CA has acquired identity management vendor IDFocus for an undisclosed sum in a bid to bolster its provisioning and enforcement capabilities.
According to CA, the deal to purchase the Palo Alto, Calif.-based firm will help CA meet customer needs around regulatory compliance, specifically as it relates to segregation of duties violations.
Working in tandem with CA Identity Manager, the IDFocus software, dubbed ACE (Advance Components Extensions), prevents such violations proactively. As CA Identity Manager provisions users, it runs a check on the segregation policies set up in the IDFocus software.
If a policy violation is detected, CA Identity Manager is designed to block the provisioning, essentially preventing violations before they actually happen.
The integration of IDFocus software also improves provisioning by taking it to a more specific, finer-grained entitlements level, CA officials said. For example, a user can be provisioned with multiple roles within his or her ERP account, with each role having different approval processes and approvers, modification prerequisites and termination processes, according to CA.
All of this is meant to help CA distinguish itself in a congested field that features a number of large vendors, including Oracle, IBM and Sun Microsystems. According to a report by Forrester Research, the IAM (Identity and Access Management) market will grow tremendously in the years ahead. The analyst firm estimates the market will hit $12.3 billion by 2014, up from about $2.6 billion in 2006.
"Identity management is essential to comprehensive IT security, and the integration of CA Identity Manager and ACE technology enables CA to deliver a robust and powerful identity management solution," said Dave Hansen, corporate senior vice president and general manager, CA Security Management, in a statement. "This acquisition strengthens CA's ability to continually enhance critical elements of CA's Identity and Access Management suite, which helps our customers effectively manage employees' and partners' identity lifecycles and meet new compliance demands."