-in-one App Risk Management service to uncover the hidden actions of apps and enable enterprises to create custom policies to prevent unwanted app behaviors. Appthority combines the largest global database of analyzed public and private apps with advanced policy management tools to automate control over risky app actions to protect corporate data on company-issued and BYOD mobile phones as employees bring their own apps to work.
With the shift from desktop computing to mobile spurring the rise of the BYOD, BYOApps, and Mobile First movements, people are mixing personal and corporate data on their mobile devices. This has created enormous security and privacy implications. Since 91% of apps lack encryption and 79% can access corporate data, there is obviously the potential for serious problems. Appthority enables organizations to prevent risky apps from entering the workplace while still enabling the workforce to leverage their mobile devices to their maximum potential.
What's new in terms of products?
Guerra: We just announced several key upgrades to the Appthority Service. We've done a lot of market research and IT and security administrators are really interested in being able to construct highly customizable policies. The upgrades to the Appthority Service improve workflow processes in a number of ways: It provides support for multiple app allowance policies simultaneously - by company department, by geography or even by device type - whether company or employee owned. This includes approving and enforcing custom, acceptable use polices at scale, to supporting the creation and implementation of multiple group and role-based policies. An enforcement workflow (do x for y days, then to z for n days, when a specific risky behavior is detected) is now also available. Finally, we've added additional rules and detection for cloud-based file storage violations, which are a big worry for companies trying to protect their IP.
The biggest challenge we face now in winning over new clients is a lack of awareness of the challenge of protecting and securing organizations and their employees from risky mobile app behavior. Most customers are aware of the malware risks on the Android OS, however, some organizations are not aware that there are many other risks beyond malware from a privacy, security and data management perspective that affect iOS and the Android OS.
Who is your target audience and how do you intend to reach them?
Guerra: Our target audiences are Chief Information and Security Officers of Fortune 500 companies who are building mobile risk management policies, as well as IT Administrators responsible for their organization's Mobile Device Management (MDM).
I'd be curious to hear any general thoughts you have on market trends...
Guerra: According to Gartner, by 2015, the number of employees using mobile applications in the workplace will double. More organizations are adopting a Mobile First strategy, to support employees who are using the mobile device as their primary computer more and more. Employees are, on average, downloading 50-200 apps from the millions of apps in the global app ecosystem onto devices that are connecting to the corporate network. The cost and complexity of manually managing app risk policy functions is enormous, so there is a strong need for technology that can mitigate the risks apps bring into the enterprise.
What is the viral aspect of your product?
Guerra: There are millions of apps in the app ecosystem and even more if you consider that each version of an app is a net-new app. Keeping adequate coverage and analysis of all of the apps out there is a huge task. The Appthority Service integrates directly into the top MDMs, which gives us a huge mobile footprint. As a result, any time an employee anywhere in the world downloads a new app or a new version to an existing app, our system gets immediately notified and processes the app for analysis. The viral effect is that when other employees, even if they work at different companies, download that same app, our system will already have the analysis complete and IT administrators can rest easy knowing that our database with over 2 million apps stays relevant and always up-to-date.
What's the business model? How will you make money?
Guerra: Appthority's solution is delivered as Software-as-a-Service. It is subscription-based in which we charge per device / per month.
Who are your competitors?
Guerra: There are other security companies that focus on mobile risk, however most only focus on malware and thus on Android. Other vendors focus only on app vulnerabilities, (programing mistakes), but these are short-sighted approaches, as most of the enterprise risks in mobile apps are from behaviors the developer incorporated into the app by design. Only Appthority was built from the ground up to focus on iOS and Android and analyze apps for total risk with respect to risky security behaviors and risky privacy behaviors as well as malware.
How do you differentiate from your competitors?
Guerra: The Appthority Mobile App Risk Management Service integrates with MDM technology to automatically identify risky behaviors in mobile apps and grant employees access to the apps they can securely use. We are the only service to automate an otherwise manual process to reduce risk and costs so our customers can leverage mobility and empower a smarter, safer and more productive mobile workforce.
