I'm used to seeing US businesses struggle in the UK market, I've helped a few now to recover after false starts, or to launch successfully in the first place. I'm currently working with PKWare on a long term contract which I'm really very pleased about. I count myself extremely lucky that much of what I have blogged about as being necessary security over a number of months and years, actually exists as a set of products.
I've commented an awful lot about the dynamics that make this possible over here, the fact that a market has to be built up from scratch, reputation not doing much for a company which is big in the States when it comes to these shores, how the American style of business differs from the slightly more staid version we have over here, etc.
Something I hadn't come across before is the reverse of this process, a company launching over here and trying to break the US. I covered Orchestria a few weeks back, talking about how they seemed to appear from nowhere in the DLP space, and yet kept hearing good things about them. I found it surprising then that I got a slightly different story from some friends the other side of the pond.
I have thoroughly researched Orchestria, spoken at length with their English CTO, Pete Malcolm, and gone into numerous demonstrations of their technology, proofs of their customer base, and have even, surprisingly, been shown a very impressive set of accounts. At this point an NDA prevents me from saying anything more. Needless to say, some of the negative comments that were made after my story last week now look pretty much like sour grapes.
I fear that Orchestria are suffering the reverse of what many small US tech companies experience when trying to enter the EMEA market. I fear that sales and marketing teams in the US are maybe not set up for this type of technology without having it on their doorstep, or a specialist from the industry on their team. I fear that only a handful of people in the country may understand this fully. I fear that analysts in the US have been in touch with the wrong people in the organisation - because this stuff is pretty damn good. I also fear that properly marketing it is going to be a mountain to climb, but whoever takes it on is going to do very well out of it.
I would urge anyone who is looking at DLP to look at Orchestria. If you are in the UK, it's a no brainer, local support, local development, etc. If you are in the US, don't believe the poor marketing and doomsayers from the rest of the industry. If you are in Orchestria, get a good marketing team out there, and beef up the support you already have out there. I think we could see them coming out near the top of the pile in the DLP wars. However, this isn't just what Orchestria does - and here's the only 'issue' that I could find with them - the technology is way more than DLP. You could use a couple of Orchestria devices and some SecureZIP in your entire environment and dispense with 50% of your hardware... if you don't believe me, try it out.
This is in fact the reason that this reasonably large company (and expanding monthly) seemed to appear out of nowhere and hit the DLP market. They had a product in a different sector (compliance) which happened to cover DLP very well, and they decided to market it as such. Good idea, poor execution, to get into a security market you need people who know that market inside out, whether they are in the US, the UK, Norway or Timbuktu. This is unfortunate though, because it has given a good piece of technology a slightly false start in an industry where they could be a shining light.
I haven't been this excited by a product since, well PKWare actually, but before that, Njini with their data classification / de-duplication software (another British company, yeah!). What I'd really like to do is put them all together and make a demo. What makes me feel good about all of this is that this is how I predicted the future of security just a year ago. I just didn't expect it to come so fast.