PlainID is a company that provides business and admin teams with a simple and intuitive means to control your authorization processes. To learn more, Pulse 2.0 interviewed PlainID’s co-founder and CTO/CPO Gal Helemski (she/her).
Gal Helemski’s Background
Gal Helemski’s entrepreneurial journey started while she was a member of the Israeli Defense Force — just like it did for many other Israeli entrepreneurs. Helemski said:
“I worked as an instructor and system developer for the Mamram, IDF’s primary computing unit. I really enjoyed my job and wanted to remain with it since technology appealed to me. After finishing my national service, I began working for MEMCO, one of Israel’s earliest cybersecurity businesses. I eventually moved on to CyberArk, another cybersecurity firm, after it was acquired.”
“As I progressed through my career, I continued my learning journey and felt tremendously fortunate to work with and absorb as much as I could from such talented individuals. I was always intrigued by cybersecurity, so I made a conscious effort to deepen my knowledge on the topic, which resulted in opportunities to work with some of the biggest corporations in Israel as a cybersecurity consultant with a focus on Identity and Access Management. This hard work eventually led me to co-found PlainID.”
Formation Of PlainID
How did the idea for PlainID come together? Helemski shared:
“After directing various identity and access management installations and working with multiple businesses, I became aware of a need in the IAM market. At the time, Oren Harel, the co-founder of PlainID, was the deputy CISO at the biggest bank in Israel, where I was working. We made the decision to collaborate to create a solution for the significant IAM market gap that many businesses were facing.”
Favorite Memory
What has been your favorite memory working for PlainID so far? Helemski reflected:
“I think the story regarding our seed round is very intriguing. Our funds at the time were running low because we were self-funded. Our first term sheet came when we were looking for funding, and the amount we received was more than we had anticipated, which was quite exciting. To finish the transaction, we traveled all the way to Silicon Valley, but we both felt there was something off about the situation. My co-founder Oren began to insist that we should abandon the offer, but with no money, having already celebrated the term sheet with the team, and being stranded in the airport with no way to get out, we were in a precarious situation. We decided to back out of the agreement and divert to New York, where we had alternative options.”
“There we had a presentation to make to the IT department of one of the biggest financial institutions, and we would receive the term sheet if we succeeded. We prepared for the Monday meeting all weekend, and the result was incredible.”
“On the 43rd floor of their building, we gave a presentation to 20 tech experts, and by the time we got back to Israel, the term sheet was waiting for us. This whole experience taught us that sometimes you must trust your instincts and take risks to achieve success.”
Challenges Faced
What challenges have you faced in building PlainID and has the current macroeconomic climate affected your company? Helemski acknowledged:
“Building a startup, especially in a very technology-oriented space, is challenging. Additionally, the Authorization space is still shaping itself as organizations realize its importance in identity first security and zero-trust programs. Therefore, the main challenge was first education, bringing this topic to the awareness of the main stakeholders. And then explaining the how and the path to get it right.”
“As with any other IAM-related solution, this is a process. It starts by laying out the groundwork to support current new apps and deployments, gradually looks back on legacy, and supports any future growth.”
Core Products
What are PlainID’s core products and features? Helemski explained:
“PlainID’s Authorization Platform is an enterprise-ready SaaS platform that secures the connection between identities and digital assets. It provides the means to display, manage and enforce access and authorizations across the enterprise technology stack. In a way it completes the IAM cycle: Identity, Authentication, and Authorization. PlainID adds a policy layer on top of identities, groups and roles to better define and control the connection between identities and digital assets. It enables implementing Identity-first security initiatives, such as zero trust across homegrown applications, APIs, data, and microservices.”
“With the platform, enterprises can achieve centralized policy management within a distributed enforcement architecture. Powered by a strong Policy-Based Access Control (PBAC) engine, the platform allows enterprises to easily craft policies at the business level that define who can access what while connecting all types of identities (workforce, customer and third parties) to digital assets.”
Evolution Of PlainID’s Technology
How has PlainID’s technology evolved since launching? Helemski noted:
“We constantly strive to offer innovative identity and access management (IAM) solutions. We want to improve this field and are taking several steps in that direction.”
“Initially, we focused on the authorization gap in applications. We noted many organizations are leaving authorization in the hands of the developers and missing the required management, visibility, and control aspects, which are so important in this area. This has soon evolved to our Authorization platform, which provides wide coverage for both the management and engineering needs in the authorization space.”
“Later on, we recognized a significant gap in current B2B IAM solutions for businesses that rely on external users to grow. For it to be effective, partners require appropriate access controls and delegated management tools. The solution must be in line with the current partner onboarding and offboarding procedure as well as with partners as businesses rather than just single individuals. Therefore, this is one crucial area we began addressing with the launch of the Delegated Authorization Management product module.”
“Simplicity was always a target, challenging as it is in this area. Next, we came up with the concept of ‘PlainID Authorizers,’ which are ready-to-use, technology-specific components that enable authorization enforcement in Applications, APIs, Microservices, and Data. Those authorizers provide a low-code approach to the authorization challenge many organizations are facing today.”
“We are now focusing on a plug-and-play approach for managing authorizations across SaaS applications, providing both the automatic discovery, instant visibility, and granular control of the organizational digital assets.”
“Overall, we have made major strides in introducing our technology to prominent sectors like financial services, government, healthcare, and insurance firms. Our solution platform, key alliances, and Authorizers all contributed to the over 40% increase in global customers. This increase in revenue reflects the company’s ongoing development as an acknowledged authority in authorization.”
