EMC announced today that it had acquired Aveksa Inc., a Waltham, Mass.-based provider of identity and access management (IAM) software. While not officially disclosed, The Times of India pegs the deal's worth at $225 million. Going forward, Aveksa's technology will be available from the data storage giant's RSA data security division.
Aveksa takes a business-driven approach to user access and identity management that keeps IT security administrators in the loop. The firm's solutions, which include mobile and cloud-based IAM, enable business managers to set access parameters to company applications and resources with minimal IT intervention.
The company also offers security monitoring, alerting and intelligence with business context awareness. The platform collects and analyzes data from Active Directory, IT systems and applications, offering IT organizations rich user profiles: essentially centralized, contextual views of users' accounts and privileges correlated by their roles, positions or business functions.
For RSA, Aveksa is the answer to the identity management struggles that businesses face as the enterprise IT outlook grows increasingly cloudier. "The adoption of cloud-based IT infrastructures and the pervasive use of mobile means that security organizations are being asked to secure and provide access to assets they don't own, manage or control," said RSA Executive Vice President Art Coviello in company remarks.
Traditional automated IAM solutions open organizations up to the "risk of excessive privilege, data breaches and regulatory non-compliance," Coviello said. Aveksa's ability to generate deep user insights alleviates this. "Together, RSA and Aveksa see tremendous opportunity to help our customers overcome these IAM challenges," he stated.
Aveksa's founder and Chief Technology Officer Deepak Taneja said in a July 8 blog post that joining his company with RSA will usher in an era of intelligence-driven enterprise security. By adopting this strategy, he said "customers can connect insight from roles, processes, and security-oriented Big Data to enable better prevention, visibility, prioritization, detection and response to risk and real-time threats."
Taneja predicts that the deal will have a big impact in how organizations manage user identity and security.
"We believe the combination of RSA and Aveksa heralds a new phase in IAM, one where enterprises can leverage a single IAM platform, delivered on premises or as a set of identity services, that combines governance, provisioning, SSO, sdaptive authentication, federation, and authorization – across the hybrid enterprise that spans on-premise, cloud and mobile," he wrote.
Pedro Hernandez is a contributing editor at eSecurity Planet and InternetNews.com. Follow him on Twitter @ecoINSITE.