Two recent announcements in the still-consolidating identity and access management (I&AM) market may cause concern for customers of two of the largest vendors.
First, IBM announced its acquisition of Encentuate whose main offering is a single sign-on (SSO) solution. Second, HP is to discontinue sales of its I&AM; offering, SelectAccess, to new customers.
Butler Group can well understand the logic of IBM acquiring Encentuate, given that the software currently sold as IBM Tivoli Access Manager for Enterprise Single Sign-on (ITAM for ESSO) consists of software from Passlogix, an OEM partner. In positioning Encentuate's product as its I&AM; portfolio's enterprise SSO constituent which provides SSO for applications and resources from in-house, IBM may be in a better position to improve integration with its Web SSO (providing access to web-based resources) and Federated SSO (sharing access across organisational boundaries) offerings. IBM intends Encentuate's software to form the core of the next release of ITAM for ESSO, which is planned to be in the third quarter.
IBM seemed most unwilling to explore in-depth with analysts the implications of this product change for existing customers of ITAM for ESSO, who it seems have the choice of becoming Passlogix customers (negotiating with the company that originally licensed IBM to re-use the product), or adopting the Encentuate-based new version.
While Butler Group believes customers need have no concern in undertaking a relationship with Passlogix, which is well established, and has a similar deal with Oracle to that it had with IBM, as well as many other partnerships with leading players in this market, the need to have to do so may be forced upon some by IBM's position, and this may not be the way that organisations wish to undertake their management of IT vendors.
The alternative of following IBM's product upgrade path is likely to involve significant investment: there was no indication from IBM of any migration tool for policies, credentials, settings, schema extensions, or databases - the artefacts that constitute a customer's system just as much as the base product itself.
HP, meanwhile, was careful to say that it will continue to support existing customers of SelectAccess, the software acquired in 2003 from former dot-com boom giant Baltimore Technologies. However, those customers might be concerned in planning further developments around a product that will not benefit from any further developmental investment.
From HP's perspective, however, this move is perfectly understandable, as the company had rather stood still after making its initial acquisition in the I&AM; market, and meanwhile its competitors have expanded their capabilities to an extent that would require HP to invest considerably to upgrade SelectAccess commensurately, and with little prospect of making a differentiating mark in what is now a largely mature market.
It is interesting to see IBM continuing to invest in the higher-value areas of IT security products, and it seems to have recognised the strong technology base of Encentuate's product in announcing plans to leverage the acquired company's development team as the basis for an IBM Security Software Laboratory in Singapore.
That is perhaps one source of future innovation, and Butler Group certainly expects in some respect to see IBM's offerings in the security space broaden further, following on from this acquisition, and those in the recent past of Internet Security Systems and Consul.
Despite this move by HP, we still would not be greatly surprised to see the company make a big acquisition in the security marketplace. It has very sizable ambitions to grow HP Software, and also has the scope to complement any range of security offerings with expanded capabilities from HP Services, further broadening its relationships with customers.
A number of potential acquisition targets might, similarly to HP, sell into both the consumer and enterprise markets, providing HP with cost-saving delivery synergies, and cross-selling opportunities.