Dave Maquera is the chief executive officer at EdgeWave, a leading company in cloud-based security solutions. Dave studied at Harvard Business School and has more than 15 years of experience in the technology business. In this interview he talks about Edgewave’s unique approach to security solutions and addresses open problems in the industry.
Sramana Mitra: Dave, let’s start with setting some context about what EdgeWave does.
Dave Maquera: EdgeWave is a web and email, social media and mobile security company. We are about 110 folks in the company and we have around $18 million in revenue. The historical focus of the company has been primarily on web gateway and web filtering capabilities. In 2010 we added an email filtering – spam filtering – capability and have since augmented both products and leveraged what we saw as strategic in our e-mail acquisition, which was a cloud architecture that is highly scalable and extremely cost-efficient, whereby we could continue to offer security capabilities to mobile devices and globally distributed organizations in a high-security demand environment, which is highly flexible and cost-efficient. We started off several years ago. As a matter of fact, the core company St. Bernard was one of the first web filter appliance companies – about 15 years ago. Since we started back then, the company has rapidly changed in the last few years to adopt what we believe are game changing technologies to secure the environment.
SM: What is special about mobile security?
DM: The most obvious thing is a physical difference. Most mobile devices are used by people outside of the physical perimeter of the corporate network or the enterprise where they are employed at. The whole idea of a PC on a LAN that is secured through a single firewall has gone away. When you are on a mobile device, you are not only connected to your carrier’s voice network, you are also connected to your carrier’s SMSC, which is the short messaging and mobile messaging system. You are also connected to the mobile Internet, which goes through their network, goes out to the web and goes back to whatever focus you are touching on the other side of your corporate or institutional group. So it is completely different. You have to think about “How do I secure my data? How do I prevent malware intrusions and attacks? How do I really maintain compliance with key policy and regulatory items, now that I am way outside of all the historical safety measures that were behind the perimeter?” That is why it has changed dramatically.
SM: The particular problem you are solving is mobile security in the context of the enterprise?
DM: I would say it is not a particular problem. The way we look at it is that there are lots of problems rolled up into this use case of having a mobile device that you probably own personally. Statistically, most mobile devices that people use to interface with their enterprise or company are not issued by the company. That is one piece of it, but all the touch points that I talked about are several problems by themselves, and they have to be managed. The way we look at it is that we manage web and e-mail security through that entire extended network through which people are now connected to each other through mobile devices. We still do web filtering in the enterprise and simultaneously out to your device. We still do policy compliance within the enterprise, but also out to your device – wherever you are. So it is across the entire ether of what the corporation or enterprise now is, by virtue of having mobile devices connected through the web. It is not a particular focus. We still do all the things we used to do, but we added key technologies and approaches to how we manage that on behalf of our customers.