How does your technology differentiate from the competition and can you elaborate on the different technology deployed?
Guerra: Appthority is the first and only product available today that acts as a truly actionable and fully automated app risk management service, including app reputation (risky behavior) analysis and policy management in an entirely integrated platform. Appthority's policy management innovation is the next step in the evolution of App Risk Management - from discovering and analyzing risky app behaviors to automated enforcement capabilities.
With Appthority, IT Administrators responsible for their organization's Mobile Device Management (MDM) program are able to know the risky app behaviors present on employees' managed devices within minutes. They can then create custom policies based on their organization's unique risk profile. Using Appthority's analysis, IT administrators can now also take the next step of creating custom and unique app enforcement and remediation policies for all devices under management. This includes generating blacklists and whitelists that auto-populate based on the behavior of new apps entering the environment.
What business or technology could yours disrupt?
Guerra: Many companies today are following one of three models when it comes to mobile security. A number of companies aren't doing anything - they are still hanging onto their Blackberries, but are doing their homework as iOS and Android phones sneak onto the network. Next are the companies using containers, which are seen as essential by really early adopters and big financial firms, but the productivity and usability impact on users is so dramatic that the longevity of this approach is questionable. Finally, there are companies using Mobile Device Management (MDM) solutions, which while it is undoubtedly here to stay, MDMs can't look into the risky behaviors within an app, which is where all the risks lie.
This is where Appthority comes in. By integrating with MDMs and enterprise app stores, Appthority provides companies with the comprehensive solution needed to protect corporate data while allowing employees the freedom to use their smart phones or tablets for work.
Who founded the company, when? What can you tell me about the story of the company's founding?
Guerra: My cofounders Kevin Watkins, Anthony Bettini, and I founded the company in early 2011 to create a safer enterprise mobile environment. Our founding team saw IT's frustration in dealing with CoIT (Consumerization of IT) and the BYOD (Bring Your Own Device) movement, where organizations struggled with the loss of control, visibility and security coverage of some of their most valuable data. Through early interaction with enterprise customers, eager to find a solution to their mobile IT woes, Appthority stepped up to the challenge and envisioned a world where IT could embrace, rather than fear, mobile devices and the many advantages of a mobile workforce. And just like that, Mobile App Risk Management was born. After nearly a year of stealth-mode development, we launched The Appthority Platform at the 2012 RSA Conference Innovation Sandbox where Appthority was named "The Most Innovative Company of RSA Conference 2012."
What is your distribution model? Where to buy your product?
Guerra: Our distribution model is diverse, from direct via our sales organization to VARs, to system integrators to carriers. Our product is available worldwide and available in seven languages, though our focus is on Fortune 500 companies in the U.S. that have deployed an EMM / MDM solution.
What's next on your product roadmap?
Guerra: We will continue to add more customizable features to the Appthority Portal as customers become more sophisticated with their mobile risk management processes. We are seeing a lot of growth from early adopters making their way to other enterprise accounts and it's exciting to offer customization and automation that fits customers' diverse mobile app security needs.
What else would you like to add?
Guerra: As we see apps power the Internet of Things, there are now apps in cars, televisions and refrigerators. Just like with mobile devices, apps are empowering other economies that will thrive and create opportunity for developers as well. However, it is important to learn from the mobile app security issues we've seen to-date and start early with embedded apps as the Internet of Things booms.
Partnerships, collaborations or affiliations: Our most critical technology partners are AirWatch, Apperian, and MobileIron. For the consumer market, we are partnered with carriers like Swisscom.
Federal or state grants, contracts or awards received: Appthority is a current finalist for four industry awards: Global Mobile Awards 2014 Finalist for Best Enterprise Mobile Service; SC Magazine Awards 2014 Finalist for Rookie Security Company of the Year; 2013 SINET 16 Innovator; Tech Trailblazers Finalist 2014 - Mobile.
