Quest Acquires Bitkoo to Expand Its Identity Management Portfolio

With its acquisition of Bitkoo, Quest Software can now offer enterprise customers a range of centralized identity and access management products.

Quest Software has acquired Bitkoo, an access-control technology provider, to enhance its identity and access management portfolio. The acquisition, which Quest officially announced Dec. 19, has already closed and financial terms of the deal were not disclosed.

With its latest acquisition, Quest will be able to provide customers with a more centralized approach for handling authentication within the enterprise, inside databases, and for cloud-based applications and Web services. Bitkoo's Keystone technology supports fine-grained authentication and entitlement management in enterprise IT environments, and will be included in Quest's One Identity Solutions portfolio, Jonathan Sander, director of business development for identity and access management at Quest Software, told eWEEK.

With Bitkoo, Quest customers would be able to use the XACML-based authorization service for applications built in-house and allow consistent access management across multiple applications, Web services and data. Keystone is also capable of providing row- and column-level security within a SQL Server database without needing custom code.

Quest will be able to "offer organizations the capability to define granular access controls for users based on user attributes, the resource and the context of the access request," said Nick Nikols, vice-president and general manager for identity and access management at Quest Software.

Organizations are increasingly looking at ways to externalize authorization, or taking the decisions out of individual applications and moving them into centralized back-end systems with centralized rules, according to Ian Glazer, a Garter analyst who wrote about the acquisition on his blog.

Instead of building the logic to handle security individually inside each application and having to manage security policies separately, externalizing authorization means a single platform will be in charge of managing all the policies and rules. With Bitkoo's technology, Quest has the opportunity to "bring externalized authorization to the masses," Glazer said, noting that protecting the data in SharePoint would be a good first step.

Acquiring Bitkoo made a lot of sense since the company was a "leader in the space" and had a healthy customer base, Sander said. He noted that Bitkoo's technology was based on Microsoft .NET framework, which meant it would be much easier to integrate with Quest's own products, as well as use its plug-ins for Windows-centric platforms such as Sharepoint.

When someone wants to access an application, generally the first question is "Who are you?" Sander said. Bitkoo's technology asks a similar question, "What are you allowed to do?" in order to figure what the person can do, according to Sander. Many organizations rely on role-based systems that defined what the user, once authenticated, can access, but with Bitkoo, they now have an enforcement capability, he said. Not only can the system say what the user can access, it can also actively stop the user from going ahead and trying to get into an unauthorized space.

"Quest has chosen to move forward with BitKoo as our 'big bet' in the authorization market," Jackson Shaw, senior director of product management at Quest Software, wrote on his blog.

Quest has acquired several identity and access management companies in recent years, including Volcker Informatik for provisioning and access governance, Symlabs for virtual directory services, Vintela for Linux and Unix authentication and integration, and e-DMZ for privileged user and account management tools.

It would be interesting to see if Quest would tie Keystone with the IAG capabilities acquired from Voelker, Glazer noted.