EMC Corp. is acquiring Archer Technologies LLC, a software maker that sells a compliance management platform, in a move that the storage giant says will extend its portfolio into risk management and policy enforcement for ongoing compliance projects.
Overland Park, Kansas-based Archer competes against Agiliance Inc., SailPoint Technologies Inc. and Symantec Corp., offering a suite of tools that are used to manage compliance initiatives from conducting risk assessments to setting controls and documenting them for auditors. Industry analysts say it's not unusual for large enterprises to run compliance management platforms from various vendors in different parts of the organization.
Archer's software will be wrapped into EMC's product portfolio, offered as a standalone product and will operate under EMC's RSA security division. Terms of the deal were not disclosed. Archer will remain at its Kansas location, EMC said. The acquisition is expected to close by the end of the first quarter.
Governance, risk and compliance:
GRC Tools Help Manage Regulations: We look at three GRC products and the distinct ways these tools can help organizations navigate the complicated regulatory game.
Bob Blakley, vice president and research director for Burton Group's identity and privacy strategies group said EMC's biggest challenge may be to provide integration services for new customers and ongoing support services. Compliance orchestration software has a long deployment cycle and requires partners to manage integration and support, he said.
"This is not like buying a box and deploying it; this is very complicated," Blakley said. "There's a certain amount of detail that needs to be mastered and you need agents and adapters in order to get information about current configurations of endpoint systems."
The market for compliance management software continues to mature with larger vendors -- Symantec and CA -- providing a well rounded suite. Blakley said EMC will round out its compliance management portfolio by selling RSA tools with Archer's SmartSuite Framework. The platform provides support for mapping specific sets of controls to a particular compliance framework. Archer's Exchange online community allows customers to share custom modules.
Archer acquired one of its major competitors, Brabeion Software Corp., last year, in a deal that helped it add rich content libraries of technical compliance baselines and controls. Brabeion also had a high profile customer base that included several Fortune 500 companies, including American Airlines, Chevron, Citigroup Inc., Northwest Airlines Corp., McKesson Corp., DirecTV and Guardian Life Insurance. Archer had planned to phase out support of Brabein's products in 2010.
In a message on the Archer company blog, Archer CEO Jon Darbyshire said he expects Exchange to continue to thrive under the acquisition. The EMC acquisition will also help Archer further build out its product portfolio. The acquisition will result in deeper integration with RSA software, but the company remains committed to supporting the integration of other third-party products and modules, Darbyshire said.
"Our community-driven approach to product innovation will be stronger than ever, and the relationships we share with our valued customers will not change," Darbyshire said. "Moving forward, you will also have the power of EMC behind you, including an unmatched technology infrastructure, a global team of sales and services personnel, and an expansive partner ecosystem."
Archer customers currently hosting the software with IBM Global Services will not be initially affected by the acquisition, said Alex Bender, vice president of marketing for Archer Technologies. Bender said EMC would begin to phase in offering software-as-a-service and hosting services.
"Archer's multi-tenant architecture allows organizations to continue to leverage their current software host provider," Bender said. "Over time, customers will have more choice of hosting providers and we expect EMC will be one of them."
RSA customers have been asking for policy management, audit and compliance tools, Art Coviello, president of RSA said in a statement. Companies use governance. risk and compliance (GRC) tools to manage specific industry regulations. Archer's main client base includes a number of financial firms in which RSA has been implemented alongside Archer software.
"You can't manage what you can't see. The Archer solution not only offers the visibility into risk and compliance that customers need, it brings stronger policy management capabilities to the RSA portfolio," Coviello said. "The end result is customers are able to better manage their security programs and prove compliance across both physical and virtual infrastructures, and effectively communicate to the business."