Recently, stolen Microsoft Office365 credentials compromised the classified information of a large federal entity. The perpetrators scoped out this federal agency for some time before the intrusion, as reported by investigators performing the forensics. While ‘Einstein,’ the Department of Homeland Security’s intrusion detection system that proactively monitors federal and civilian networks, failed to detect the anomaly, the malware used could exfiltrate the data, and CISA (Cybersecurity and Infrastructure Security Agency) is investigating the loss impact.
In the new-normal age, the number of hacks in the United States has increased more than 700% since March of 2020 and exceeds a million attacks just on the remote desktop protocol daily. On the one hand, the enterprises have done a fabulous job of extending access to many employees now working-from-home. On the other hand, these employees are vulnerable and easily victimized – thereby severely impacting the enterprises and potentially compromising the customers and the ecosystem partners.
The ransomware attacks target phishing campaigns on governments, healthcare, financial and industrial companies. To make matters worse, state actors like China (PRC) target hi-tech and COVID-19 research entities. At a Gartner’s Security & Risk Management Summit, held in September 2020, Bran Reed, a senior Gartner analyst, said, “Securing your mobile workforce has now become the single greatest existential imperative.” Bank Info Security implored their readers by titling their report on the topic as,” “Drop Everything and Secure Remote Workforce, Gartner Warns.”
i2Chain is an information security startup based in San Francisco’s Silicon Valley that focuses on securing this digital workspace everywhere. As the name suggests, i2Chain delivers a secure technology stack designed to simplify and secure the enterprise’s two most valuable assets – identity and information.
Ajay Jotwani, Co-founder & CEO of i2Chain, says, “The Pandemic has underscored the vulnerabilities across the spectrum. While most enterprises need a secure way to execute their processes digitally, the smarter entities place their bets on privacy as an added key ingredient for business continuity. ‘Security’ delivers performance, and ‘Privacy’ delivers trust across the ecosystem of networks and domains.”
i2Chain, launched in May 2018, promised to deliver secure and privacy-compliant clouds, folders, and files containing sensitive information either on-prem or on the endpoints. Mr. Jotwani adds, “The i2Chain team is helping highly-regulated enterprises attain their goals of security and privacy in a way that ensures the ‘Chained’ information is not compromised even if the endpoints or networks, or data centers are compromised.”
One of the many cybersecurity challenges is the segregation of securing technology silos – network security, database security, data center security, endpoint security, and others. i2Chain’s mission is to cut through the complexity and secure the information payload, the files, and folders containing sensitive and classified information. i2Chain’s security, once super glued to the information artifact, makes the document secure, hack-proof, phishing-proof even as that information artifact resides in any content store within or outside the enterprise.
Tech Mahindra, a US $5B technology services integrator, leads the initiatives on 5G’s design, deployments, and management. Rajesh Dhuddu, VP & Practice Leader – Blockchain & Cybersecurity, says, “5G’s promise of performance and capacity is a must-have for this new-normal era. Tech Mahindra has integrated its scalable network services with easy to deploy zero-trust information security capability of i2Chain. Together, with i2Chain’s platform, Tech Mahindra is poised to deliver out-of-the-box secure & privacy-compliant business continuity services for remote-workforces.”
Darren Sandford, Advisor to i2Chain, adds, “To simplify and maintain secured, trusted, and private communication between systems and individuals across a constantly evolving network and service infrastructure, IT and Security professionals can utilize cloud transaction and communication platforms, such as i2Chain. Once i2Chain is implemented, Security and IT professionals would be liberated from building, managing, and monitoring a global infrastructure used to support trusted and private communication between individuals and devices.”
i2Chain software is a plug n’ play key orchestrator that can be implemented enterprise-wide, and ‘Chained’ information is consumed by users non-intrusively. ‘Chaining’ is a process that includes encryption, injection of persistent rights, and immutable traceability. A ‘Chained’ document can be shared, distributed, and transacted with integrity and confidence, without the fear or anxiety of hacks from internal or external sources. Highly regulated industry segments leverage i2Chain solution for sharing personally identifiable information, design documents, or health summaries within and outside with co-processors in a secure and privacy-compliant fashion.
