The pandemic has introduced new security demands for enterprises. The average company uses 137 unique SaaS applications on average. Figuring out how increased usage of these applications fits into a company’s security protocol is ends up being a daunting task. DoControl is an automated data access control platform that’s integrated with the most popular SaaS applications like Dropbox, Google Drive, Salesforce, and Zendesk, allowing companies to take control over their various cloud deployments without compromising security. The platform focuses on asset management, security policy enforcement, and bot-based remediation in instances where vulnerabilities have surfaced. Organizations like Bizzabo, Digital Asset, and Lili are already using DoControl’s solution to manage their data exposure.
AlleyWatch caught up with Cofounder and CEO Adam Gavish to learn more about how DoControl fosters business enablement, the company’s strategic plans, latest round of funding, which brings the total funding raised to $13.4M since 2019, and much, much more.
Who were your investors and how much did you raise?
The company raised $10 million in Series A funding, led by Datadog investor RTP Global with participation from StageOne Ventures, Cardumen Capital and global cybersecurity leader CrowdStrike’s early-stage investment fund, the CrowdStrike Falcon Fund.
Tell us about the product or service that DoControl offers.
DoControl’s Automated SaaS Security Platform provides data access monitoring, orchestration, and remediation across major SaaS applications, such as Google Drive, Box, Microsoft OneDrive, Salesforce, Slack, Jira, BambooHR, GitHub, and more. The DoControl platform is integrated with major SaaS applications to provide three main capabilities: Comprehensive Asset Management providing critical business insights across users, external collaborators, assets, sharing breakdown, and third-party domains; Security Policy Enforcement through intuitive, no-code workflows applied consistently to prevent data breaches at scale; and Slack/Teams Bot engaging with end-users on behalf of security/IT teams to enable a self-service remediation path for human errors, malicious activity, and data leakage.
DoControl is trusted by a wide range of organizations globally sharing millions of files, folders, repositories, and other assets with over 10,000 external companies.
What inspired the start of DoControl?
In 2019, while a product manager at Google Cloud Security & Privacy team, I was in charge of launching the first user experience for regulated customers that have to meet very strict compliance requirements (FedRAMP, CJIS, etc).
By talking with customers, our team realized that in order for us to onboard to Google Cloud, we needed to learn, set up, and maintain dozens of different security controls and policies to keep data access secure, remain compliant, and prevent admin misconfigurations. Therefore, our team launched a user experience that helps regulated customers deploy cloud environments with all relevant security controls automatically set up at best practice with minimum friction involved and preventative measures against human errors.
I, then, realized we could do something similar to solve big security problems of other platforms serving the entire organization – SaaS applications. That’s why we started DoControl.
How is DoControl different?
Our differentiated approach to SaaS security is driven by our simple no-code workflows that automate policy enforcement for data access and sharing, as well as our innovative Slack/Teams Bot that facilitates self-service remediation. Whereas other SaaS security platforms create additional alerts and work, we took the approach that our solution should create less work by using automation to perform the majority of repetitive tasks freeing up valuable time for Security / IT teams.
What market does DoControl target and how big is it?
The rise of software-as-a-service (SaaS) applications has been a boon to companies small and large. Gartner notes that spending on SaaS solutions is projected to rise from just over $100 billion in 2019 to more than $138 billion by 2022.
What’s your business model?
To keep things simple, we charge per user per month charged annually.
How has COVID-19 impacted the business?
Pros: COVID-19 has significantly accelerated digital transformation worldwide which means more companies use more SaaS applications than ever before. Now, these companies understand they don’t have good enough SaaS Security capabilities and that’s good for us.
Cons: COVID-19 has personally impacted our and our employees’ life, some lost family members and faced several quarantines with kids and all which is very difficult to manage at times.
What was the funding process like?
We raised our $3.35M seed round in June 2020 and so we did not really need the money now. Instead, we wanted to find a partner that believed in our team, product strategy, and the SaaS security market. Therefore, we were passively looking for a new round and pitched to a number of great VCs from Silicon Valley and NYC. Eventually, not only did we realize we had an immediate connection with RTP Global, but also we saw how successful they were with multiple portfolio companies, such as Datadog, Sisense, and RingCentral. From there, the process was straightforward.
What are the biggest challenges that you faced while raising capital?
Entrepreneurs pitching to investors is very similar to Broadway actors performing in front of an audience. You have to give the same level of execution every single time no matter who is in front of you.
Entrepreneurs pitching to investors is very similar to Broadway actors performing in front of an audience. You have to give the same level of execution every single time no matter who is in front of you.
What factors about your business led your investors to write the check?
We are building a unique technology with a differentiated approach to lead a super trendy emerging product category – SaaS Security. Our investors did their due diligence through our customer conversations who told them firsthand how our product strategy redefines SaaS Security for the best.
What are the milestones you plan to achieve in the next six months?
Growing the company from 14 to 24 employees. Launching several product improvements to solve more business use cases at scale. Generate meaningful revenue and customer success stories to continue educate the rest of the market about what we do.
What advice can you offer companies in New York that do not have a fresh
injection of capital in the bank?
The clearer the story you’re trying to tell the easier it will be to have a conversation with investors. Never assume the person in front of you is capable of understanding the problem you’re trying to solve right away. Take it easy and walk them through what you do step by step.
Where do you see the company going now over the near term?
As the SaaS Security category is emerging, we will do anything we can to become the absolute leader and the go-to solution for organizations adopting SaaS applications.
What’s your favorite outdoor dining restaurant in NYC?
12 chairs in Brooklyn offers not only delicious Israeli food but also great atmosphere and kids-friendly conditions. Without kids, White Horse Tavern is one of the oldest pubs in NYC (since ~1902) offering all of my favorite wheat and IPA beers as well as great food.