Patrick Sweeney, who took over as CEO in April, talks with ChannelBuzz about the program’s philosophy, goals, and features like a pay-for-performance billing option to get into accounts with an incumbent.
Today, Redwood City-based cloud email security vendor Area 1 Security is announcing a partner program that will enable partners to sell Area 1’s cloud-native email security solution directly to North American clients. The company is emphasizing that their solution is highly differentiated and highly effective in the new cloud email space that has emerged with the decline of perimeter-based gateways.
“The SEG [Secure Email Gateway] market doesn’t exist any more,” said Patrick Sweeney, president and CEO of Area 1 Security. “That’s gone. There’s no more perimeter, and no more perimeter-based hardware solutions for a gateway to protect. The vendors of those products have put them into the cloud, but they are not scalable.”
The new market as Gartner defines it is the Cloud Email Security Market, and it’s one where Area 1 believes it has major advantages. The company was founded in 2013 by three ex-National Security Agency people who had essentially been white hat hackers. Their focus was around phishing, which is where 95% of all cyberattacks start.
Area 1 has two major areas of differentiation, Sweeney said.
“We do Google-scale crawling and indexing to analyze every page on the Internet with heuristics about intent of the website, like Website names being similar to other Websites’ names,” he stated. “This could possibly be something stood up for phishing. We then correlate this with emails referenced back to the site. It allows pre-emptive understanding of the infrastructure. That pre-emptive capability is our first differentiation, using complex machine learning language models, lexiconal analysis and social graph analysis. These let us understand that if an email from a regular correspondent wants money paid into a different account, even though the numbers are obfuscated to us, that’s a likely indicator of an attack.”
Sweeney also emphasized that Area 1 provides protection at both the API level and the MX level, to allow them to protect against all types of email compromise threats.
“If you don’t see traffic as it comes in, you get a lot of phishing spam and rely on API at large scale to remove bad things before they are clicked on,” Sweeney said. “If you rely on the MX level only, you don’t see credential harvesting attacks. We are both inline at the MX level and at the API level, to see all four types of business email compromise attacks.”
Area 1 has sold principally to very large customers, but the core simplicity of the products means that the potential market is much larger, and the channel is the key to reaching it.
“When I came here [in April 2020] I concluded this was the best solution, which is why I decided to come here,” said Sweeney, who had been the CEO of SD-WAN vendor Talari, which was acquired by Oracle, and before that, was at SonicWall for many years. “Area 1 sold to high-end enterprise companies, but to become a billion dollar company, we had to have the DNA of the company around the channel. So we began to make a wholesale shift. The Board had been dying to do this for quite a while, so this was a perfect alignment.
“I have been at companies that started in the enterprise and worked down, and with companies that started with smaller customers and worked up, and I think it’s best to start with the biggest customers,” Sweeney continued. “If you can win them and keep them, you know you have a good solution. We have Fortune 100 banks, the biggest airlines, the biggest retailers, big medical institutions – all with multi-hundred thousand dollar deals. Now is the time to broaden our appeal with the channel to bring it to a much wider array of customers.”
Sweeney emphasized that their product’s core value proposition is highly attractive to partners.
“A big message for partners is that we are completely aligned with Microsoft 365 and Google G Suite,” he said. “We can sit in front of them and prevent things from getting inside, which means you don’t have to choose between good security and good email. It’s also brain-dead simple to deploy. Unlike some competitors, there are no modifications and no tuning needed. It’s completely cloud-native, and multi tenanted.”
Sweeney also emphasized that with his arrival, Area 1 has become committed to channel partners as their route to market.
“Partners have been around at Area 1 for more than a year,” he said. “The Go-to-Market model was agnostic before I came in. We did business with partners, but it wasn’t full fledged. I believe that you can’t be agnostic, with partners. You have to be committed. We worked with them before, but we didn’t have a strategy that was based around them. We didn’t have a portal before. We didn’t have dedicated certification training and defined margin guarantees. It was just basic deal registration.”
Sweeney said that it has taken Area 1 100 days to build out their channel infrastructure, which includes things like a portal and an aggressive profit margin. This also includes the option to let customers buy through a pay-for-performance [Pay-per-Phish] pricing model as well as a traditional Enterprise Licensing Agreement.
“This model came about because we would find cases where customers said they already have a deployment of somebody else and the license has not yet expired,” Sweeney said. “This is really common for us. We originally came in to many companies as a layer behind their existing solution, and the way we priced it was ‘pay per phish’ we caught that had gotten through the other solution. We put our money where our mouth is. There is a crossover point where it makes more sense for them to convert to an ELA and that generally happens. But this is a nice elegant way in this difficult market, where customers don’t know us or who don’t know who is the best, that lets us prove our value.”
The new program is designed to build and support a select channel, not a large one.
“Our aspiration is to have a channel of trusted security advisors,” Sweeney stated. “It’s not about feed on the street – getting license-moving companies. Our differentiation is on quality of product, so we want trusted security advisors. We have two profiles in mind. One is VARs engaged by companies to help deploy products but who don’t necessarily take title. The other is MSSPs and master MSSPs, trusted advisors who are active participants and generally do take title.
“We presently have around 15 active partners, who have been involved in very large deals,” said Dawn Ringstaff, Area 1’s Director of Global Channel Sales. With this limited number of partners, the program launches with a single tier, although the plan is to build in additional tier differentiation over time.
Area 1 is using Synnex for its distribution, principally to handle the credit part of partner management.
“They will act as a bank and manage those relationships,” Sweeney said. “We don’t want to be providing the credit, collections, and financing. When vendors like us try to become the bank, it takes you away from your main focus.”
Synnex is their only distributor at this point in time, although Sweeney said they will talk to others in the future.