Database security startup IPLocks has clinched $11 million in Series D funding as the vendor plans to expand its global operations and exploit compliance initiatives around the world.

The Series D, which brings IPLocks' total funding to $23 million since 2002, was provided by a group of institutional and individual investors. Ron Radcliff, the startup's vice president of business development, however, would not reveal the identity of these backers.

But Radcliff was a little more forthcoming on what the firm will do with its cash influx. "What we're doing is expanding our field sales support. We're also enhancing our marketing awareness campaigns," he says, adding that the firm's R&D efforts will also get a boost.

The startup's flagship offering is its Database Security and Compliance software, which aims to lock down database information through user monitoring and auditing. The software runs on either a Microsoft Windows or Linux server attached to a user's database server.

According to IPLocks, the software works across all major database platforms, including IBM, Microsoft, Oracle, Sybase, and Teradata. The vendor has already racked up over 130 customers. These include some big names, such as Ernst & Young, NEC, and Western Corporate Federal Credit Union.

Last year IPLocks expanded its presence in the Asia-Pacific region, announcing a reseller agreement with Decillion Solutions Group, which is part of NEC, and Radcliff says that the firm will now refocus its transatlantic efforts. "We're beginning to expand our operations in Europe. Currently we're mostly U.K.-based."

But IPLocks is not the only vendor playing in the database security space. Fellow startup Imperva, for example, recently clinched $17 million in second round funding to support its own security efforts.

Imperva, however, takes a different approach, relying on its own SecureSphere family of appliances to monitor database traffic. (See Imperva Pushes Database Security.) Another startup, Guardium, also offers specialist hardware. (See Security Fears Draw VC Bucks.)

A key selling point for IPLocks, according to Trish Schaefer Reilly, the startup's vice president of marketing, is that the vendor can operate without installing an agent on the database servers. Instead, the IPLocks software accesses the databases as a "read only user."

Although IPLocks also offers agents that can be installed on devices, Schaefer Reilly told Byte and Switch that 90 percent of the firm's customers prefer the simplicity of the agentless approach.

The idea here is that, by avoiding the use of agents, users can side-step the hassle of issuing patches and software upgrades throughout their infrastructure. That said, some users have already expressed a preference for security in dedicated hardware. (See Microsoft in Whale of a Deal.)

Either way, database security is fast becoming big business. The SANS Institute, for example, recently listed online database attacks as one of its Top 20 most critical Internet security vulnerabilities, which reflects the recent trend toward data-targeted exploits, in which criminals steal user information rather than funds. (See SANS Exposes 'Safe' Technologies.)

Database issues have even led to high profile security flaps at the FBI and the White House, underlining the importance of locking down critical data. (See FBI Flap Highlights Security Challenge.)

Additionally, the advent of regulatory requirements such as Sarbanes Oxley, and similar legislation in countries such as Japan, appears to be paving the way for security startups. (See Users Splash Cash on SOX, Gartner: Sarbanes Struggle Continues, and CA's Clarke: SOX Driving IM.) "Regulatory requirements are kicking things into overdrive," explains Schaefer Reilly. "We want to make the market much more concerned about securing their databases and about data protection."

The San Jose, Calif.-based vendor, which currently has around 65 employees, will also be looking to increase the size of its workforce, according to Schaefer Reilly, although she would not say by how much.

— James Rogers, Senior Editor, Byte and Switch

Organizations mentioned in this article: