Skip to main content

Computer crime conceptscyther5/Getty Images/iStockphoto

There aren't many teams that have had repeated success building up and selling valuable tech companies in Canada together.

So when John Seminerio, Paul Terry and Adam Lorant embarked on their latest venture, Vancouver-based data security company PHEMI, they had little trouble lining up financial backers.

"Hands-down, our investment was a team bet," said Mike Satterfield, general partner of Yaletown Venture Partners, which invested as part of a $2.8-million seed round in 2014 and again in a $12.2-million Series A round last month.

"It's a great story of entrepreneurs doing it again and doing it together," said Dion Madsen, senior managing director of Business Development Bank of Canada's Healthcare Venture Fund, another backer.

The trio – who are PHEMI's chairman, chief executive officer and vice-president, product and solutions, respectively – worked together building and selling OctigaBay Systems and Abatis Systems Corp. (the latter two were also early employees at Newbridge Networks) and have obviously built up a lot of trust in each other. That's good, because their latest venture is built around a rather different premise: Trust nobody.

On Tuesday, the startup officially launched its first major product, Zero Trust Data. The software offering is intended to help solve a huge problem in the era of big data and cloud computing: how to keep all of that sensitive private information away from the prying eyes of sophisticated global data thieves, who have illegally accessed hundreds of millions of records at major retailers, hospitals and government departments the world over.

PHEMI's approach is not to build big firewalls around an organization's digital data banks – which have proved to be alarmingly porous – or to deploy sophisticated sentinel-like programs within corporate systems to hunt down and neutralize malware, as U.S. data security firm FireEye Inc. has done.

"We don't rely on the network to give us security and we don't rely on the servers to give us security," Mr. Terry said. "We build security into the data itself. And so we don't allow anybody to see the individual pieces of data who's not allowed to. This is pretty much a revolution in big data."

Instead, PHEMI's software acts like an individually wrapped firewall around every single piece of sensitive data in an organization's digital vaults, whether it's Word documents, patient X-rays or gene sequences (the health-care industry is a primary target, along with financial institutions).

It is a piece of "metadata" code, based on the Accumulo algorithm developed by the U.S. National Security Agency, that users must get past before gaining access to the underlying sensitive data.

Think of it like a digital customs agent standing before each piece of data. Each user has to present a series of "attributes" to prove that he is allowed access. For example, the Zero Trust Data code can assess the credentials of the person who is logging in, whether he is accessing the data from a computer physically located within the premises of the institution, whether he is doing so during set, permitted hours, and so on.

The Personalized Medicine Initiative at the University of British Columbia's Life Sciences Institute has signed on, with more customer announcements coming this year, the company said.

The team at PHEMI is in a race to compete against others in the big data space – a market estimated by International Data Corp. to be worth $41.5-billion (U.S.) by 2018 – but Mr. Terry said the experience and familiarity of the team give it an advantage: "We come from a supercomputing background, our first 10 people were in [prior company OctigaBay, which sold to Cray Systems in April, 2004], and you have to understand how scale works. We've done this in the past."

It's an argument that PHEMI's early, all-Canadian backers, including the CTI Life Sciences Fund and the B.C. Discovery Fund, embrace. "What we liked about the company from the beginning was the bringing together of a very experienced management team who actually understood how to build a company against a very significant need," Mr. Madsen said. "I didn't clearly understand [the opportunity] when they first told me. Then I realized they were on to something here."