Two-year-old data access management startup Dymium Inc. is emerging from stealth today with $7 million in seed funding and a data protection platform that works at the data element level, eliminating the need for duplication.

Founded by three data security veterans, Dymium’s premise is that data should be accessed only when needed, in the right context and format, and without the burden of managing another data environment or duplicating data.

The company calls its product a “session-aware data security platform that can get any user or application the data in real-time in the format desired.” Security and compliance policies are dynamically applied during access to ensure that users and applications only see what they’re authorized to see. Data access policies and transformations are applied in transit to eliminate the need for copies.

‘Ghost data services’

Dymium uses “ghost data services” to govern how data is presented. “Our platform contains no data,” said Chief Executive Denzil Wessels. “When people access the data through ghost databases, we display the data in real time, including all the transformations and everything that needs to be around data. Think of it like a hardened security front end for data services.”

Traditional data protection platforms store copies of data for purposes such as backup, versioning, ransomware protection, and archiving. Dymium maintains that these practices compromise security by encouraging the proliferation of duplicate data. It establishes identity using zero-trust principles and sets access privileges accordingly.

The platform redacts, masks or replaces data with synthetic information down to the individual data element. It also classifies data elements based on their level of sensitivity.

Context-aware

Wessels said the engine is context-aware. “Before we ever open the door to data, we understand who the user is, how they’re behaving and what they’re trying to access,” he said. “We can make a determination on what data they should get based on all of these attributes.”

An underlying machine learning engine can be trained to understand regulatory guidelines in certain industries, such as healthcare. “We can tell in real-time exactly what’s governed by different regulatory compliance bodies and ensure that you never violate the compliance rules that have been set around your data,” Wessels said.

The Dymium platform can be delivered as a service or as packaged software in binary form or inside a Docker container. The CEO said installation typically takes less than an hour. The company has already signed several customers in the healthcare, financial, and defense industries.

“We’ve been trying to stay as quiet as we can until we had a product shipping,” Wessels said. “We’re at that stage where customers can put it in production, so that’s the exciting part.”

Two Bear Capital Operations LLC contributed $5 million of the funding, with another $2 million from angel investors.

Image: TheDigitalArtist/Pixabay