Market size being pursued: By 2015: Enterprise mobile app development is an $8B/year market and the enterprise mobile device management market (includes MDM, EMM, MAM, Containers, etc.) is a $9B/year market. Appthority plays in both markets.
Is the company profitable? As a privately held company, Appthority does not release revenue information.
Appthority's App Risk Management service automates discovering the hidden behaviors of millions of apps and allowing the apps that employees can securely use. Only Appthority combines the largest global database of millions of analyzed public and enterprise apps with a policy management engine to speed app review and approval and enforce custom, acceptable use polices for thousands of employees within minutes. With unprecedented visibility and control over risky app behaviors, Appthority enables companies to leverage mobility and empower a smarter, safer, mobile workforce. Headquartered in San Francisco, Appthority is venture-backed by U.S. Venture Partners (USVP) and Venrock. More information on Appthority can be found at https://www.appthority.com.
All product and company names herein may be trademarks of their registered owners.
Even though you are running an agile development process, that doesn’t necessarily mean that your performance testing is being conducted in a truly agile way. Saving performance testing for a “final sprint” before release still treats it like a waterfall development step, with all the cost and risk that comes with that. In this post, we will show you how to make load testing happen early and often by putting SLAs on the agile task board.
Sep. 5, 2015 07:00 AM EDT
SYS-CON Events announced today the Containers & Microservices Bootcamp, being held November 3-4, 2015, in conjunction with 17th Cloud Expo, @ThingsExpo, and @DevOpsSummit at the Santa Clara Convention Center in Santa Clara, CA. This is your chance to get started with the latest technology in the industry. Combined with real-world scenarios and use cases, the Containers and Microservices Bootcamp, led by Janakiram MSV, a Microsoft Regional Director, will include presentations as well as hands-on...
Sep. 5, 2015 07:00 AM EDT Reads: 443
WebRTC has had a real tough three or four years, and so have those working with it. Only a few short years ago, the development world were excited about WebRTC and proclaiming how awesome it was. You might have played with the technology a couple of years ago, only to find the extra infrastructure requirements were painful to implement and poorly documented. This probably left a bitter taste in your mouth, especially when things went wrong.
Sep. 5, 2015 07:00 AM EDT Reads: 516
Manufacturing connected IoT versions of traditional products requires more than multiple deep technology skills. It also requires a shift in mindset, to realize that connected, sensor-enabled “things” act more like services than what we usually think of as products. In his session at @ThingsExpo, David Friedman, CEO and co-founder of Ayla Networks, will discuss how when sensors start generating detailed real-world data about products and how they’re being used, smart manufacturers can use the ...
Sep. 5, 2015 07:00 AM EDT Reads: 118
It’s been proven time and time again that in tech, diversity drives greater innovation, better team productivity and greater profits and market share. So what can we do in our DevOps teams to embrace diversity and help transform the culture of development and operations into a true “DevOps” team? In her session at DevOps Summit, Stefana Muller, Director, Product Management – Continuous Delivery at CA Technologies, answered that question citing examples, showing how to create opportunities for ...
Sep. 5, 2015 06:45 AM EDT Reads: 550
The 17th International Cloud Expo has announced that its Call for Papers is open. 17th International Cloud Expo, to be held November 3-5, 2015, at the Santa Clara Convention Center in Santa Clara, CA, brings together Cloud Computing, APM, APIs, Microservices, Security, Big Data, Internet of Things, DevOps and WebRTC to one location. With cloud computing driving a higher percentage of enterprise IT budgets every year, it becomes increasingly important to plant your flag in this fast-expanding bu...
Sep. 5, 2015 06:30 AM EDT Reads: 1,726
The Internet of Things is in the early stages of mainstream deployment but it promises to unlock value and rapidly transform how organizations manage, operationalize, and monetize their assets. IoT is a complex structure of hardware, sensors, applications, analytics and devices that need to be able to communicate geographically and across all functions. Once the data is collected from numerous endpoints, the challenge then becomes converting it into actionable insight.
