Symantec's Identity Management Plans Tied To RSA's Deal For Symplified


Symantec tried to acquire Symplified months before its sale to RSA, The Security Division of EMC, in June, according to former Symantec CEO Steve Bennett.

In an interview with CRN in March prior to being ousted by Symantec's board of directors, Bennett said the company had been in negotiations to acquire Symplified, but the identity-as-a-service vendor was asking an "astronomical" price for its technology. Bennett, who was in the midst of downsizing the company, had called the platform a "diminishing priority."

As an early entrant to the market, Symplified had struck a licensing deal with Symantec, putting its technology at the core of Symantec's O3, which has been available in an on-premise virtual appliance or as a hosted or hybrid deployment option. Industry observers say the failure between Symplified and Symantec to strike a deal may have distracted Symplified and caused Symantec to rethink its O3 cloud identity gateway for access management and single sign-on. O3 has struggled to gain broad adoption against a growing number of identity-as-a-service vendors.

[Related: RSA Acquires Symplified Technology Assets In Fire Sale]

Michael Brown, Symantec's interim CEO, told financial investors in May that the Mountain View, Calif.-based vendor is assessing its product portfolio and would step away from technology areas where it would not be competitive. Identity and access management, however, remains a priority, according to a Symantec spokesperson in a statement issued to CRN late Wednesday.

"We have developed a proprietary single sign-on solution (SSO) and are working with existing O3 customers to transition to the future Symantec SSO solution. We will support existing O3 customers through the length of their contracts," the spokesperson said.

Symantec is in a market dominated by best-of-breed identity-as-a-service platform makers, including Okta, Ping Identity and Covisint, which are established market leaders that offer access management, SSO, and logging and reporting capabilities, according to research firm Gartner. Symplified, which entered the market in 2008, had lost momentum and brand recognition relative to its competitors, said Gregg Kreizman, a Gartner research vice president and author of the 2014 Magic Quadrant Report. 

RSA said it took advantage of "an unexpected opportunity" when it acquired the Boulder, Colo.-based identity platform maker's technology assets in a deal that closed June 4. A spokesperson told CRN that RSA, Bedford, Mass., is retaining a limited number of engineers who will remain in Colorado and that RSA technology "will not have an immediate operational capability."  The company will add the technology to its 2013 acquisition of Aveksa, a vendor of an on-premise identity management platform and a licensed SaaS-based single sign-on service.

Symantec was not nimble enough to invest and stay the course with disruptive technologies that wouldn't generate enough revenue, former Symantec CEO Enrique Salem said in an interview with CRN earlier this year. Salem, who joined Bain Capital Ventures, also serves on the board of cloud analytics and policy vendor Netskope. At the time, he said a successful new unit at Symantec would need to make $350 million to $700 million in revenue on an incremental business. Cloud security and analytics initially would generate about $10 million from early adopters, he said.

NEXT: Cloud Identity And Access Management Disruption