Cutting through the Complexity-
i2Chain, an information security startup in the valley, is led by an experienced team, with each leader having over 20+ years of experience in information security. The team has significant industry experience in manufacturing, financial services, and healthcare domains, making the product suited for securing information transactions just as seamlessly as VISA secures financial transactions.
The leaders are focused on technology engineering, go-to-market traction, and building a world-class team to drive the mission and support progress.
Technology engineering: The cybersecurity market is a mesh of towered solutions and silos of the network, data center, database, endpoint security solutions. The enterprises have invested and continue to invest significant monies to augment and make themselves ‘secure.’ It is equally essential to make their digital processes private and to ensure consumers of the process trust their information’s integrity. The i2Chain team has a dual responsibility to enable security and privacy and help clients reach that goal quickly, effectively, and efficiently. The engineering and usability teams enable security & privacy even while ensuring low/no change in existing processes for implementing solutions enterprise-wide. The non-intrusive, modern technology architecture aligns with the existing business processes. Enterprises leveraging i2Chain platforms elevate their security posture, making it easier for their users to transact sensitive information securely and comply with new regulations like GDPR, CCPA, ITAR carve-outs, and FINRA, and others.
“As regulated entities migrate their sensitive information to clouds, i2Chain helps with encryption, access controls & traceability of all of the underlying sensitive content. The users continue to check-out sensitive information from cloud(s), application(s), and such digital assets can also be easily secured and classified by injecting centrally administered, or user-administered policies. Additionally, securely storing sensitive digital assets on local systems, securely sharing them using communication tools like email, Teams, Slack, WhatsApp, etc., enabling authors to retain control over these assets even after sharing, providing visibility into how they are being further shared and are being consumed by the recipients, letting multiple people collaborate on the copies, and ensuring the authenticity of the assets all along while keeping them in possession of only valid users, all using i2Chain’s technology are unique benefits of the i2Chain solution.”, says Sanjay Jain, Co-founder & CTO of i2Chain.
Go-to-market: The silver lining of the humanitarian and economic crisis of the pandemic is the cybersecurity in general, and i2Chain software, in particular, is getting traction from some of the biggest names in the financial, healthcare, auto & aerospace, and defense industries.
Investments: Amidst the pandemic, the i2Chain closed their seed round in May 2020 and will offer a post-seed equity round in November 2020. Interested institutional investors and HNI’s are welcome to participate and reach out to the i2Chain team for discussions and evaluations.
The Products and Services-
- Secure digital distribution of sensitive files.
- Traceability of sensitive files.
- Revocability of sensitive files.
The i2Chain solution is file-type and storage-type agnostic. The solution uniquely combines the ideas of encryption, access rights, and traceability to secure sensitive files. An immutable ledger to record all the actions performed on sensitive files differentiates us from other similar services in the market.
Ranga Jayaraman, former Chief Digital Officer of Stanford’s Graduate Business School, says, “i2Chain’s ability to ensure the intended security for the document encapsulated with the document itself enables reducing the cycle time of executing a highly secure digital process. Also, end-to-end encryption ensures full compliance with privacy laws & regulations.”
i2Chain’s technology enables both security and privacy. This capability to be at the edge of security and privacy is catching the attention of leaders sharing and accessing or establishing access controls on classified information. These tailwinds are further aided by a non-intrusive, storage agnostic, lightweight, intuitive application that is easy to use and deploy.
i2Chain’s business model is also easy to comprehend, budget, and put into action. The SaaS application is priced per user and only for the users that ‘Chains’ or share the Chained information. The SaaS application is free forever and for all users within and outside the enterprise that view the ‘Chained’ information.
i2Chain’s success and drive stem from enabling enterprises to transcend to high performance and high trust. i2Chain’s solution delivers secure and privacy compliant clouds, folders, and files, thereby ensuring digital processes and significantly lower cycle times to process and share information with co-processors and ecosystems. The i2Chain solution uniquely chains or secures each transaction, injects policies or controls as desired by the privacy policies centrally administered, and ensures the immutable chain of custody, or immutable, auditable logs of every action on the information artifact.