News Article | March 19, 2010
Six months into his job at EMC, Pat Gelsinger observed that different departments in the organization were "running their own plays", and has since been working hard at "connecting the dots" more firmly between the different business groups reporting to him. The former Intel CTO, who is currently serving as EMC's president and COO for its information infrastructure products, told ZDNet Asia in a phone interview that improving the company's partnerships with other key players are also a priority, with the aim of "enabling new use models" for customers. He pointed to the recent EMC-Intel collaboration as an example. EMC announced earlier this month it was partnering with the likes of Intel, RSA, VMWare and Archer Technologies to unveil a proof-of-concept to embed security on the entire cloud computing stack--from hardware to the applications running atop the infrastructure. "This is an example of connecting the dots that we've been able to get underway since my arrival, and you will see more examples where we will simplify the product line and have unified management capabilities and security... We will do a better job in bringing our portfolio together," said Gelsinger. Outlining EMC's storage plans Gelsinger also announced plans to create a virtual storage center in the cloud last week, according to reports. The project has been described as "a network of geographically distributed data caching appliances that maintain coherency and data consistency with respect to one another", despite great distances spanning between the various network nodes. Gelsinger, during an analyst briefing, noted that this product will have "solved the problem of cache coherency over distance". Queried about this, he said EMC is essentially bringing two bodies of technology together to make this happen, namely caching, storing and workload technologies with Yotta Yotta's protocols, algorithms and patents. The latter was a Canadian storage networking company that EMC acquired in September 2008. The executive added that while there is "appropriate skepticism" about the idea, the large majority of responses have been "positive" since the announcement. On the product roadmap, he said "version one" of the product is being tested by customers today, while "version two" will see Yotta Yotta's software protocols and algorithms embedded into storage appliances. Of the increasing amount of data the world is generating--IDC predicted that the amount of data we have will increase fourfold in the next four years--Gelsinger said this trend is "wonderful" and is the "fuel that drives our business". He said the company is looking to increase the performance of their storage products, particularly in flash and solid state drive technology, while also driving down the cost of products and the energy used in running them. Cloud drive in Asia Gelsinger agreed that cloud computing is likely to see high adoption rates in due time in the Asia-Pacific region, because many of the emerging markets here do not have mature, established IT infrastructures. He noted, however, that the region lags behind the West in adopting the cloud. But he remained optimistic, citing the example of the mobile phone industry in China take off after a similar lack of landline infrastructure, and is now twice the size of the U.S. market. Cloud computing will likely follow the same path, he said. "There is still a lot of experimenting among customers and we're still in the early days, but we're optimistic because we see a lot of momentum and enthusiasm in the industry," Gelsinger said. He also stressed the importance of the region to EMC's overall plans, saying that in regard to where the global economy is heading, "Asia is it". To that end, the company plans to be more aggressive in bringing its technologies here, he added.
News Article | March 2, 2010
EMC is expanding its security consulting services to help enterprises tackle the complexities of securing their data and complying with regulations in virtualised computing environments. The company is set to introduce four new services from its RSA Security Practice, including one that comes out of its recent acquisition of Archer Technologies. The consulting services will combine EMC's enterprise IT expertise with the security background of its RSA division to help customers secure their data based on business policies. EMC acquired Archer, a privately held governance, risk and compliance vendor, in January for an undisclosed sum. The number of data security breaches now hitting enterprises indicates their internal systems can't keep up with new threats, said IDC analyst Vivian Tero. "When one takes into account the adoption of new technologies like cloud computing and virtualisation, the security and risk management challenge becomes even more complex," she said. With their data spread across virtualised data centres and cloud computing environments, organisations have to know more about how the virtual infrastructure is configured to know where bits of data might be, Tero wrote. And administrators need to understand that quickly instead of waiting for an audit to identify potential weaknesses. Doing that by manually analysing information from multiple point applications is too hard, so EMC wants to help them automate some of that management, she wrote. The services EMC is introducing span a wide range of security-related requirements. Its Standards and Compliance service, based on Archer's technology, works along with existing approaches to "translate business objectives into policies and information risk strategies," according to EMC. That, in turn, can help customers meet corporate governance and regulatory compliance requirements. The Virtualization and Private Cloud Security service is designed to assess the security of virtualised environments and help secure virtual desktops and private clouds. With the new Fraud Assessment and Strategy service, EMC will provide recommendations for addressing and mitigating risk. A new Security Operations service is designed to help enterprises build an integrated security operations centre. First Data, a payment processing company, will announce it is expanding its test of a card-information security system that it says it developed with the help of the RSA Security Practice. The TransArmor system, formerly called First Data Secure Transaction Management, takes shoppers' credit card numbers out of merchants' point-of-sale systems as soon as the transaction takes place, said Craig Tieken, vice president of merchant product management at First Data. TransArmor encrypts the card data for transmission to credit card companies and card-issuing banks for approval. It gives the merchant a token in place of the sensitive data so the store doesn't have to worry about securing their customers' information. Starting out on the project about a year ago, First Data looked for security consultants to help develop it and scale it up, and found EMC, Tieken said. TransArmor uses RSA encryption technology. First Data's test of TransArmor is expanding from just a few customers to more than 400. It should be generally available to merchants by the middle of this year, Tieken said.
