Piyush talks about security for critical enterprise data.
Sramana Mitra: Let’s first introduce our audience to yourself as well as Appsian.
Piyush Pandey: I’m the CEO of Appsian, which is a security software company based in the Bay Area and Texas. We have an office in Bangalore as well. I have well over 20 years of experience. I started as an engineer. I have worked in development and design in a large company.
I did a startup in the 90’s. Then I moved over to Wall Street. I worked there for almost a decade working on M&A and IPO transactions for technology companies. I’ve worked with a number of software companies ranging from large public companies to small startups who are trying to think about how to raise money and how to grow in different stages of their lifecycle.
I always wanted to come back to build and manage a software company. I worked with another company and sold it to a large private equity firm. I joined Appsian three and a half years back. We are close to a hundred employees and growing every year by more than 50%.
We believe that security is one of the areas that will keep growing. The needs of our customers will evolve and grow as they open up applications for the users.
We are a data security vendor that helps you protect the sensitive data in ERP applications like HR software, supply chain, and financials. We protect the sensitive data which is being accessed by internal or external users.
Sramana Mitra: Can you double-click down and give me a bit of a use case on what kind of data access are you relevant to? What is the workflow that you are relevant in?
Piyush Pandey: When I talk about HR applications, a lot of people interact with them, but they don’t understand how huge these applications are. In a large company that has 20,000 employees or 200,000 employees, HR applications typically have thousands of payments.
I’ll give you an example where you enroll benefits. You have information on payroll, appraisal, and recruiting. An example is payroll. Once you configure your payroll, you just want to check every month that the salary has been credited in your account.
That has a lot of information. It has information about your bank account, social security, salary, and date of birth. It’s fine when you see that on a page in the office, but when you’re checking your payroll on an iPad or from your home laptop outside, then you don’t need to see those fields.
We mask or block the fields if you’re accessing outside of VPN. You only get to see the dollar amount of the money that is being deposited. That’s what you’re checking in that context. If it is accessed by an HR leader to make sure that data is correct, they will be able to see everything.
Depending on the context, we can change what you see and how you see it. We can mask information or block information. When I say context, I mean what device? What time of the day? Which location?
Another example is if you’re a VP of Finance and you’re approving a PO which will give money to some supplier and you’re buying some stuff, depending on where that VP is, they can only approve only so many POs. In case of a breach, you’re not losing sensitive information which happens all the time these days.