With its purchase of RSA Security in late June, EMC has made perhaps its boldest move yet in an ongoing strategy to reinvent itself as a one-stop shop for enterprise information and content management.
For months, EMC had been trumpeting its desire to beef up the security capabilities of its entire product portfolio. With large-scale security breaches becoming ever more prevalent, the company had found that security was No. 1 on a list of its customers' concerns.
Encryption, identity management and "key management" will most likely be the first three security components out of the gate, says Rob Sadowski, EMC's senior product manager for information security. "Customers want one centralized place to access and manage all these keys, to encrypt data at every point in the lifecycle," he says, whether the keys are being used to decode business process management (BPM) data or information on a file server or in an array--wherever data exists in the lifecycle.
The earliest EMC might go to market with RSA incorporated into its broader product offerings would be the end of the year or the beginning of 2007, Sadowski says.
Even before the RSA purchase, EMC had been working on what it calls the "common security platform," to be used by all of EMC's products. And RSA had earlier revamped the architecture of its security solutions, providing an open interface. Because of these parallel projects, analysts say, engineering obstacles should be minimal when it comes to integrating RSA tools with EMC's diverse technologies. "It isn't the sort of thing where either company is going to have to use a crowbar," says Charles King, principal analyst at Punt-IT. And EMC's Sadowski says, "It's less a technical challenge than an execution challenge: How quickly can we do this and convince the market that we can?"
EMC believes the apparent ease of the integration will help set it apart from its competitors. Having those security features "built-in, rather than bolted on to our products," Sadowski says, is a security feature in itself, since the more deeply tied security is to other programs, the safer the information in those programs will be.
The goal now, according to Sadowski, is to use RSA to build out that common security platform. EMC wants to provide a single environment for all security features, as well as "interfaces for integration with customers' existing security infrastructures," he says.
Another area EMC has been working hard to develop is BPM. Shortly before it acquired RSA, EMC bought ProActivity Software Solutions, a BPM modeling and analysis vendor. With the purchase, Lubor Ptacek, director of product marketing for the EMC Documentum unit of the company, asserts the company now has "the most complete suite [of BPM offerings] on the market," a bold claim that strains credulity, to say the least.
As with RSA, a lot of integration engineering remains to be done, and a timetable for marketing solutions with ProActivity built into the architecture has been tentatively set for mid- to late 2007, so EMC will continue to play catch-up in a fast-maturing market that is rapidly consolidating.
Documentum has licensed encryption software from RSA for years, but there will be further opportunities for synergies, Ptacek says. For instance, the division might bundle RSA's single sign-on tools and biometric authentication technologies into its suite. --Scott Eden
SINGLE SIGN-ON STAMPEDE. Oracle and Microsoft have joined the single sign-on bandwagon. Oracle rolled out a single sign-on suite based on Passlogix technology in June. Later that month, Microsoft said it will synchronize Active Directory with Windows Live ID (formerly Passport), giving users single sign-on for Web apps and services.