Peace of mind for less than an office cleaner
Michael Gazeley enjoys fighting the bad guys. He's one of the best. Network Box, the company he founded in 2000 with business partner Mark Webb-Johnson, has won multiple international awards for the quality of its data protection, and security products and services. It has 24-hour service centres in 12 locations worldwide, protects more than 100 banks in the United States and enjoys an excellent reputation among peers.
They also, as Gazeley notes with dry humour, 'make profit the old way'. This is one new technology business graduate and entrepreneur who is singularly unimpressed by the misleading claims of many of his peers. 'I don't understand the MBA models, the creation of fictional value, the cashing in and running away, and I couldn't sleep if I did,' he says.
A case-hardened veteran of computer networks and everything harmful that can affect them, there is only one phenomenon which continues to perplex Gazeley: that so few Hong Kong companies take the threat of viral infection seriously.
'We set up Network Box with SMEs [small- and medium-sized enterprises] in mind - 98 per cent of Hong Kong companies employ fewer than 75 people. And they are the ones who stand to lose most from data attack.'
The business model was a no-brainer: an affordable, reliable, zero capital investment solution to data security and protection for even the smallest company. And Gazeley is not coy about pricing.
'HK$800 per month to protect a company with 10 staff,' he says. 'HK$1,800 for 25, HK$2,800 for 50, HK$3,800 for 75. There's no hardware to buy and no commitment to a multiyear contract - they can sign up for three months if they want. It's less than the cost of the office cleaner.
'Very few [SMEs] seem to take the threat seriously. Network Box sells very well to the large companies, who admittedly have a lot to lose through data infringement.'
If a large company - even a bank - has a data security issue it is embarrassing, costly, debilitating, but they're still doing business.
'For the small business though, the self-owned company where everything has been invested in that one product or idea - what happens when your security's breached and your three-year investment is suddenly on sale down the road? You lose everything - not just the business, but quite possibly your house and everything you own, too,' Gazeley says. One factor fuelling the relative complacency, he believes, is a widespread ignorance of just how quickly viruses have evolved in their ability to infiltrate and multiply at great speed.
Even among the large antivirus solution providers, he suggests, time to react can be far too slow.
'In 2000, it took about 20 hours for a virus to work its way around the world. By 2005 that had reduced to 135 seconds. Today, it's instantaneous.'
The virus writers utilise 'botnets' - networked computers already pre-hacked and accessible to them. When they have a new virus, they can hit critical mass in seconds. The response, however, can take hours, by which time devastating damage has already been done.
Network Box addressed the problem of defending against these attacks by conceiving a single appliance that contained all of the required technology: firewall; intrusion detection; intrusion prevention; multilayered antivirus, antispam and content filtering; automated periodic reporting in standard formats; and so on.
Then they went one step further and decided to treat it as a service rather than a device.
Engineers go on-site to help with the setup and familiarise new clients with the system. And engineering teams work worldwide around the clock to update and maintain all customer systems. As soon as a new virus or threat comes along, the required signature or security patch is pushed out to customers in seconds.
'Our clients receive over 1,000 push updates from us every day on average. We have the highest-speed, most up-to-date system on the market today,' Gazeley says.
The growth of peer-to-peer exchange and overlap of professional and private data on laptops has increased the exposure to data attack by orders of magnitude.
For example, executives using instant messaging to chat with their friends while reviewing budget documents in coffee shops.
That in itself seems not to trouble Gazeley unduly. It is possible to have the best of both worlds and still be secure - but only if properly planned and implemented, with professional and personal data kept well apart. It troubles him that he sees so little awareness among Hong Kong business managers of how fine the line between corporate and personal data is, where a P2P-using individual can be innocently opening the company's servers to intrusion from hundreds of millions of sources worldwide.
Gazeley continues to offer guaranteed data security to SMEs for less than the price of a clean floor, and if he's pleading with Hong Kong's small businessmen to take him up on the deal, it's not because he's in desperate need of their money. Network Box is thriving.
Most companies these days have mission statements. Gazeley has a genuine mission.
'I've always loved working with computers, always will. But what we're doing here is not only doing smart things with computers, we're actively helping people fight off the bad guys, and that has to be worth doing.'
Cyber threats to computer systems
There is an attack attempt every 2.9 seconds
There is an intrusion attempt every 12.3 seconds
There is an incoming virus attempt every 8.5 minutes
There is incoming spam every 23.8 seconds
84 per cent of all e-mails are infected with spam
57 per cent of all Web use in the workplace is not related to business
There are more than 63 billion Web pages to monitor
Source: Network Box: 2009 Threat Statistics