EMC acquires Aveksa Inc., leading provider of business-driven identity and access management solutions

EMC Corporation today announced it has acquired privately held Aveksa Inc., a leader in business-driven Identity and Access Management. Effective immediately, Aveksawill operate within the RSA security divisionas part of RSA’s Identity Trust Management product group, bringing leading technology and expertise that will help RSA bring innovative new solutions to identity and access management challenges across enterprise, cloud and mobile access use cases. 

In today’s increasingly cloud-based and application-centric world, authentication, authorization and identity management have become even more intertwined, complex and critical. The model for each user has shifted from a single authentication to an enterprise network, to dozens of authentications to applications and related data, from multiple user devices, across cloud and on-premise infrastructures. The task of ensuring that the right users get access to appropriate company resources has traditionally been IT-driven, using legacy IAM solutions to enforce all the policies, processes, procedures and applications that help organizations manage access to information.  The lack of intelligence and business context has led to increased risk of data breaches, non-compliance and excessive privilege.  

RSA and Aveksa together will help give organizations the ability to automate the complete identity lifecycle of users from a business-driven perspective, helping turn traditional IAM systems into more agile, intelligent and scalable “situational perimeters.”  With Aveksa, customers have a unified dashboard to manage, control, and deliver access, while consistently enforcing identity and access policies across the enterprise and cloud, at a granular level. 

Aveksa solutions help define rich user profiles and increase the convenience of managing user identities, allowing customers to continue building “situational perimeters” that can flexibly enforce security whenever and wherever users interact with corporate data and resources. The line of business is given easy and secure access to applications, while enabling them to take accountability and responsibility for making access decisions, within the controls, processes, and policies defined by the information security organization. 

Similar to RSA, Aveksa solutions are deployed by customers of all sizes in financial services, healthcare, retail, energy/utility, telecommunications, transportation and manufacturing to solve a wide range of identity management challenges. Aveksa is a comprehensive solution – it spans multiple, heterogeneous IT systems for both on-premise and SaaS systems, and is designed to be easily integrated into an enterprise’s infrastructure. 

Aveksa aligns with RSA’s intelligence-driven security strategy, leveraging insight from roles, processes, and security-oriented Big Data to enable better evaluation, prioritization, detection and response to real-time threats. For example, Aveksa’s ability to provide rich identity context could be used to enhance situational awareness within the RSA Security Analytics solution. 

Aveksa products also complement RSA’s strong authentication, access management and federation solutions portfolio. Together, RSA and Aveksa have the opportunity to fuse notions of authentication and identity as part of an Adaptive Identity platform, leveraging Big Data analytics to transform identity assurance and access controls to ensure only legitimate users have appropriate access to sensitive corporate information. 

Art Coviello, RSA Executive Chairman and Executive Vice President, EMC Corporation: "Today’s enterprises face significant challenges around Identity and Access Management.  The adoption of cloud-based IT infrastructures and the pervasive use of mobile means that security organizations are being asked to secure and provide access to assets they don’t own, manage, or control. Without the deep intelligence able to provide insight into what users should and should not have access to, traditional tools that simply automate IAM leave organizations exposed to the risk of excessive privilege, data breaches and regulatory non-compliance. Together, RSA and Aveksa see tremendous opportunity to help our customers overcome these IAM challenges.”