Startup Shym Technology Inc. next month will try to wedge its way into the crowded network security market with tools designed to make it easier and less expensive for companies to safeguard applications and electronic transactions.
The company, formed by a group of security industry veterans, will roll out packaged middleware that links existing enterprise resource planning, messaging and other applications to public-key infrastructure-based (PKI) security products. PKI users, vendors and systems integrators currently have to put in the time and go to the expense of establishing such hooks.
While the term PKI may sound intimidating, basically it refers to using encrypted keys and digital certificates to protect data and ensure that network users are who they say they are. A growing number of companies are turning to PKI to anchor their enterprise network security schemes rather than manage a bunch of separate application-specific security systems.
"PKI projects can cost US$1 million to implement, and it's taking some customers as much as 12 to 18 months to roll the projects out," says Mike Rothman, Shym's executive vice president. "We see an opportunity to help customers cut costs and roll out projects faster."
PKI implementations are largely in the pilot stage today, but leading PKI vendors, such as Entrust Technologies and Verisign, have been posting big revenue gains and can point to production implementations involving thousands of users. SoundView Technology Group says the PKI market has been doubling in size from year to year and could hit the $1 billion revenue mark by 2001.
In rolling out its first software packages next year, Shym hopes to cash in on what it expects will be a PKI explosion over the next few years as electronic commerce and other extranet applications force more companies to install solid network security systems.
The company has several things going for it, including nearly $4 million in venture capital and an experienced management team. Three of Shym's four founders, including CEO and President Jim Geary, followed the same path from Security Dynamics Technologies Inc. to intrusion detection vendor Haystack Labs to Trusted Information Systems Inc.
Currently, Shym has about 20 employees, two-thirds of them on the technical side of the house.
Shym officials declined to share specifics on the company's product strategy. However, Geary did say the company's tools will complement, rather than compete with, products from PKI market leaders.
Shym, which gets its name from the term shim (which means wedge), plans to have its formal debut on Jan. 11.
Shym's technology appears to be sound, says Eric Hemmendinger, an analyst at Aberdeen Group in Boston who has been briefed by the start-up. But he says the company's long-term viability will be tested as PKI vendors forge their own relationships with applications vendors. Entrust and SAP AG, for example, recently signed a deal to integrate their offerings, and similar alliances are bound to follow. If enough of these deals happen quickly, these existing vendors could obviate the need for Shym's software, Hemmendinger says.
But Shym's Rothman says PKI vendors are focused on delivering the best security products they can and would rather leave integration issues to others.