webinars



Industry Comment Research   RSS Feed

Webinars Buyers' Guide Podcasts

Related Publications Foward Features




  In partnership with:

25 August 2006

EMC buys RSA Security for $2bn. Have they gone mad?

Eric Doyle

Perhaps EMC wants to be the Tesco of the IT market. If so then CA, IBM and HP offer stiff competition. Documentum was an understandable purchase for the storage giant, even though document management peripheral to its business. And ControlCentre, Invista, Legato, Rainfinity, Smarts, and VMware were all sensible seeming acquisitions.

RSA is something else. To many people it is the company that produces those handy, little SecureID key fobs. To those who know the company better, it is the doyen of the encryption world and the prime mover in authentication software. None of these areas has much to do with data management except in the loosest sense of access control.

The $2bn will not slip unnoticed from the admittedly swollen coffers in EMC’s Boston basement. Joe Tucci, EMC chairman, president and CEO, admitted that the deal resulted from a secret bidding war. This may have inflated the price and only adds to the suspicion that something is brewing.

EMC sees itself as the custodian of its customers’ data and, given the size of some of its accounts, that probably amounts to over half the digitally stored data in the world. At this year’s EMC World conference in April, the company began to show its hand.

Tucci kicked things off in a press conference by saying that the company had not finished its recent spending spree and would be buying up other companies – but had no plans to purchase hardware manufacturers. Later, the newly-appointed vice president of information security at EMC Dennis Hoffman unveiled more of a dream than a plan for the development of a security infrastructure for storage.

With virtualization of storage systems, the lynchpin is software, not hardware. Tucci does not want the company to disappear into the storage closet hidden behind this virtualization portal. He wants to hold the keys to that door – encryption keys.

Complexity of the security scene

Storage of meaningful data was thought to be the domain of the database companies until email rose in importance. Added to this, the issues and legislation stirred up by the Enron scandal has forced companies to look hard at their information systems and to want to clamp down on security. This has meant a windfall for companies defending the borders but the security scene is becoming too complex. Mobile technologies and untrustworthy or non-security conscious employees have made breaches in the fortifications. As in days of old, the castle needs a keep, a last resort that can be defended more effectively.

Hoffman is in charge of providing this edifice for EMC. His dream, outlined at the conference, was that one day all data would be protected. At the time it sounded like each item of data would be wrapped in a bullet-proof coat of encryption and permissions to ensure that it could only be accessed by sanctioned users and applications. This may still be the endgame to which EMC strives, but first it needs to establish itself as a player in the security field. The purchase of RSA certainly offers these credentials. EMC could have gone for smaller companies in the market but this would not have had the same shock factor.

RSA is self-sufficient and has an established customer base. President and CEO Art Coviello’s stewardship of the company has turned it into a more profitable outfit which could probably survive on its SecureID licensing revenues alone. Hoffman says that EMC does not want to integrate and obliterate the company but to let it be semi-independent, spinning off its future innovations into its traditional market as well as fulfilling EMC’s needs.

Service oriented framework

In a recent interview with Computer Weekly, Hoffman said that one of RSA’s attractions is the work it is doing to produce a service-oriented security framework that other products can plug into to provide a service security system. RSA has been developing this as the Identity Management System (IMS) and Hoffman sees this as relevant to content management, virtualization and network management as part of information lifecycle management (ILM).

IMS offers applications and devices a standardized and managed port of call for authentication, authorization and encryption key management. Hoffman summed this up by saying, “It facilitates our ability to build security into everything we make.”

EMC has to grow and develop as a company and the disk drive market is tightly controlled by price. Margins will similarly reduce in the virtualized storage market as the technology matures and EMC has to find a growth market. The security market has grown rapidly over the last few years but there is still room for growth. Storage is where much of the information that drives the company resides and, if EMC can not only protect this in situ but also develop a way to protect it in transit, the profits would be immense.

Maybe the company is on a quest that will be unfulfilled but RSA will remain as a profitable asset. If EMC is going mad, maybe there are companies out there who wish they were crazy, too.

Back to news index



 

 
Search this Site:
Google Custom Search



Click here...