The accelerating migration of corporate information beyond the data center has spawned a whole crop of startups hoping to fill the void where traditional perimeter-based security can’t reach that keeps growing at a steady rate. The latest entrant is San Jose-based Datiphy Inc., which hit the radar this morning after securing a $7 million funding round from Highland Capital Partners.

Among the venerable private equity firm’s more than 200 prior investments is Gigamon Inc., a provider of network management software whose co-founder and former top executive, Ted Ho, was tapped to head Datiphy last week. The appointment will help Highland Capital Partners ensure that its money is put to good use driving the adoption of the startup’s namesake platform.

Datiphy deploys monitoring agents to the various platforms where a client organization keeps its information as either self-contained virtual machines or local processes that transmit the details of every access request, change and addition to a central server. There, the logs are correlated and meshed together into an integrated picture of day-to-day activity.

That usage snapshot is continuously updated as employees go about their work to provide what Datiphy describes as an up-to-date benchmark of an organization’s normal operations against which its system compares every new event registered by its agents. Deviations – like, say, a sudden spike of requests to a database containing personally -identifiable information about customers – are flagged for the security department.

The startup claims that using an organization’s entire recorded information activity history as the security benchmark helps facilitate higher breach detection accuracy and keep false positives to a minimum. It’s also a lot simpler than traditional approaches since administrators don’t have to manually define the parameters of every single potential breach scenario in order for the engine to pick up abuse.

Violations are instead automatically surfaced in Datiphy’s management console, which comes equipped with a natural-language search engine that aims to help security teams investigate breaches without the usual digging involved in incident identification. That kills two birds with one stone, not only making it easier for organizations to understand the full scope of data compromises but simplifying compliance audits as well.

However, the biggest advantage of focusing on protecting the information itself rather than the environment in which it’s kept is that a company doesn’t need to be in full control of infrastructure in order to stay secure. As a result, Datiphy’s monitoring approach theoretically applies just as well to data stored beyond the immediate reach of administrators in the public cloud as it does to on-premise records.

Image via JavadR