Data loss prevention (DLP) has emerged as a foundational strategy for businesses looking to prevent workers from inadvertently (or advertently) sharing sensitive data outside the confines of the company network. At its core, DLP is about solving the “people problem” — humans are often at the center of security lapses, whether it’s through sharing a confidential document with outsiders or pasting database access tokens into a public GitHub repository.
Recent history is littered with high-profile data breaches, leading to all manner of reputational, regulatory, and financial penalties that can be difficult to recover from. And it’s against that backdrop that Virginia-based startup Phalanx is setting out to help, with a lightweight DLP and document-mapping platform that automatically monitors and secures sensitive documents across the likes of Office 365, Google Workspaces, and local machines.
Presenting onstage today as part of the Startup Battlefield at TechCrunch Disrupt, CEO Ian Garrett showcased Phalanx’s technology and laid out the company’s mission at a time when companies might prefer a more “human-friendly” solution to stop their data seeping into the public domain. TechCrunch caught up with Garrett ahead of time for a product demo and to get the lowdown on the scale of the problem as he sees it.
The story so far
Founded in 2021, Arlington-based Techstars alum Phalanx was initially focused on securing AI systems using data, model validation and vulnerability scanning, using work from Garrett’s PhD. However, he says that it was a little ahead of the curve, and companies (and investors) were concerned with more pressing threats.
“When we went out for market validation, what we found across the board was that everyone thought that [what we were doing] was important, and that they would definitely pay for it — but only when enough people were being hit using that attack vector,” Garrett said. “So they were pretty much like ‘thanks, but no thanks.’”
But their work up to that point was not in vain, as they had substantively been concerned with protecting datasets, leading them down a path to help companies protect their unstructured data stored in documents. And so following a late-2021 pivot, the company’s MUZE (Monitoring Unstructured data with Zero trust Encryption) platform was born, enabling companies to easily encrypt and decrypt files’ track file-related behavior, with Phalanx taking care of the underlying process automatically.
“Phalanx specifically focuses on data security, and within that unstructured data — mostly documents and files,” Garrett said. “Unstructured data is especially hard to protect and manage compared to structured data, such as that stored in databases.”
Unstructured data is so difficult to protect because it isn’t easy for organizations to even know that sensitive data exists within emails or documents, let alone who has access to those documents. And this data is easily spread across locations (physical and digital) with little footprint to show for it.
According to data from Gartner, unstructured data constitutes as much as 90% of new data generated in the enterprise, which gives an idea as to the size of the problem businesses face.
Under the hood
Phalanx allows security teams to stipulate how data and documents are stored — for example, automatically encrypting every file on a two-hour basis, or which file types or directories should be protected.
Companies can also set expiration dates on shared files so that users don’t accidentally keep dozens of confidential documents stored on their laptop, and they can control the “who and how” of file downloads.
At an individual level, users can be given control over their encryption and decryption endeavors, with a right-click enabling them to access Phalanx and choose to manually encrypt a file and send it to any third party.
They can choose to allow a file to be accessed just the one time, allow anyone with the link to access the file, require email verification, and more.
There are two broad categories of users who will engage with Phalanx: the security teams in charge of deploying Phalanx and the end user (i.e., employee) who will interact with its features on a daily basis.
On the security team’s side, they have access to Phalanx’s endpoint software, which can be deployed by downloading it from Phalanx’s website, with support for documents stored locally or in the cloud, the latter of which requires a browser extension.
In addition to the endpoint software, Phalanx also serves up a centralized dashboard through the browser where security teams can view and manage everything, including users and cloud connections, and access data analysis. Indeed, the company debuted an all-new version of the dashboard at TC Disrupt today, where it showcased new data-mapping and data inventory smarts that reveal how many files there are, how many are encrypted, and across how many devices.
State of play
Phalanx has entered a space that includes well-resourced incumbents such as Netskope, which hit a $7.5 billion valuation two years ago, and Proofpoint, which private equity giant Thoma Bravo took private in a $12.3 billion deal around the same time. According to Garrett, though, most of the traditional DLP tools out there are geared toward enterprise-size organizations and are substantively rules-based, which means that companies have to predict how each user in the organization will interact with data in their possession using historical patterns.
On top of that, rule and policy-based configuration requires significant technical expertise that even some of the largest organizations struggle with. Phalanx, on the other hand, is designed for same-day deployment.
“Existing DLP is difficult for security teams to deploy and manage, as well as being difficult for end users (e.g., employees) to deal with,” Garrett said. “This impacts productivity and causes human-related security issues. Document visibility is a black box, so security teams try to retrofit legacy DLP to fix the issue.”
In truth, existing DLP solutions adopt various approaches to keeping company data secure. This may involve applying rules and policies to network traffic, for example, or trying to prevent data movement beyond a defined perimeter. This could be something like “don’t let user X from department Y download file Z,” or maybe trying to stop users from moving data from a local environment to a USB stick.
Instead, Phalanx focuses on tethering user identities to files, meaning that the security “follows the file itself,” giving customers analytics based on file access.
For now, SMBs are the core target market for Phalanx, though longer term it has its eyes on the enterprise segment too. That said, Garrett reckons that bigger companies could certainly find use for Phalanx right now, perhaps where a company is already using several DLP platforms and they need a very specific solution for a subdivision where their existing DLP just isn’t providing what they need.
“Our single biggest differentiator is that we are a proactive solution, whereas traditional DLP is reactive,” Garrett said. “It’s corny, but we put the ‘prevention’ in ‘data loss prevention.’ Traditional DLP aims to catch data as it’s leaving its perimeter, while we protect it in place so no matter what happens to it, it will be secure.”