SAP buys secure login tech
ERP plans to bake in basic security
German software giant SAP has moved into the security market with the acquisition of identity and access management technology from Secude.
SAP, which is best known for its Enterprise Resource Planning and enterprise application software, plans to roll secure login and enterprise single sign-on technologies acquired via the acquisition into its portfolio. The Secude deal, announced Wednesday, also involves the move of consulting staff to SAP, a move that will help its sales staff to flog SAP-owned security technology as an alternative to third-party add-ons.
SAP plans to bake the basic version of Secude’s secure login into future releases of its enterprise applications – at no extra cost. The technology will sit alongside SAP's existing NetWeaver identity management technology, as explained in a statement by SAP here.
Switzerland-based Secude, which remains separate from SAP, plans to focus on developing and marketing its remaining data protection products. The financial terms of the deal, announced Wednesday, were not disclosed.
More and more enterprise technology heavyweights are buying into security. SAP's deal to acquit technology assets from Secude can be loosely compared to EMC's decision to acquire RSA Security, the market leader in secure remote access, back in 2006, in a much larger and more significant deal. More recently there's HP's purchase of security tools firm ArcSight for $1.5bn, a move that strengthens its existing security portfolio, and Intel's far more puzzling acquisition of McAfee.
Back in the day, security start-ups used to pine over an acquisition by the likes of Cisco or Symantec. These days a much larger range of potential suitors are available. ®
SAP = Start Adding Pounds
I can understand the intention behind this; SAP have run out of big companies to sell to, the medium and smaller companies are not spending the money they thought they would, and so they are looking to find other ways to generate more money. Adding security to the portfolio makes a lot of sense.
However, I would question their ability to deliver a satisfactory solution. SAP do have some really good people working for them and as independant consultants; they also have a very large number of bloody useless hangers on that cost the customer a fortune and screw up regularly.
Over the past few months, I've seen some of these; people straight out of a college with a mickey mouse degree in "computing theory" that try to get a starter job in SAP consultancy because they think they will earn so much money. (see below)
Personally, I wouldn't trust a single SAP consultant that I have met to discuss security; they simply don't begin to understand the subject. From what I have seen, most installations have security holes that you drive a truck through; they rely on obscurity to provide the first line of defence.
AC because I really could lose my job for daring to criticise anthing SAP related.