Since Hornetsecurity was founded, its sales have gone in only one direction – up. The company is looking to quadruple by 2021.
With an enormous annual growth rate of more than 50%, cloud security provider Hornetsecurity is the market leader in Europe and is now getting ready to enter the U.S. market. The company is the front runner not just in growth figures, but in technology too: Released less than one year ago, the latest product, Advanced Threat Protection, now protects one in every ten users against new threats. These successes have not gone unnoticed.
New investor climbs onboard
“In just one year, the company has developed a new product and successfully established it on the market,” states Hans-Christian Semmler, CEO of HCS Beteiligungsgesellschaft, a holding firm that has invested millions in the company. “Seldom have our analysts seen such fine-tuned workflows, processes and advanced technology,” he continues. Existing investors Verdane Capital and High-Tech Gründerfonds also back the company with sums in the seven-digit range. With these investments, Hornetsecurity will extend its global reach.
“The InvestImpuls funds have achieved their goals, establishing a strong security provider on the market that gives generous returns,” explains Dr. Bert Brinkhaus from EnjoyVenture, fund manager for the Hanover-based fund. As an early-stage investor, the company will now pull out, taking the capital it has generated to help another young technology company get off the ground.
Hornetsecurity already enjoys international success
Over 20 percent of new orders already stem from countries outside the German-speaking region, and the company is now looking to tap the US market to boost this figure significantly.
To prepare for this coming growth, Hornetsecurity has already doubled its staff within one year. “We are well prepared,” says Daniel Hofmann, Managing Director of Hornetsecurity. The aim is to increase the technological lead over the competition. “With this additional staff we want to speed up the development of our current 14 technology projects,” explains Hofmann.
Hornetsecurity is celebrating! Founded under the name antispameurope ten years ago, the company has been considered as the absolute expert and pioneer in the area of cloud security for many years. Since 2007, Hornetsecurity has genuinely set a record for vertical ascent: The company has now expanded to more than 100 employees and secures data traffic for more than 35,000 companies in over 30 countries worldwide, including numerous renowned names like Dekra, Melitta or Konica Minolta.
It’s a success story made in Hannover, Germany: When Daniel Hofmann and Oliver Dehning founded the company in the summer of 2007, they gave the starting signal for a company that today plays a major role in the German IT security landscape. With a wide range of products in the area of email and web security, Hornetsecurity provides its customers with comprehensive security. The high quality of the solutions combined with an excellent service concept practiced by all employees has meant that the company has been able to enjoy two-digit growth figures for years.
This success should increase even more over the coming years. To this end, Hornetsecurity is steadily investing in new products and markets. But first comes the celebration: Hornetsecurity has invited sales partners, investors and company friends to join them over a period of two days. Visitors will have the opportunity to tour the offices at an open house before a celebration of the company anniversary in the evening, together with employees. Hornetsecurity will hold the Partnerdialog on the following day, an sales partner event which once again promises to have a record numbers of participants. Since the company was founded, the annual event has served as a springboard for intensive information exchange with the sales partners.
“We are very proud of what we have built up over the past ten years,” says Daniel Hofmann, one of the founders and managing directors of Hornetsecurity. “But this still doesn’t mean we can rest on our laurels. On the contrary: We also want to develop Hornetsecurity into one of the most important security providers on the international IT market.”
Security has become a major issue for everyone by now. Be it security in your own country, at home, or in daily communication via the Internet. When we feel safe, we can go about our lives without worries. When it comes to daily communication via the Internet, the word “encryption” is frequently heard. Does encryption really provide protection against curious pilferers, or does it merely give us a feeling of safety while cybercriminals use it as a hidden back door?
Encryption explained in simple terms
The encryption of Internet connections has apparently been well received by the public for years already: according to Google, 80 percent of all websites are already protected. Many messaging services also now rely on encrypted communications. But how are data streams encrypted in the first place?
Explained in simple terms: The term SSL/TLS encryption is often mentioned in relation to this topic. Laypersons do not necessarily understand what this means. The term here refers to transport encryption. This means that the data itself is not encrypted, but is transmitted through an encrypted channel. Before the message is transferred, the communicating servers agree on an encryption standard, also referred to as the Cipher Suite. Consideration is always given to the mutually highest encryption standard for the negotiation. The goal is that only these two servers can exchange data with each other.
