The local community bank or credit union must comply with the same federal and state regulations that a company like CitiGroup must comply with, and yet they don't have the same IT resources or budget to do that. A recent survey by the Small Business Technology Institute showed that two-thirds of small businesses in the U.S. don't have an information security plan in place, and more than half experienced a security breach. Smaller customers tell us they don't have risk compliance teams on staff as larger companies do, and the complexity behind the rules and regulations is something they want to be turn-key. And so we've designed our CI-750 appliance to meet their needs. We made several dozen policy templates that use plain English. They're called California 1386, PCI DSS, GLB, HIPAA, and so on. A lay person who does double duty as compliance officer and IT administrator in a small credit union doesn't necessarily have the time to read through and understand all the details of these regulations, so we make it very easy for them. They also want the appliance to be very easy to use. Describe the specifications of the technology.
The CI-750 is an entry-level solution for small offices or branch offices with about 50-250 users. It protects sensitive data from leaving the network by monitoring content flows and automatically enforcing protection policies to log, alert, retain, block, encrypt or re-route transmissions across all popular Internet communications channels -- email, Web, IM, FTP, WebMail, blogs and wikis -- and all popular WebMail services including Google Gmail, MSN Hotmail, AOL Mail, Windows Live Mail and Yahoo Mail. It uses the same software as Code Green's mid-sized appliance (CI-1500) with a scaled-down hardware platform that keeps the price under $10,000. You've marketed Code Green as a pioneer of deep content fingerprinting and you've put out a whitepaper on the subject. How does it work?
During content registration the unique content fingerprints are sorted in the content fingerprint database and can be designated as either RedList or GreenList fingerprints. RedList fingerprints register confidential content that is to be protected. The GreenList contains fingerprints of non-confidential content that are not subject to protection. Greenlisting improves the efficiency of the appliance by dramatically reducing the incidence of false positives. Authorized users can perform a RedList crawl to register confidential content, or a GreenList crawl to register non-confidential content. Later, when a user attempts to transmit information, the transmitted information is fingerprinted and then compared to the fingerprints stored on the RedList and GreenList. Let's talk about your hopes for Code Green in the face of all the consolidation we've seen in the IT security market. Is there a scenario where you'd be willing to sell Code Green to another company, or is the goal to stay independent?
We've raised $32 million in equity so we have a couple venture partners with significant ownership in the company as well as board representation. As a group we would do what's best for the stakeholders, including the employees. In the short term, though, our obvious plan is to keep growing as an independent company.