In the modern, mobile- and cloud-based world, IT departments are no longer in control. Bitglass has a way to deal with that.

“The corporation doesn’t own the network, they don’t own the apps, and they don’t own the device,” Bitglass vice president Rich Campagna says.

Bitglass addresses that panic-inducing reality by inserting itself between employees’ apps and your corporate servers, ensuring that every communication is monitored, encrypted, or redacted — whatever the IT policies require.

Bitglass, founded in 2013 by serial founding CEO Nat Kausik and a trio of experienced engineers, seems to be on a fast track. It just raised $25 million in a second round of capital, bringing its total to $35 million.

With just 40 employees currently, Bitglass is planning to ramp up quickly, growing sales, marketing, and technology development functions. It is already generating revenue from subscription fees (typically $5 to $10 per user per month), and says that it has customers in “every major vertical industry,” although it won’t disclose how many customers it has.

An example illustrates how Bitglass works: If you log in to your account from a brand-new iPad, Bitglass can make sure that communication happens through a protected channel, encrypting any documents that are particularly sensitive so they can be read only by you. If you try to forward an encrypted sales presentation, recipients won’t be able to read it unless they have your password.

Or, suppose you download a customer file. If your IT people have set up a rule to black out social security numbers, you might be able to get the customer list — minus the SSNs.

The company also provides a dashboard to those IT folks, showing what kinds of activity is going on — including monitoring usage of Google Apps, Box, Dropbox, and the like.

Bitglass gives IT administrators a dashboard for monitoring application activity for cloud and mobile apps.

Above: Bitglass gives IT administrators a dashboard for monitoring application activity for cloud and mobile apps.

Image Credit: Bitglass

In contrast to old-style virtual protected networks (VPNs), Bitglass doesn’t require employees to sign on to a protected channel before they can use their networks. It just springs into action whenever they connect to a protected server or service.

“Our job is to eliminate security as a barrier to adoption of the cloud in the enterprise,” says Campagna.

For instance, Bitglass can even enhance the security of something as basic as email. When an employee logs in to the corporate Gmail account by visiting, Google first verifies the identity of that employee using a single sign-on service. Instead of redirecting the employee back to, a Bitglass-enhanced authentication service would redirect the employee to a proxy server managed by Bitglass. That server then imposes whatever security requirements the company’s IT department has, on top of Gmail itself.

The funding comes from SingTel Innov8 (Innov8), a corporate investing subsidiary of the SingTel Group, a Singapore- and Australia-based telecommunications company. An unnamed “large global bank” is also participating, as are existing investors NEA and Norwest. Scott Sandell, a general partner at NEA, will join the Bitglass board.

Bitglass is based in Campbell, California.