Digital Guardian

History

The company was founded in 2003 under the name Verdasys. From the start, its flagship product was Digital Guardian, a data-centric security platform monitoring and encrypting all proprietary or sensitive information passing through a desktop, laptop, or enterprise server.

In 2008, Verdasys launched SiteTrust, an encryption software service for banks, brokerages, and other big companies that served customers over the Internet and were legally liable for losses from online fraud. Its client-side software package turned on whenever the user visited a website protected by the SiteTrust service and spawned a new instance of the user’s Web browser, shutting out malware and creating a secure space around all communications with the protected site.

An agreement between Verdasys and Fidelis Security Systems (now Fidelis Cybersecurity) in 2010 enabled customers to acquire and implement an integrated solution consisting of Fidelis XPS network appliances and Digital Guardian enterprise information protection in a single offering from Verdasys.

In early 2012, Verdasys expanded its data leak prevention portfolio to the cloud to help enterprises protect their data stored on its networks and reduce costs. When one of its customers, a large insurance company, requested Verdasys to take over the job of monitoring and protecting the data, Verdasys introduced two new offerings: Managed Service for Information Protection (MSIP) and Information Protection as a Service (IPaaS), offering data protection as a managed service. The Digital Guardian platform completed EAL2+ evaluation under the Communications Security Establishment's Common Criteria Evaluation and Certification Scheme in December 2012.

Verdasys introduced a data connector in 2013 that contained malware threats detected by FireEye's platform. Before Verdasys' connector, the malware had to be handled manually. In December, Gartner's Magic Quadrant placed Digital Guardian among the five leaders of the global data loss prevention market.

Ken Levine, previously a McAfee executive, joined the company as CEO in 2014 and focused on simplifying its product. In March, Verdasys raised $12 million in a venture funding, bringing the company's total raised capital to $69 million. The funding round was led by existing investors GE Pension Trust and Fairhaven Capital, with a new, individual investment from Brookline Venture Partners.

2014 was also a year of several major partnerships and acquisitions. In March, Identity Finder LLC partnered with Verdasys, bringing its Sensitive Data Manager, capable of automatically finding, classifying and securing sensitive information. In August, Verdasys changed its name to Digital Guardian and increased its staff to 150. At the time, its security software had been installed on about two million servers, laptops or other devices.

In October, the company acquired Armor5, a provider of cloud control solutions focusing specifically on preventing employees who bring their own mobile device to work from copying and removing company files or data.

In May 2015, the company acquired Savant Protection, enabling IT organizations to deploy a unique agent for whitelisting the applications that can be used on any particular endpoint. When Blue Coat Systems launched the Alliance Ecosystem of Endpoint Detection and Response in July 2015, Digital Guardian was among the alliance-founding members. The ecosystem allows sharing of actionable intelligence gathered from endpoint security solutions. Also in July, IT consulting firm Atos and Digital Guardian partnered up to deliver Atos’ cloud-based data loss prevention service.

In October, the company bought Code Green Networks, based in Silicon Valley, which contributed its True DLP gear. The acquisition of Code Green Networks provided Digital Guardian with network, discovery, and cloud data loss prevention.

The company added 100 customers in 2015, bringing the total count to nearly 500, including General Electric and DuPont. At the end of the year, Digital Guardian announced $66 million in new funding, the firm’s largest round since it was founded. Returning investors in the round were GE Pension Trust (advised by GE Asset Management), Fairhaven Capital Partners, Loring Wolcott & Coolidge, Special Situation Funds and Brookline Venture Partners. New investors were LLR Partners, Mass Mutual Ventures (the corporate venture capital arm of Massachusetts Mutual Life Insurance Company) and the venture unit of Siemens Financial Services. The company raised $135 million since its founding.

In January 2016, Gartner's Magic Quadrant for Enterprise Data Loss Prevention placed Digital Guardian among the four leaders of the global data loss prevention market for the fourth consecutive time. BostInno included Digital Guardian among 16 Boston tech firms to watch in 2016. The company was placed 148th on the list of top 500 cybersecurity firms in the world, released by Cybersecurity Ventures in 2015.

Products and services

A data loss prevention software platform, Digital Guardian integrates content, context and location awareness along with encryption and data level controls to reduce the risk of information loss or misuse, and purposeful data theft. Its host-based security technology empowers organizations to monitor, control, audit and prevent data from wrongful disclosure or malicious theft, while automatically enforcing data security policies and procedures. This scalable platform provides multiple, independent layers of protection to enable secure data sharing across physical, virtual, mobile and cloud environments.

The architecture of the platform has three parts:

Digital Guardian allows businesses to host and manage on premise or choose managed security programs. When deployed as a managed service, Digital Guardian does not collect the actual data itself. Rather, it aggregates the metadata about the files and documents and watches for patterns of activity. Metadata is encrypted, hashed and digitally signed before being transferred to Digital Guardian's hosting facilities via FIPS 140-2 certified messaging protocol. Digital Guardian then provides updated analytics, alerts and reports. Administrators can continuously monitor data, application and system access and usage, whether end users are online, offline or in virtual environments. Organizations can apply specific risk-based policy controls to adhere to data governance and compliance rules.

For example, the health service organization Cigna uses Digital Guardian software to monitor all ports and encrypt data transfers. When employees try to transfer files to a USB flash drive, they are prompted to type in the reasons for the transfer. The data they actually transferred is compared to those reasons.

Digital Guardian also provides support for the ShareFile file sharing and storage systems, extending data loss prevention capabilities to organizations that support virtual desktops.