EMC just snapped up an access control business. Privately-held Aveska, which develops business-driven identity and access management solutions, will join EMC's RSA security division as part of the Identity Trust Management product group.
With the acquisition, EMC is aiming to add technology and expertise to help RSA drive innovation to overcome identity and access management challenges across , cloud and mobile access use cases. Financial terms of the deal were not disclosed.
"The adoption of cloud-based IT infrastructures and the pervasive use of mobile means that security organizations are being asked to secure and provide access to assets they don't own, manage, or control," said Art Coviello, RSA executive chairman and executive vice president of EMC. "Without the deep intelligence able to provide insight into what users should and should not have access to, traditional tools that simply automate IAM leave organizations exposed to the risk of excessive privilege, data breaches and regulatory non-compliance."
Right People, Right Access
The Aveska acquisition comes against a backdrop of an increasingly cloud-based and application-centric world where authentication, authorization and identity management have become even more intertwined, complex and critical.
EMC explained it this way: The model for each user has shifted from a single authentication to an enterprise network, to dozens of authentications to applications and related data, from multiple user devices, across cloud and on-premise infrastructures.
That means the task of ensuring that the right users get access to appropriate company resources has traditionally been IT-driven, using legacy IAM solutions to enforce all the policies, processes, procedures and applications that help organizations manage access to information. And the lack of intelligence and business context has led to increased risk of data breaches, non-compliance and excessive privilege.
RSA On the Right Track
By adding Aveska to the RSA mix, EMC aims to give organizations the ability to automate the complete identity lifecycle of users from a business-driven perspective, helping turn traditional IAM systems into more agile, intelligent and scalable "situational perimeters." Aveska offers a unified dashboard to manage, control, and deliver access, while consistently enforcing identity and access policies across the enterprise and cloud, at a granular level.
We caught up with Brad Shimmin, a principal analyst at Current Analysis, to get his thoughts on the EMC acquisition. He told us making it possible for IT professionals to open up the firewall without opening the company up to risk has become an absolute paramount necessity in the age of a mobile workforce and social media.
"As an IT provider within your company it's become important to allow your executive and sales staff -- and everyone in between -- to communicate safely and efficiently, travel outside the firewall, and still have access to services without requiring a lot of software overhead," he said.
As he sees it, RSA is capitalizing on a market trend toward a suite-based solution geared toward challenges like mobility. With so many services, from Exchange servers to web servers to SharePoint servers to P2P servers, enterprises face risks that aren't always equally managed or serviced, he said. "RSA is on the right track in trying to encompass some of these very hot areas," Shimmin concluded.