Protecting sensitive data is a priority for all businesses, but in order to truly be protected, organizations must ensure they are securing data at all times. Enter, a cybersecurity company that offers a unique solution to close a crucial, but often overlooked gap in data security. The company, founded in 2016, secures Data in Use, protecting data while it’s being used or processed. Enveil’s technology enables data to be encrypted throughout the processing lifecycle.
CEO Ellison Anne Williams provides the example of performing a search of data in a cloud environment. Data is protected in transit and at rest in a cloud environment, but the second that a search over the data is performed, historically, the data is not secure.
“That’s the point of least resistance for an attacker,” said Williams. “People can just come along and take your data. But because we make sure that nothing is decrypted during processing, we close off that gap.”
With no other companies in the cybersecurity market offering this totally encrypted solution, Williams says users are shocked by Enveil’s solution.
The reaction of early adopters? “Holy cow, this actually works,” said Williams.
“Keeping everything encrypted during processing sounds impossible...we get it,” Williams says recognizing the skeptics. “But it’s not (impossible). It’s just not."
Williams is a 12-year veteran of the National Security Agency, which is located just miles away from Enveil’s Fulton headquarters. It’s here that Enveil’s founder first worked with homomorphic encryption, the technology at the core of Enveil’s solution.
Shortly after bringing the technology to the commercial world, the young company made a bold move and applied to RSA’s Innovation Sandbox, the industry’s leading contest for up-and-coming security companies to pitch their cyber innovations. At five months old, Enveil was accepted to present their tech in the contest, making it the youngest company to ever participate.
“We thought, at the very least, people will see who we are and what we are doing, and it will be great exposure for the company,” said Williams. “We ended up walking away with second place, which was pretty phenomenal.”
Enveil got started with seed funding from, a startup studio that makes strategic investments in cybersecurity startups. Enveil’s breakout moment at RSA caught the attention of many more investors, and soon, funding came in from Bloomberg Beta, Thomson Reuters, a USAA affiliate, and In-Q-Tel, the investment arm for the CIA.
The capital has enabled Enveil to grow from a four-person team to a 15 person team, and expand out of DataTribe and into its own office space.
“We’ve certainly grown as a company,” said Williams. “Bringing in other investment money allowed us to build out the business structure of the company.”
Williams knew she needed the best engineers, especially those trained in cryptography, so she never considered taking Enveil out of Maryland.
“I think primarily a lot of talent is trained inside intelligence organizations and federal entities, specifically NSA,” said Williams. “So being in this area allows us to take advantage of that rich engineering talent that doesn’t really exist in this concentration anywhere else in the country.”
Data security is incredibly important to financial services companies and federal agencies, so being near these institutions was also important to Williams. In Maryland, she can reach both key markets.
“Many of the financial services firms have headquarters in New York City, which is a quick train ride away,” said Williams. “That’s far better than flying across the country from Silicon Valley. And then if you’re going to do any business in the federal space, the proximity to D.C. is a plus.”
In the past, companies that have transferred technology out of NSA would head to Silicon Valley in search of venture capital, Williams said. But with the support of venture capitalists like DataTribe investing locally, and a realization of concentrated assets, things are changing.
“You can stay here and be successful,” said Williams. “You don’t need to go to San Francisco. And why would you want to anyway?”
The tech world couldn't ignore cyber startup Sourcefire. Eventually acquired by Cisco, the Sourcefire team continues to innovate in Maryland.
A few years after entering the U.S. market, this defense manufacturer is experiencing explosive growth.