Significant Milestones
What have been some of PlainID’s most significant milestones? Helemski cited:
“The first significant milestone was the introduction of PBAC (Policy Based Access Control) to the market. Up until then, most organizations were struggling with role management (RBAC) and where all the attributes are (ABAC). PBAC presented a simpler yet holistic approach that enabled organizations to build on what is there, leverage their significant investment in IAM, and build a simpler path looking forward.”
“We have launched the industry’s first Authorization-as-a-Service Platform powered by Policy-based Access enabling Identity-First Security while also strategically expanding its global sales and marketing team and growing revenue over 50%.”
“With our late 2021 $75 million in Series C funding, PlainID increased its go-to-market (GTM) strategy, sped up product development, and helped a lot of businesses securely regulate, administer and control who may access assets throughout their digital landscape.”
“Additionally, the business introduced pre-built PlainID Authorizers, which offer authorization for API Gateways, microservices, and data lakes as well as access control for crucial authorization enforcement patterns. We followed this by announcing The PlainID Technology Network: Designed in collaboration with PlainID partners, the Network makes cutting-edge technology from PlainID available to businesses all around the world to help them safely transform authorization and access control. In addition, PlainID received three awards in 2022: ‘Best Solution – Identity & Access Management’ in the CDM Global Infosec Awards, ‘CDM Infosec Innovator’ recognition, and finalist status for the Black Unicorn award.
Customer Success Stories
After asking Helemski about customer success stories, she replied:
“One of our first victories in the US is one of my favorites. We participated in an RFP as the underdog. At the entering point, we had the lowest score and a very small market presence. In response, we developed the notion of a dedicated team that turned a 5% possibility into a complete success. After we received our response, we found out much later that they didn’t even want to see the other contenders. We succeeded because of our upbeat attitude and outstanding product. This triumph helped me understand the importance of communicating with customers on every level and the immediate impact their opinions have on our product development.”
Funding
After asking Helemski about the company’s funding, she revealed:
“With its late 2021 $75 million Series C funding, PlainID strengthened its go-to-market (GTM) strategy. This includes accelerating product development and helping multiple enterprises securely manage, regulate, and control who can access assets across their digital landscapes. This strategy came to fruition with the company’s summer deployment of the first Authorization-as-a-Service platform in this industry.”
Total Addressable Market
What total addressable market (TAM) size PlainID is pursuing? Helemski assessed:
“Authorization management and control is a challenge for any business. However, as in many IAM cases, large enterprise organizations would be the first adopters. PlainID is currently focusing on cross-vertical enterprise-level organizations, ranging from financials, insurance, healthcare, tech, and more.”
“Authorization is an emerging category within the IAM space. While PlainID is one of a handful of independent companies that specialize and focus their offerings on Authorization, we stand out amongst the crowd because our technology powered by policy-based access control (PBAC) is designed to meet the scale and performance requirements of the largest multinational enterprises.”
“Our technology offers both the business procedures necessary to enable the management of authorization policies and a solid technical solution. It’s crucial to keep in mind that technology by itself is insufficient, especially in our field of expertise. The lifecycle management, approvals, investigation, governance, and other significant processes, among others, are essential components of the system. Our product stands out because it comprehends the business process and offers extensive technical coverage.”
Differentiation From The Competition
What differentiates PlainID from its competition? Helemski affirmed:
“We distinguish ourselves by our goods and approach. In addition to the business procedures needed to enable the maintenance of authorization policies, our software offers a solid technical solution. As I mentioned earlier, it’s important to remember that technology is not sufficient on its own, particularly in our field of expertise. Processes, including lifecycle management, approvals, investigation, governance, and more, are critical components of the solution. Our product distinguishes itself by comprehending the business process and offering a broad range of technical support.”
“Additionally, our product differentiates itself from competitors for a variety of reasons:
1.) Business process led – Rather than requiring app developers to change/revise authZ policies, application administrators can make policy changes and assignments swiftly and without coding. Application developers can now focus on building functionally rich applications.
2.) Enterprise Ready Platform – Enterprise authorization solutions are in demand because custom and legacy authorization solutions do not meet modern corporate standards. These solutions deliver centralized policy management, tighter contextual control, policy-based access control and multiple deployment options, including cloud, hybrid, and on-premise.
3.) All identity types – workforce, consumer, B2B (organization management and third-party delegation
4.) All access patterns – Applications, APIs, Data, SaaS, etc. Powered by our ready-to-use Authorizers, the PlainID Authorization platform provides a standard approach to managing and enforcing authorizations across the organization’s technology stack in a consistent and unified way.”
Future Company Goals
What are some of PlainID’s future company goals? Helemski pointed out:
“Authorization management and control is a growing space and has and continues to have a significant impact on the security of each and every organization. As a company it is our goal to continue in leading this space and expand beyond the current and rather technical category.”
“Authorization is shaping itself as a core aspect of the organizational identity security posture, and therefore, we plan to support that in both business directive and technology-related capabilities.”
Additional Thoughts
Any other topics to discuss? Helemski concluded:
“Our goal is to offer knowledgeable and cutting-edge solutions, and we enjoy having a tight working relationship with our clients and value their feedback. Their input is invaluable and has a significant impact on our plan for product development and the future of PlainID.”
