EMC’s RSA Unit Grows IAM Capabilities With Aveksa Buy
Legacy IAM solutions, which lack the intelligence and business context capabilities, can't handle such demands and puts data at higher risk, officials said. In addition, they tend to be IT-driven, while the need now is to shift to a more business-driven model that can address what EMC officials call "situational perimeters," ensuring that organizations can enforce security regardless of how, where or when a user looks to access corporate resources. "The adoption of cloud-based IT infrastructures and the pervasive use of mobile means that security organizations are being asked to secure and provide access to assets they don't own, manage, or control," RSA CEO Art Coviello said in a statement. "Without the deep intelligence able to provide insight into what users should and should not have access to, traditional tools that simply automate IAM leave organizations exposed to the risk of excessive privilege, data breaches and regulatory non-compliance." With Aveksa in house, RSA will be able to automate the user identity lifecycle from a business-driven—rather than IT-driven—perspective, according to EMC officials. Aveksa brings with it a unified dashboard that enables and manages access while enforcing identity and access policies throughout the enterprise and the cloud. According to Deepak Taneja, Aveksa co-founder and CTO, the company's initial goal was to make identity management business-driven.Joining with RSA will give the Aveksa the technology, support and reach it didn't have as a stand-alone company, he wrote. "By cohesively integrating these elements into a single vendor solution, enterprises can transform how they're solving their IAM challenges," Taneja wrote. "With intelligence-driven security, customers can connect insight from roles, processes, and security-oriented Big Data to enable better prevention, visibility, prioritization, detection and response to risk and real-time threats."
"By automating business processes for access review, access policy management, role management, and policy-driven access request, our customers were able to deliver access to the business more efficiently, while ensuring that all user access met security and compliance requirements," Taneja wrote in a post on the Aveksa blog. "More recently, Aveksa expanded our offering to include Provisioning and Cloud solutions. With governance, provisioning, and cloud capabilities combined into one IAM platform, we've redefined what enterprises need from an IAM vendor—a simple 'one-brain' IAM solution that's easy for the business to use, for IT to manage and for audit, risk and compliance teams to drive and test."