Monday, August 30, 2010

CA snags Arcot: Another step for cloud identity & security

Not everything in the news this week is about VMworld. CA Technologies pulled in an interesting new security-related acquisition today, one that brings in solutions focused on advanced authentication and on-line fraud detection. The idea is to leverage these capabilities to help solve some of the issues in cloud computing related to one of the key concepts that needs solving: managing identity.

As those who watch this space know, security has been on the minds of folks in cloud computing since the term appeared, with the topic topping the list of cloud worries in survey after survey.

The company being acquired is Arcot Systems, Inc., a 165-person firm based in Sunnyvale, Calif., which has a pretty healthy business in this space.

Arcot will team with CA Technologies’ security group’s and on their existing focus on Identity and Access Management (something that the folks in the know on this stuff call, well, IAM). In fact, the CA security folks tell me they think this move does quite a bit to accelerate CA Technologies’ IAM cloud service offering.

Arcot has quite a bit of street cred, it seems. Currently, their solutions (which can be on-premise or cloud-based) are used to prevent fraudulent transactions for about 1 million credit card transactions a day.

“Identity is a critical area for security whether you’re talking about in-house or the cloud,” noted Arcot’s president & CEO Ram Varadarajan in the press release. They boast 120 million identities verified by their solutions today. The company has been around since 1997, has 35 patents awarded or pending, and co-invented the 3-D Secure protocol for online payment security with a little company you may have heard of called Visa.

Not too shabby. Especially on the heels of other security-related M&A activity, including Intel gobbling up McAfee, which also mentioned the cloud angle.

For more granular details, though, I’ll direct you to folks in the know on this topic. The CA Technologies cloud security strategy (articulated here) has 3 pieces to it:

· Enable organizations to extend existing on-premises IAM systems to support cloud applications and services;
· Provide IAM technology to cloud providers to secure their services – whether public, private or hybrid; and
· Enable IAM services from the cloud

And, for a bit more detail about this deal in particular, check out today’s press release, Arcot’s website, or Matthew Gardiner’s blog post.

The article is cross-posted at the CA Cloud Storm Chasers blog.

No comments: