IBM Acquires Security Software Provider CrossIdeas | eWeek

IBM Acquires Security Software Provider CrossIdeas

IBM Acquires Security Software Provider CrossIdeas
Written By
Darryl K. Taft
Darryl K. Taft
Jul 31, 2014
3 minute read
eWeek content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More

IBM announced it has acquired CrossIdeas, a provider of security software that governs user access to applications and data across on-premise and cloud environments.

Big Blue said its acquisition of CrossIdeas extends IBM’s leadership in delivering innovation, services and software for securing enterprises. IBM has now made more than a dozen acquisitions in security over the past decade and invested extensively in dedicated research and development in the security space.

IBM officials said they believe this blend of organic innovation and acquired technologies is helping IBM customers defend against advanced threats and manage risk in an era of unprecedented technology change. Financial terms of the CrossIdeas deal were not disclosed.

Yet, under the burden of more government regulations and increasing sophistication of security threats, business leaders are demanding that IT and security executives implement access governance policies and solutions that provide visibility into operational and IT risks.

Based in Rome, Italy, CrossIdeas helps organizations manage identities and application access by bridging the gap between compliance, business, and IT infrastructure to help reduce the risk of fraud, conflicts of duties and human error in business processes, IBM said.

“The addition of CrossIdeas extends IBM’s market share leading portfolio of identity and access management capabilities,” said Brendan Hannigan, general manager of IBM Security Systems, in a statement. “IBM can now provide enterprises with enhanced governance capabilities and transparency into risk from the factory floor to the board room, giving leaders the insight they need to protect their brand and customers.”

As part of IBM’s Identity and Access Management portfolio, CrossIdeas will deliver new identity and access governance capabilities to help mitigate access risks and segregation of duty violations. The combined business-driven approach provides integrated governance and full lifecycle management of a user’s time with an organization, IBM said.

For example, a stock trader working in a financial institution may be promoted and given access to approve trades in a new system while retaining access to enter trades in the previous system. This dual access may constitute a segregation of duties violation, which could expose the institution to failing a compliance requirement. With CrossIdeas’ technology, auditors and managers could detect and remediate the segregation of duties violation before it becomes a security risk and audit exposure.

“The innovative technology of CrossIdeas’ IDEAS solution strongly complements IBM’s Identity and Access Management portfolio” and expects to contribute to IBM’s worldwide expansion in the IT security market, said Alberto Ocello, CEO at CrossIdeas.

CrossIdeas addresses the business requirements of auditors and risk and compliance managers with role analytics, intuitive visualizations for better insight into user access, and alignment with compliance and access risk requirements. This capability, known as Identity Intelligence, is delivered via centralized compliance dashboards for auditors to evaluate access risk and activity-based segregation of duties across enterprise-wide applications. These dashboards are populated using a broad array of identity and access repositories including IBM Security Identity Manager.

Integrating CrossIdeas’ governance capabilities with IBM’s security portfolio will be expedited by the two companies’ existing relationship. By its participation in the Ready for IBM Security Intelligence program, CrossIdeas already allows IBM customers to deploy integrated access governance and user lifecycle management technologies leveraging IBM’s Security Identity Management (ISIM) portfolio. This integration will help ISIM customers rapidly introduce access governance capabilities with minimal changes to their existing environment.

IBM’s security portfolio provides the security intelligence to help organizations protect their people, data, applications and infrastructure. IBM offers solutions for identity and access management, security information and event management, database security, application development, risk management, endpoint management, next-generation intrusion protection and more. IBM also operates a vast security research and development, and delivery organization. In addition, the company monitors 15 billion security events per day in more than 130 countries and holds more than 3,000 security patents, IBM officials said.

As an example, with the threat of cyber-security breaches impacting the electric power sector increasing, IBM has come up with a set of best practices for energy and utility organizations to adopt and live by.

“As the leader in the identity and access management market, IBM will drive the shift from using identity and access management as an administrative control to an analytics-centric approach that is risk- and behavior-based for better business decision-making,” Hannigan said in a post.

eWeek Logo

eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site's focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

Property of TechnologyAdvice. © 2026 TechnologyAdvice. All Rights Reserved

Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.