DataGravity, a startup that aims to secure corporate data where it is stored, is getting out of the hardware business and will focus on providing software that runs on other vendors’ storage arrays.
The company will continue to support current customers who bought the software as part of a storage array, according to chief executive Paula Long. She acknowledged there will be some job cuts associated with this move, but declined to provide details. The Nashua, N.H.-based company had some cutbacks last month.
Update: Long blogged about the company’s course change here.
“Customers want our security and our insights about their data but they don’t want it tied to a particular array,” Long told Fortune in an interview Monday morning.
The alternative is for them to buy DataGravity’s software and run it on third-party storage boxes from EMC (EMC), NetApp (NTAP), or IBM (IBM). Long said other storage companies have expressed interest but did not provide names.
Get Data Sheet, Fortune’s technology newsletter.
Long is a respected storage veteran. She co-founded EqualLogic in 2001 and sold it to Dell seven years later for $1.4 billion.
DataGravity Defends Stored Data
DataGravity’s pitch is that while most companies have focused on shoring up security at the firewall, at the desktop, and on the network, they’ve neglected the actual data stores themselves, which is a potentially fatal flaw. After all, much of a company’s worth lies in its data, whether it’s trade secrets or customer names or accounting information. And threats to that data can come from outside via a hack attack or from company insiders. In the latter case maybe a disgruntled employee accesses corporate data, saves it to a USB stick, and walks it out the door.
As Long has said in the past, the company’s software “watches” how users interact with storage. It can assess, based on normal activity, if someone is taking a long time writing to that data trove. (In storage speak, a “write” operation happens when data is stored to the disk or flash storage media for safe keeping, while a “read” is when that data is accessed.)
For more on cybersecurity, watch:
An abnormally long write session could signal a CryptoLocker attack. Such attacks worm their way into a company’s data store and encrypt it. Then that data is held for ransom. If DataGravity’s Discovery notes such prolonged write activity, it can protect that storage and also make it easier to figure out who is behind the CryptoLocker.
The company has $92 million in funding from Andreessen Horowitz, Accel Partners, General Catalyst, Charles River Partners, and others.
This news makes sense given the state of the storage hardware market. Sales of hardware arrays from EMC, NetApp, IBM and others are under pressure, according to IDC and other researchers. A key factor is that data is flowing to big cloud storage providers like Amazon (AMZN), Google (GOOG), Dropbox, and Microsoft (MSFT).
Note: This story was updated at 11:12 a.m. EDT to add context around the struggling storage hardware market and again at 1:36 p.m. with a link to Paula Long’s blog post.