News Article | January 5, 2010
EMC said on Monday that it will acquire privately held Archer Technologies, a maker of governance, risk and compliance software. The company said it will close the deal in the first quarter. The plan is to fold Archer's risk management software into EMC's RSA security division. Archer's software allows companies to visualise and manage risks to physical and virtualised environments. Archer has more than six million licensed users and counts 25 of the Fortune 100 as customers, such as Bank of America, Wells Fargo and Procter & Gamble. For more on this story, see EMC picks up Archer Technologies, folds it into RSA on ZDNet.com.
News Article | January 4, 2010
EMC said Monday that it will acquire privately held Archer Technologies, a maker of governance, risk and compliance software. The company said that it will close the deal in the first quarter (statement, blog post). The plan is to lump Archer's risk management software into EMC's RSA security division. Archer's software allows companies to visualize and manage risks to physical and virtualized environments. Archer has more than 6 million licensed users and counts 25 of the Fortune 100 as customers such as Bank of America, Wells Fargo and Procter & Gamble. The Archer portfolio looks something like this:
News Article | January 5, 2010
It turns out regulation and government mandates aren’t always bad for business. A generation of new software companies is emerging to serve businesses who need to comply with a skein of regulations put in place over the last decade to fight financial and accounting fraud, prevent database breaches, and generally make businesses more transparent and accountable. These software companies are offering big businesses more efficient ways to keep track of governance, risk management, and compliance—a set of mandates that’s come to be known as “GRC.” Boston is home to a major cluster of GRC companies, with names like eIQ Networks, Lumigent, and OpenPages leading the list. But Hopkinton, MA-based EMC, one of the leaders in data storage, has decided to reach well beyond the local area—all the way to Overland Park, KS, in fact—to acquire enterprise GRC specialist Archer Technologies. The acquisition, which was announced Monday and is expected to be completed before April, will turn privately owned Archer into a part of RSA, EMC’s security division. It’s a sensible pairing, since many of RSA’s products, such as technologies for authenticating computer network users and documenting security incidents, generate reams of reporting data that Archer’s metrics, analytics, and documentation software can make more comprehensible. Many customers use both companies’ systems, and the software will presumably now be integrated in a way that makes it unnecessary to, for example, manually cut and paste information from RSA’s enVision, a security log management system, into Archer applications. Todd Graham, a senior technologist in the office of the chief technology officer at RSA, cited this practice in a blog post Monday explaining how the Archer acquisition willl help RSA customers. According to Graham’s post, the Archer acquisition is the outcome of a two-year effort within RSA to define how the division should help customers manage their IT-related GRC needs—everything from defining policies for dealing with hacker attacks to tracking how computer passwords are issued and revoked to demonstrating compliance with privacy and accounting regulations. RSA apparently concluded that Archer’s tools for documenting company policies, tracking incidents, and the like—which are already used by one-fourth of the Fortune 100 companies—are better than anything EMC has built internally. And when EMC lacks a technology in-house, it’s well known for its willingness to acquire it. The fact that Archer is landing inside RSA, rather than some other part of EMC, brings more clarity to EMC’s overall GRC strategy. Back in June, when I asked RSA president Art Coviello whether he viewed GRC software as an important market for EMC, he sounded somewhat dismissive of the category. “It’s a big, amorphous term that could mean anything to anyone,” he said. “You could stick a ham sandwich under the umbrella of GRC.” It was so amorphous, in fact, that different divisions of EMC were vying to be known as the company’s main providers of GRC software and services. “Even within EMC, you’ve got our resource management group saying, ‘We are the GRC of EMC,’ and you’ve got the content management and archiving group saying, ‘No, we’re the GRC of EMC,'” Coviello said. Well, it turns out that RSA is going to be the GRC of EMC. Coviello hinted in that June interview that … Next Page »
News Article | January 25, 2011
