EMC Tunes RSA Identity and Access Management Chops With Aveksa Buy

EMC Corp. went shopping close to home this week, purchasing Waltham, Mass.-based identity and access management specialist Aveksa Inc. in a deal that will bring more fine-grained controls to EMC’s RSA AdaptiveIAM tools.

Officials at EMC, of Hopkinton, Mass., said the acquisition for an undisclosed sum will “help RSA bring innovative new solutions to identity and access management challenges across enterprise, cloud and mobile access use cases.”

Aveksa delivers what it terms “business-driven identity and access management.” The benefits are two-fold. First, Aveksa takes IAM out of the strict purview of IT and puts control of access policies in the hands of individual business units. These “situational perimeters” allow granular control of corporate data and applications based on dynamic profiles that take into account things like role, location and overall security policy.

The Aveksa  IAM platform allows this fine-grained control across both enterprise networks and cloud assets and can dictate identity and access permissions from any computing device. The capabilities are especially important for businesses with increasingly complex IT infrastructures that span on-premises and hosted applications and data stores.

Prior to the acquisition, Aveksa’s tools were largely deployed as connections to DLP and SIEM solutions to allow organizations to connect identity context, access policies, and business processes to the security infrastructure. The Aveksa platform will now be integrated with the RSA authentication, access management and federation solutions portfolio, officials said. In tandem, the RSA and Aveksa offerings will align insight from roles, processes, and security-oriented Big Data to help enable better visibility, prioritization, detection and response to risk and real-time threats.

“Today’s enterprises face significant challenges around Identity and Access Management,” said EMC EVP Art Coviello, chairman of the company’s RSA security division. “The adoption of cloud-based IT infrastructures and the pervasive use of mobile means that security organizations are being asked to secure and provide access to assets they don’t own, manage, or control.

“Without the deep intelligence able to provide insight into what users should and should not have access to, traditional tools that simply automate IAM leave organizations exposed to the risk of excessive privilege, data breaches and regulatory non-compliance,” Coviello said. “Together, RSA and Aveksa see tremendous opportunity to help our customers overcome these IAM challenges.”

“Over the years, our customers have benefited from Aveksa’s comprehensive, business-driven IAM solutions,” Aveksa CEO Vick Vaishnavi said. “ Together with RSA, we can continue our journey to adaptive identity management that addresses today’s ever-evolving access challenges.

“We will continue to provide our customers and the broader market with best-in-class solutions that reduce business risk and enable efficient operations,” Vaishnavi added.