Hiding in plain sight
KOM Networks protects data for governments and businesses
Richard Bray
Wednesday, October 18, 2006
Every family guards its secrets, but the Shaaths of Kanata have trillions of them. KOM Networks, their family business, makes software that protects vast amounts of data for businesses and governments around the world.
The company pioneered its storage and archive product lines in 1983, when the University of Western Ontario needed to archive a gigabyte of data to the giant 12-inch platters in old hard disks. "Today," said Al Shaath, KOM Networks' senior vice-president, "people carry a gigabyte of data or more in their pockets on flash drives or on their mobile telephones."
CREDIT: Bruno Schlumberger, The Ottawa Citizen
From left are KOM Networks' chief technology officer Kamel Shaath, senior vice-president Al Shaath and CEO Taher Shaath.
In the years since that first venture, KOM Networks has sold its archiving software to major government organizations such as Statistics Canada, the U.S. National Aeronautics and Space Administration and the U.S. Federal Elections Commission; to financial institutions such as Bank of America, VISA, Deutsche Bank and HSBC; and to multinational companies such as Black & Decker, Lego, Nestle, and Daimler Chrysler.
"Between your house and the local supermarket, you probably pass by the products or services of about 100 KOM Networks customers," Mr. Shaath says.
A common denominator for many of those customers, he says, is the what-if scenario.
"What if somebody gets access to their records?" he asks. "They are very aware of incidents where backup tapes got lost or hard disks went missing, and they want to know what happens then."
In fact, they may have a problem, he says, because most "front-end" applications performing tasks such as e-mail archiving, document management or health information management do a very good job protecting the information within the context of the application, but the controls are lifted once the data they produce (are) stored on a hard disk.
"In the design of the software package, they may never have thought about accidental loss, so no matter whether it is on the local hard disk or a server or a storage area network, it is basically free to grab," he said.
For that contingency, customers typically add an additional level of protection in the form of encryption.
"The flaw in that is the fact that everything that can be encrypted can be de-encrypted," Mr. Shaath said. "It may take you a very long time to get at the data, but it can be done."
Privacy is not just about controlling who can view the record, he says. It is also about preserving that information.
"Once you think you have handled the security aspect and handed the data over to the operating system, a junior person or a high school student hobbyist can go in there and destroy the files. That is where KOM Networks comes into play."
KOMpliance, the company's flagship product, prevents intruders or unauthorized personnel from viewing the file. Anyone looking at the hard drive, partition or network share who is browsing to see what files are there sees nothing.
"Basic human psychology says that if you look in a box and it's empty, you stop searching in that box," Mr. Shaath explains. "The same logic applies to an automated search because, once the attacking software gets a zero answer, it either moves on or stops running. It's that simple. Standard system tools will not allow you to browse the folder, so even if you used a DOS command prompt, you wouldn't see anything. Our application has the absolute path to the file, so yes, you can read it."
Corporations and governments are increasingly governed by strict regulation and compliance rules, but are unwilling to sacrifice the performance and speed benefits technology has brought to their organizations.
"If you go through the whole history of our product line, the basic requirement of our customers has been archiving," Mr. Shaath recalls. "Lack of storage space was the main concern when our product came out, but as time went on, storage hardware performance became the focus."
Then the corporate malfeasance at WorldCom, Enron and other companies changed the data storage world and regulations became the driving force. The regulations had always been there, Mr. Shaath says, but they weren't really being applied to electronic documents.
For content and document management, e-mail archiving, financial, health-care and medical applications, the KOMpliance range of solutions provide everything needed to archive data. The solution is preinstalled, preconfigured and ready to add to the network. KOM Networks says its product can be installed in less than 30 minutes without downtime or special expertise.
The KOMpliance system can archive data from 250 gigabytes, an amount that might be found in a single high-end computer, all the way up to 500 petabytes. (A petabyte is 1,024 terabytes; a terabyte has about trillion bytes.)
"We provide high-end storage for uses like data warehousing, life sciences, streaming media, and geophysical applications in the mid-sized data centre," Mr. Shaath says. "Part of the appeal of our solution is that we are affordable for the small to medium-sized business or department within a business, but we have the power to scale up to the biggest enterprise. One of our biggest sources of business is Hewlett-Packard, because we fill a spot in their mid- to small-market product line."
A typical sale might be about $20,000 and, unlike other software packages -- which are sold by individual licence or "seat" -- KOMpliance is priced by storage capacity.
About 80 per cent of all KOM Network sales are final, says Mr. Shaath, because they do not hear from customers again until they need to expand or adapt their systems. "They forget that we exist because the product works seamlessly in the background, and unless you describe the box, they may not remember us. We really are a back-end storage and archiving solution."
The CEO of KOM Networks is Al's father, Taher.
"Originally refugees from Palestine, we immigrated to Canada as a family in 1989 and acquired KOM in 1991," he said. An accountant by education, Taher says, "I may not know the details of the IT side, but I do know how to run a business and keep an eye on the financial side."
With a degree in computer engineering, Al's brother Kamel is the company's chief technical officer. There is also a third generation of Shaaths, but they are not yet old enough to think about careers in the company.
KOM Networks has been doing the arduous work of protecting the technology it has developed, and holds about 11 patents in the United States and Canada.
"We have certainly developed some of the most innovative techniques in the archiving industry and we are proud of that," Al Shaath says. "The company also received the Microsoft Excellence Award for Infrastructure Solutions and Storage this past summer, which was an honour, and we received the Certified Gold Partner status with Microsoft soon after that."
The future looks bright for archiving, says Mr. Shaath.
"As individuals and as institutions, we accumulate more information and we want to keep that information available. That means more archiving," he says. Looking at a single example, he cites the rise of digital ultrasound technology that generates large files that hospitals and companies in Canada and the U.S. may be required to keep, and keep confidential, between 18 and 21 years. "When you think of how many babies are born, you can see it is a growing market," Mr. Shaath says.
KOM Networks has built a successful business, but with a staff of 30, it is competing against giant multinational corporations such as EMC, IBM and Hitachi Data systems.
"We have limited resources," concedes Mr. Shaath, "so mergers and acquisitions have crossed our minds. But we don't want to sell and walk away. We are looking for a deal that would allow us to continue carrying the torch and take the company to the next level."
Source: © The Ottawa Citizen 2006