"It is no surprise to any of you that most prevalent Identity & Access Management (IAM) deployments are failing to cope with new pressures introduced by rapidly changing infrastructure and unprecedented churn in users and computing devices," blogged Nirav Mehta, EMC/RSA's director of product management responsible for IAM. "The single biggest factor contributing to this is the lack of identity intelligence and business context at the heart of IAM deployments."
He was welcoming Aveksa to EMC. Aveksa has demonstrated, he said, "that IAM can be performed in a fundamentally different way that involves the line of business in the identity life cycle (joiners, movers, leavers) and enables the organization to scale IAM deployments massively without introducing significant risk of incorrect access permissions."
On 8 July, EMC announced that its RSA security division had acquired Aveksa for an undisclosed sum, thought by the Times of India to be "over $225 million". Although based in Massachussetts, Aveksa's development center is in Bangalore. It is one of a relatively small new breed of IAM providers that bring context aware granularity to the access management lifecycle.
"Aveksa began this journey by connecting our IAM platform to DLP and SIEM solutions – allowing organizations to connect identity context, access policies, and business processes to these parts of the security infrastructure," explained Aveksa's founder and CTO Deepak Taneja yesterday. But there is still much to be done. By joining RSA, he continued, Aveksa now has the resources to make a vision a reality. "With intelligence-driven security, customers can connect insight from roles, processes, and security-oriented Big Data to enable better prevention, visibility, prioritization, detection and response to risk and real-time threats."
The technology argument for combining RSA authentication strengths with Aveksa's innovative context-aware IAM is compelling. The business reasons are a little different. Izhar Armony, venture capitalist and board member with Aveksa, explained to Forbes that that the company would have preferred to continue growing on its own until it could go public; but the increasing interest shown by large companies could not be ignored.
“Companies like EMC and other big vendors needed the functionality that Aveksa supplied," he explained. "We were afraid that if we did not sell, they would develop their own applications or acquire a competitor. Now that we are part of EMC, it will be much easier to sell Aveksa as part of EMC’s full identity management portfolio.”
Effective immediately, Aveksa becomes a part of the RSA Identity Trust Management product group. The acquisition is not expected to have a material impact to EMC GAAP or non-GAAP EPS for the full 2013 fiscal year, said EMC.