'7 Minutes' with RedLock Director of Sales David McCaw

‘7 Minutes’ with RedLock Director of Sales David McCaw

Written by Lorna Garey
August 8, 2017

Sensitive data floating free around the public cloud is every CISO's worst nightmare.

**Editor’s Note: “7 Minutes” is a feature where we ask channel executives from startups – or companies that may be new to the Channel Partners audience – a series of quick questions about their businesses and channel programs.**

Late last month, security provider RedLock made news by revealing a Google Groups misconfiguration that led to the exposure of sensitive data held by hundreds of organizations, reportedly including the Weather Company, The Onion, Lifehacker and others.

In May, RedLock released a Cloud Infrastructure Security Trends report which revealed that 82 percent of databases in public clouds environments are not encrypted — and that about one-third of them accept inbound connection requests from the internet, a really bad idea.

Those are hard acts to follow, PR-wise, but RedLock is making a game attempt by announcing Tuesday a commitment to sell 100-percent through its channel. We asked the company’s director of sales, David McCaw, to join our 7 Minutes series and fill Channel Partners readers in on the new CloudView Channel Program.

RedLock’s David McCaw

RedLock’s signature Cloud 360 Platform technology is aimed at finding all data that’s stored in the cloud (AWS and Google Cloud Platform are supported now) and seeing what protections and access control rules are applied. The company says the product can be installed in minutes, and partners can quickly run a proof of concept and provide a big-picture view of risk. Eric Parizo, senior analyst focusing on enterprise security with analysis firm GlobalData, says the platform offers a simple, intuitive system for preventing basic cloud security lapses, like misconfigurations, inappropriate user access and connections to malicious internet sources.

“It also offers one of the nicer web-based dashboards I’ve seen, offering a visualization of instances, network segments and relevant metadata to easily identify where bad configurations exist,” said Parizo. “Its planned pricing scheme –subscription-based, one-year terms based on number of workloads with volume discounting — is very sensible and channel-friendly.”

That said, as with any startup, there are some features on the “to come” list. Notably, that includes support for workloads in Microsoft Azure, which is slated for later this year. Parizo also cites an immature anomaly detection capability, based on logs.

“Perhaps my greatest concern is that RedLock seems to be setting itself up to unintentionally compete with CASBs, which offer a more robust set of similar capabilities for securing access to cloud-based assets,” said Parizo. Cloud access security broker technology enforces a customer’s policies on cloud use by, for example, requiring two-factor authentication, checking a device for malware or enforcing encryption. Still, he sees potential for success in addressing enterprise cloud security pain points, such as helping organizations prevent accidental exposure of AWS S3 buckets — if it can prove it can do that job well enough to earn its keep instead of or in addition to broader solutions.

The company is backed by Sierra Ventures, Storm Ventures, Dell Technologies Capital and other high-profile investors and recently raised $8 million in Series A funding.

Channel Partners: Tell us what customers love about your product or service. What’s the secret selling sauce?

David McCaw: RedLock customers love that, for the first time, their security teams can see a true picture of …