Sep. 5, 2015 06:00 AM EDT Reads: 147
With the Apple Watch making its way onto wrists all over the world, it’s only a matter of time before it becomes a staple in the workplace. In fact, Forrester reported that 68 percent of technology and business decision-makers characterize wearables as a top priority for 2015. Recognizing their business value early on, FinancialForce.com was the first to bring ERP to wearables, helping streamline communication across front and back office functions. In his session at @ThingsExpo, Kevin Roberts...
Sep. 5, 2015 06:00 AM EDT Reads: 143
Contrary to mainstream media attention, the multiple possibilities of how consumer IoT will transform our everyday lives aren’t the only angle of this headline-gaining trend. There’s a huge opportunity for “industrial IoT” and “Smart Cities” to impact the world in the same capacity – especially during critical situations. For example, a community water dam that needs to release water can leverage embedded critical communications logic to alert the appropriate individuals, on the right device, as...
Sep. 5, 2015 05:15 AM EDT Reads: 146
In his session at @ThingsExpo, Lee Williams, a producer of the first smartphones and tablets, will talk about how he is now applying his experience in mobile technology to the design and development of the next generation of Environmental and Sustainability Services at ETwater. He will explain how M2M controllers work through wirelessly connected remote controls; and specifically delve into a retrofit option that reverse-engineers control codes of existing conventional controller systems so the...
Sep. 5, 2015 05:00 AM EDT Reads: 297
ElasticBox, the agile application delivery manager, announced freely available public boxes for the DevOps community. ElasticBox works with enterprises to help them deploy any application to any cloud. Public boxes are curated reference boxes that represent some of the most popular applications and tools for orchestrating deployments at scale. Boxes are an adaptive way to represent reusable infrastructure as components of code. Boxes contain scripts, variables, and metadata to automate proces...
Sep. 5, 2015 04:30 AM EDT Reads: 156
To assist customers with legacy Windows Server 2003 that is no longer supported by Microsoft, Racemi has introduced fixed price packages for upgrading and migrating Windows Server 2003 servers to either Windows 2008 R2 or Windows 2012 R2 and the choice of Amazon Web Services (AWS) or SoftLayer cloud. "We're extending a lifeline by upgrading the legacy servers to more modern Windows Server platforms while taking advantage of cloud computing," said James Strayer, vice president of product managem...
Sep. 5, 2015 03:30 AM EDT Reads: 120
To support developers and operations professionals in their push to implement DevOps principles for their infrastructure environments, ProfitBricks, a provider of cloud infrastructure, is adding support for DevOps tools Ansible and Chef. Ansible is a platform for configuring and managing data center infrastructure that combines multi-node software deployment, ad hoc task execution, and configuration management, and is used by DevOps professionals as they use its playbooks functionality to autom...
Sep. 5, 2015 03:00 AM EDT Reads: 158
Skeuomorphism usually means retaining existing design cues in something new that doesn’t actually need them. However, the concept of skeuomorphism can be thought of as relating more broadly to applying existing patterns to new technologies that, in fact, cry out for new approaches. In his session at DevOps Summit, Gordon Haff, Senior Cloud Strategy Marketing and Evangelism Manager at Red Hat, discussed why containers should be paired with new architectural practices such as microservices rathe...
Sep. 5, 2015 02:00 AM EDT Reads: 467
SYS-CON Events announced today that HPM Networks will exhibit at the 17th International Cloud Expo®, which will take place on November 3–5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. For 20 years, HPM Networks has been integrating technology solutions that solve complex business challenges. HPM Networks has designed solutions for both SMB and enterprise customers throughout the San Francisco Bay Area.
Sep. 5, 2015 01:30 AM EDT Reads: 1,007