Whether or not a website offers this kind of transport encryption has been easy to determine ever since the secure hypertext transfer protocol was introduced: If the URL starts with an “https:”, the website is encrypted. Other indicators are a lock and the green mark. If, for example, a user logs onto a website as shown in the displayed image, the entered data is forwarded to the destination server via an encrypted channel that confirms the correctness or the identity of the user.
SSL and TLS – which is which?
TLS is the successor to SSLv3. The slightly improved TLS 1.1 version has, however, not been successful on the market. The significantly more relevant 1.2 version, which Hornetsecurity has already been supporting for years, offers decisive added security value with, among other things, Perfect Forward Secrecy (PFS) and the corresponding Cipher Suites (Elliptic Curve, Diffie Hellman), given appropriate and secure server configuration. Hornetsecurity can even restrict TLS communication to Secure Cipher Suites and Trusted Certs to raise the security level even higher.
The 1.3 version of TLS can currently be viewed as a working draft at https://tools.ietf.org/html/draft-ietf-tls-tls13-11. This version is expected to include major changes and improvements in the cryptographic hash functions and the handshaking protocol. From a security point of view, it will be good if TLS 1.3 is distributed more quickly after final release than was the case with TLS 1.2, which has been available since 2008.
The back door for malware?
Data streams encrypted via TLS/SSL thus cannot be viewed by third parties, which makes sense after all. On the downside, this allows the undetected transmission of malicious code, since there is no intrinsic analysis for malware.
To counteract this, so-called SSL scanning can be used. Here the connection is interrupted and a fake server certificate, by which the target server is authenticated against the user’s server, is implanted. This approach is comparable to a man-in-the-middle attack. The problem with this method is that third parties can read the unencrypted content. To ensure the browser does not take this as an attack, a one-time incorporation of the root certificate of the runtime-generated certificate for the requested website in the browser’s trust store is required. This is done automatically in large companies via software distribution. SSL scanning or “https breaking” may constitute a conflict between data security and data protection. If companies intend to use SSL scanning, therefore, they should protect themselves legally in advance.
Very often companies do not use this method of analyzing encrypted connections. On the one hand, for reasons of data protection; on the other hand, the computational effort required has till now been too high and too costly. In recent years, however, the overhead (computational effort) incurred by encrypting and decrypting the data, as well as negotiating the connection parameters for TLS, has been drastically reduced by targeted hardware and software measures.
Originally at a level of up to 20 percent, today, given appropriate configuration, it is in the low single-digit percent range, for example with CPU surplus load.
On the hardware side, more powerful CPUs complemented by appropriate computing operation units (e.g. for AES) are now standard for servers, enabling many decryption operations to be executed in parallel and in a high-performance manner.
Many global software libraries have now enormously accelerated the decryption and reduction of network latency, which, given appropriate server configuration, can significantly reduce the overhead.
The website categorization used in the Hornetsecurity web filter is a secure alternative to SSL scanning. It deliberately refrains from breaking up the encrypted channel, since the fine-grained classification of the websites helps minimize the risk using appropriate policies. All the websites are classified into categories. The basis for this is the user-accessible content on the website. Assigning a website to a category gives it a sort of rating. This rating provides information on whether or not it is a safe website. Based on this rating and the preconfigured policies, the web filter service either blocks the requested website and the user receives a warning page, or it is delivered and displayed.
With the help of the categories and other features, company compliance policies can be implemented at both the user and group or enterprise level. This allows administrators to block certain content or allow the use of social networks only during the lunch break. Hornetsecurity also offers its customers SSL scanning as a supplement to its comprehensive web filter service. IT administrators can activate it on their own.
Encryption is positive and recommendable, in principle. The security aspect, however, should not be neglected, as encrypted connections do not automatically guarantee protection against malware. Encryption poses a threat to companies only when this aspect is given little or no consideration.
It is therefore advisable to regularly examine the encrypted connection and develop a watertight security concept.
While web filter categorization provides options for protecting web traffic even when using encrypted connections, the “https breaking” method can also be used on request. Hornetsecurity offers both methods. Most customers make rather sparing use of SSL scanning, since the fine-grained categorization described above provides significant added value.
Curious? Additional information: