Big data is becoming a valuable commodity, so it is no surprise to see startups specialising in products and services to protect that data. Silicon:SAFE is one such company in the early stages of product development.
Silicon:SAFE is based in Cambridge and was founded in April 2013 by Dr Will Harwood (left) and Roger Gross over a cup of coffee in a vineyard. The firm specialises in helping enterprises keep bulk data safe.
We fired our spotlight questions at Harwood, chief technology officer, to hear more about his startup.
Tell us about Silicon:SAFE
Silicon:SAFE prevents bulk data theft from enterprises. It puts data, such as passwords, credit card details and biometrics, beyond the reach of hackers by providing the enterprise with a patent pending dedicated secure bulk data store that acts as a one-way valve for secret data.
Once secret data has entered the device it can never be retrieved. No user, system administrator or cyber attacker can get at the data. Data can be used on the device only by built-in operations, such as in the case of passwords, comparing a password guess with a stored password.
The device has no operating system to hack, is immune to code injection attacks and is minimal. It has no code other than that required to do the job in hand.
Why did you develop the business?
In early 2013 I attended a Formal Methods Applied To Security workshop in Cambridge, and one of the speakers raised the problem of bulk theft of passwords.
His point was that conventional techniques (hashes and salted hashes) were no longer a good solution to the problem because of advances in hacking technology and the availability of faster processors.
Bulk data thefts of passwords had already made the news but were still rare compared with today.
Two things were clear at the outset: it would become a growing threat and a solution was required. By far the most significant part of the threat is the reputation damage caused by data theft.
Companies that said: 'Your passwords were stolen. They are encrypted, but just to be safe you should change your password anyway,' had already lost their reputation.
It sounded like a nice research project, and an ‘obvious’ solution presented itself, if one did not assume conventional architecture. At about this point Roger and I had coffee and, where I had seen a research project, Roger saw a business opportunity.
It was clear that conventional computing architecture and operating systems were part of the problem. It's not an 'in principle' problem. In principle there are many ways to protect data from theft on conventional architectures and operating systems. The problem was that 'in practice' there was a stunning history of failure owing to misconfiguration, misunderstanding and software bugs.
The modern commodity computer evolved from the personal computer, which was never intended to be secure. The modern internet evolved from a co-operative of collaborating researchers. Again it was never intended to be secure. Security has been retrofitted by patching designs rather than redesign.
It was time to start afresh and address the root of the problem using a different platform, one that did not have the hardware or software vulnerabilities of commodity platforms.
Tell us how you got your business off the ground
Having developed a secure architecture, we felt it had market potential, so we formed a company in 2013 and built and tested several prototypes during the rest of the year.
A patent was filed in August 2013, all using our own money. We later received a £5,000 SMART grant for intellectual property protection.
What technology do you use?
We use our own patented hardware design and protocol which lets authentication products communicate with our products.
Are you based in an incubator or startup centre?
Yes. Both of our premises are in innovation centres that have proved tremendously useful as we’ve grown.
What level of funding have you received so far?
In 2014, we received a £25,000 Proof of Market grant from the UK’s innovation agency, formerly known as the Technology Strategy Board, which helped to fund development and market research, and we have just secured $1m in seed funding from private investors, which will take us through our launch phase.
What’s been the biggest highlight of your business so far?
Being granted the patents on our designs. The next highlight will be launching our first commercial solution in April this year.
What did you do before starting up?
I worked for Citrix in Cambridge where I met Roger, then site director, in 1999. We worked together until he left in 2004 to found a training company.
After a long spell designing and building security products and working as a product strategist on integrating Xen into the company, I left in 2009 to do a PhD in computer security at the University of York sponsored by the International Technology Alliance, an MoD/DoD joint research programme.
What are your favourite and worst things about running your own startup?
The good thing is that there is no boundary between life and work, and you are doing the thing you want to do. The bad thing is not yet being big enough to own a good quality espresso machine.
Do you work remotely, in a shared environment or have your own office space?
I move between our office space at Martlesham, our shared meeting spaces at St John’s Innovation Centre in Cambridge and often at home.
Alan Kay, the inventor of the personal computer concept and the Smalltalk programming language. The combination is not a coincidence!
Smart or casual?
Casual (occasionally smart).
Coffee shop of choice?
Clown’s, a small Italian-owned coffee shop in Cambridge serving the best espresso and cappuccino anywhere.
Beverage of choice?
Pulteney Arms in Bath, an old fashioned pub that serves good beer and food.
Rather boringly, the BBC News app. Good reporting and getting down to the facts is really important to me. The BBC is simply one of the best news organisations in the world.
Do you benefit from startup communities and related networking?
Yes, mainly at Martlesham at the moment where we benefit from such events as the breakfast meetings and local showcases.
Could the government and technology industry do more to support UK startups?
Getting money into new engineering ideas, at the right time, is critical. The right time is when the idea needs proving, not when the business needs scaling.
The pain point is when you need to produce technology, for example a beta hardware product, for proof of concept (PoC) with customers.
Without customer PoCs investment is not forthcoming, but without investment PoCs are not possible.
An industry/government not-for-profit 'boost' investment fund that takes the risk in new ideas at this stage would make a significant difference to true innovation.
If the investment fund were to take a small stake in startups and worked on the basis of a one in 10 success rate it could become self-funding. For example, an early startup gets between £20,000 and £80,000 to fund part of an initial development for five to 10 percent of stock to support PoCs etc.
Success in PoCs leads to commercial funding. At this stage the boost funding may be bought out by the commercial funding after the proposition has been de-risked by the PoC trials, or held on to for higher future yield.
If you want to take part in the V3 Startup Spotlight contact Roland Moore-Colyer.
Previous startups under the spotlight have ranged from IoT wireless network firm Nwave Technologies and e-commerce and augmented reality firm GoInStore, to cloud-powered video surveillance firm Cloudview and web app management consultancy DevOpsGuys.
North Korean hackers reportedly step up their activity as tensions with the US increase
Ice Lake probably won't appear before 2019 at the earliest
Krzanich follows Kevin Plank of Under Armor and Kenneth Frazier of Merck
Release of latest version of Android imminent