Piiano wants to provide a more effective way to protect PII, in a way that will get developers to rethink how they deal with it, and produce order and secure development.
Today, Tel Aviv-based startup Piiano, which is focused on PII [Personally Identifiable Information], has emerged from stealth and has announced that it has raised a $9 million dollar seed round. The round was led by cybersecurity-focused VC YL Ventures with the participation of Jibe Ventures and founders of leading cybersecurity companies such as Snyk, Armis, Wiz and Aqua. As is typical of seed rounds, the funds will be used for R&D and Go-to-Market purposes.
Piiano [pronounced Piano, with the extra i highlighting the PII in their name] makes a personal data protection and management platform. Their first product on it is Piiano’s Vault, which contains a dedicated, protected database for centralizing sensitive information, and a code scanner to locate PII.
“Today’s privacy is done more like a bolt-on to existing applications, said Gil Dabah, Piiano’s CEO and one of the two co-founders, with CTO Ariel Shiftan being the other. “We need to change things to make sure that PIIs are more secure.”
“PII today is like a jungle, with no defined workflow,” Shiftan stressed. “A developer who needs to develop a new feature decides themselves where to store the data. That becomes a liability.”
Piiano’s platform and Vault are the company’s answer to the problem. The platform enables security and privacy teams to monitor and gain data-driven insights into privacy artifacts from application code bases and empowers developers to easily partition and isolate PII. It does this without introducing new technology features, and by an emphasis on a cultural shift in sensitive data handling as well as the protection itself.
Dabah indicated that while the technology required here is not cutting edge, the requirements it has to fulfill are extremely demanding because the solution has to be always available.
“It’s not the features we provide that are important but the way that we solve the problem,” he said. “It’s not crazy innovation that’s important here, but putting all the puzzle pieces together in harmony.”
Dabah also stressed that Piiano’s platform will not only transform how enterprises build privacy-forward architecture, but how they think about it as well.
“It introduces a different culture that fosters data privacy, which is not the case today in organizations,” Dabah said. “It’s a new paradigm to encourage privacy. Developers will will do it, unlike today when they are reluctant because it’s boring and a burden.”
The Piiano Vault provides the infrastructure to centralize and secure PII and other select sensitive data and serve as a secure PII directory that keeps other data stores pseudonymized within the customers’ own environments. It is deployed in the enterprise’s virtual private cloud.
“We went self-hosted, because it’s like a data base in your own environment,” Dabah said. “It’s like any other database in terms of speed, so latency isn’t an issue, and you don’t have to count the number of APIs, and you don’t pay for that either. There are many advantages to having this inside your own application architecture.”
The Piiano Vault also deals with issues that existing approaches cannot fully handle. Cloud-focused solutions in the market tend to be from small SaaS companies, and don’t offer workflows that are attractive to developers. Traditional DLP [data loss prevention] solutions deployed to protect PII, among other things, also have many limitations.
“About 40% of DLP fails to compete the project of deployment at all,” Dabah stated. “When it does deploy, payment for the deployment can be millions, as is the licensing, and eventually it doesn’t work, because while DLP is good for static environments, those are not the case today with the cloud.”
Piiano’s strategy will involve partnering with larger vendors who have broad cybersecurity platforms, because they can provide something that the larger companies don’t.
“We see many organizations proposing an approach of putting everything inside their magic box,” Shaftan said. “In the future, we want to work with those when possible.”
While Piiano defines itself as an enterprise grade solution, and its value would seem to be higher in large enterprises with flocks of developers, so far in their proof of concept stage, that has not been their market.
“The market at least for now, tends to be midmarket companies, because they are younger and faster,” Dabah said. “Those are the kinds of organizations that we are better engaged with.”
Piiano will broaden its Go-to-Market strategy to add partners next year, but they are really counting on developers to be their evangelists in persuading their companies to adopt them.
“By Q1 next year, we want to be ready for live deployment in production environments, and once we see we have success there we will go for a broader channel,” Dabah said. “Our real focus, however, is developers. Once they see that we can make a better organization of the data, stop the mess, and create a home for PII, developers will know the meaning of it, and see the value of the order and management capabilities in the Vault.”