Bring up the topic of “enterprise security platforms” around polite company, and you may be quickly shown the door. The subject can be boring, but the truth is that enterprise security writ large are critical, ideally making the Web a safer place for both businesses and consumers by policing malware, botnets, phishing and other malicious software.
Of course, today businesses big and small are moving to the cloud, adopting services like Dropbox, Box and Google Apps in droves. In turn, employees are increasingly going mobile, both in where they work and how they work, as they now carry multiple phones, view documents on their iPads, and collaborate on projects hosted on these services outside of the office. Yet, while workforces (enterprise included) are increasingly remote, mobile and nomadic, security services haven’t adapted to this change in user behavior. When employees go out on the road, for example, their network’s security doesn’t follow them.
So, today, OpenDNS is attempting to pick up the slack with the launch of a new product called Umbrella, which allows companies to extend their service and content browsing policies to employees while they’re on the go. In turn, Umbrella allows administrators to protect employees whether they’re using their own device or one given to them by their employer, along with giving them increased visibility into roaming devices, regardless of they connect — cellular network, WiFi, and so on.
Umbrella also gives administrators access to a management console through which they can limit user browsing based on location and time of day, enabling employees to access Facebook after normal working hours or from home, for example, but not during office hours. The management services comes with 57 different content filters, allowing them to create customized lists of blacklisted sites, while leveraging its DNS services to block access to sites flagged with botnet activity or malware.
Typically, mobile workers can be vulnerable to attacks and snooping when connecting via WiFi networks outside of the office, which often lack encryption capabilities, so Umbrella offers a VPN service that encrypts their activity regardless of how (or where) they connect. The other advantage, Ulevitch says, is that Umbrella lives completely in the cloud and thus doesn’t require on-premise hardware; instead, it offers clients for Mac, PC and iOS (with Android in the works), directing traffic from employee devices onto a secure, clean network.
In all, while the effects of consumerization, mobility and BYOD have made the enterprise a little bit less boring, it’s now easy to see why they’ve wreaked havoc on IT departments. Each group within an organization (marketing, sales, biz dev, etc.) is now free to sign up for any network, product or management tool that best suits the tasks at hand. The CIO no longer has the same control over purchasing, product and security decisions. The power has shifted to the end-user; now employees are increasingly calling the shots.
As a result, support staffs have to throw their old best practices out the window, managing security, network latency, up-time, analytics, identity, logins, etc. across a variety of services and platforms. Naturally, security tends to suffer as a result. So, while this flexibility is great for the end-user, it means fragmentation and increased data vulnerability for businesses and IT.
It was these holes in the market and the growing need to give administrators a faster, more secure way to manage their networks, that led David Ulevitch to found OpenDNS in 2005. Initially, the company focused on developing a lightweight DNS service that aimed to provide consumers with speedier and more reliable internet access, along with improved security and network visibility.
As John wrote last year, what made OpenDNS unique compared to the competition was that it offered free DNS controls alongside parental and organizational filtering (i.e. giving parents control over what their kids have access to on their home network, etc.), while in turn providing an alternative way for consumers to protect themselves from having their search terms hijacked by ISPs — and flexible pricing.
Fast forward to today, and OpenDNS is now playing in far more crowded space, competing with (in some cases nominally, in some directly) security and speed optimizers and, after launching its enterprise product in 2009, security bigs like Symantec, McAfee, Barracuda Networks, Blue Coat, Websense, etc.
These companies have long owned the vast majority of the $20 billion-plus enterprise security market, dominating press coverage and brand recognition among consumers. However, as Ulevitch sees it, their marketshare has been dwindling over the last few years, due in part to their focus on on-premise hardware and slow adoption of cloud-and-mobile-first strategies. Case in point: Many of the biggest security players still don’t offer support for Google Apps in their enterprise security products.
As a result, companies CloudFlare and OpenDNS have been slowly eating away at their incumbents’ share of the market. For a company that has found significant adoption over its seven-year history, OpenDNS has still managed to remain under the radar. This in spite of the fact that the company is now being used by 50 million people and sees 40 billion DNS requests every day.
OpenDNS currently has 7,000 paying businesses using its security solutions and “tens of thousands” of schools (some of whom pay, some of whom don’t), and while the company won’t disclose specific financial data, Ulevitch says that revenues from its enterprise business have more than doubled year-over-year since 2009 and the company is on track to pass $100M in annual revenue in the next two to three years. OpenDNS has raised less than $9 million since 2005, yet has grown to over just under 100 employees, supported by the company’s 90+ percent lifetime renewal rate.
Of course, that’s all well and good. The enterprise security market has produced a number of big businesses, particularly that have companies grown fat on long-term corporate or government contracts and the like. However, this can often lead to a strategy that focuses more on maintaining rather than innovating.
But, by focusing on developing lightweight, flexible software that doesn’t come with the traditionally high prices of enterprise security services (or require on-premise hardware) and by adapting to meet the demands of a nomadic workforce, Ulevitch thinks that OpenDNS can pick up where the incumbents have left off.