With data theft averaging $6 million a leak, it’s a good thing two old high-school buddies from Israel developed a self-protecting data solution that travels with your files.

In the UK, 28 million records were lost in a data breach. In the US, a popular clothing firm lost the identity data of 800,000 job applicants when a laptop with the information was stolen from an outsource company hired to handle applications.

“Loss of valuable data is a nightmare that happens,” says Alon Samia, CEO of Covertix, an Israeli startup that he and his partner Tzachi Kaufman developed. The two began marketing their novel “self-protecting” data solution, a few months ago. The patent-pending system is policy-based, not user-dependent.

“Our policy-centric approach is different. It is like a personal bodyguard and not a fence. It is not just a signal, but a whole set of rules defined by IT management. It is much more elaborate than any system out there,” he tells ISRAEL21c.

The CxSense Smart-File technology developed by Covertix goes beyond protecting sensitive data within a company. It also protects data that leaves the company’s network.

“Most systems put a lock on the fence around the house. Our control sits on the sensitive data file itself all the time and travels with it when it leaves the house,” explains Kaufmann. “Encryption at the gate is just the first line of defense.”

Defense that travels with the data

CXSense automatically protects sensitive data because it travels with the data even when it is saved to removable devices like a USB flash drive. It identifies potentially risky devices and computers and limits use according to your specifications – for example, until 9pm, or within 24 hours.

The rules are strictly enforced. If unauthorized users attempt to access or tamper with data, the system will block them. No copy and paste, forward or edit commands will be accepted. No print command either.

Rules may allow a user to open and view a document, but not modify it. Even IT personnel, who typically have access to any file, may be barred. And spoofers who try to sneak in can be caught red-handed.

“Tagging information, with a kind of GPS for documents, we can tell where it is, and if it is in danger. The system makes it possible to share information without worry,” says Samia.

Sometimes a company wants to share data for a short time, for instance to provide information to an ad company that’s designing a promotional campaign. “Advertising is a highly competitive area, and we can assure the customer that confidential information will be protected,” says Samia.

“That is part of our business plan. We want to allow an organization to collaborate. Identifying information, tracking it and controlling it is the mission,” he states emphatically.

Is your data safe?

Can someone swipe your company’s new fall promotion plan or slogan? Do out-of-the-office laptops have access to pre-patent R&D, financial and HR data? Can you share information with a third party (a lawyer, supplier or ad company) and block access to the company network?

“Careless outsource partners, lost portable devices, and WiFi networks are major hazards,” says Samia.

Another source of data leakage is unstructured data, like an e-mail attachment containing confidential information; it could be pricing, blueprints, pay scales or contracts.

“Most serious data leaks are from internal sources,” comments the entrepreneur. The cost averages $6 million per leak. And it is estimated that 70 percent of employees who are fired or leave a company take sensitive information with them.

The loss of intellectual property – confidential executive communications, information shared with business partners, trade secrets, R&D findings, personnel records, litigation information – jeopardizes a company and can create a revenue shortfall. The information protection and control market is expected to grow to $3 billion by 2011.

A unique approach to assets control

Three years ago, Samia, an honors graduate of the Technion – Israel Institute of Technology and Kaufman, his friend from high school (a tech wiz with a BA in computer science, an MBA and over 12 years of anti-hacking and network security expertise) decided to develop a unique approach to information assets control.

“We had been talking about starting our own company since high school,” says Covertix’s CEO.

Finally, the two had amassed enough experience to set up shop. Samia had eight years of work in the US with a large brokerage firm and as AVP of business development and strategic marketing for a $13 billion insurance company. “Tzachi had worked on security and networking for several industry giants; he left Amdocs where he was IT manager to start the company,” Samia recounts.

They started out in the technology incubator in Sde Boker, in southern Israel, but will be moving to the center of the country soon.

Covertix is already working with a wide range of users, including pharmaceutical companies, communications, educational and health organizations.

Projects in Great Britain and Spain are in the hopper. It is targeting mid-sized organizations, which are an underserved market, and expects to make money by the end of the year. That’s very good news for a young startup.