RSA COO Tom Heiser doesn't consider himself a visionary because he "cannot predict where things are going to be in five years". But the company veteran is certain about one thing: security will be an increasingly critical component as cloud and mobile adoption continue to grow. Heiser joined EMC, which acquired RSA in 2006, as a sales trainee in 1984 after graduating from the University of Massachussetts. The executive progressed through 12 positions within the company before landing up at the EMC security arm in July 2008. With over 26 years of experience under his belt, the COO considers formulating and executing strategies his strongest suit--skills that are critical in building up RSA's core strengths in authentication and security management, which he described as "hot growth areas"--thanks to the rise of cloud and mobile computing. Recently in Singapore to meet up with sales partners, Heiser met up with ZDNet Asia to discuss RSA's business plans and chat about new year resolutions and the risks in migrating to cloud computing. It's been three years since the economic downturn in 2008 and things are finally looking bullish for the global economy. Is one of RSA's new year resolutions to capitalize on this upswing and enter new markets? There's this book called Profit From The Core which we use as a template, and this talks about how close we should stay true to one's core businesses. Using this as part of our strategic planning process, we determined that RSA has three cores to our business. One core is authentication, the second is security management, while our third "emerging" core is around virtualization and cloud computing. Are we branching out of these? Probably not. I mean, we take a look at the whole landscape of security, and we see what's hot, where's the growth. Security management is super hot, virtualization and cloud computing is crazy hot, so we're already in these hot, high-growth areas. What we don't want to do is delude ourselves. You won't see us getting into network-based security or endpoint-based security, firewall or antivirus. Those are big but, like antivirus, super slow growth and ripe for disruption. You can take a look at the numbers--antivirus is estimated to be effective 35 percent of the time. So, we're assuming the firewall will be breached and antivirus won't work. Where do you see RSA's focus heading in 2011? What RSA has done is we have assembled a portfolio of products, solutions and services into a suite that addresses customers' challenges. IT spend is supposed to grow 4 to 6 percent this year, and the security market is supposed to grow 9 percent. If you look at these figures, security is twice what the IT spend is. This demonstrates that we're in areas of high growth. One of these areas is in security management. We're putting RSA's enVision, security information and security management, data loss prevention (DLP) and Archer Technologies' GRC (governance, risk and compliance) products into a suite, which is where customers are spending their dollars. The other trend is the explosion of virtualization and cloud computing, and their associated risks. We have tons of data on that, and one statistic that jumped out at me was that 91 percent of CIOs are concerned about security with cloud deployments. Another survey showed that 51 percent of CIOs said security was their No. 1 concern. So, we're attacking this concern and our portfolio is uniquely positioned to capitalize on that. That would mean that some companies still can't quite manage the security risks involved when moving to the cloud? Absolutely. It's something I see all the time. About two months ago, for instance, we were talking to one of the top five global healthcare companies which recently completed a huge private cloud deployment. The company was very progressive and driving cloud for cost savings and operational efficiencies. So it was virtualizing its IT infrastructure and was going crazy with that. But when we met the CIO and his team, he was, like, 'I need a strategy to keep up with this thing'. He wasn't involved in the upfront deployment, so now what he's doing is playing catch-up with how to protect that environment. This happens all the time. I wouldn't call the CIO's reaction as panic, but you could see huge concern on his part where it was reactive rather than proactively building security into the company's cloud deployment. You identified authentication as one of RSA's core areas. Could you give us a glimpse of authentication innovations that are on the cards? If we go back seven years ago, over 80 percent of RSA's business was SecurID. In 2011, this will be the first year that SecurID constitutes less than half of our business. It's not that the business is declining, but that all the other areas are seeing high growth. If we fast forward, we still have the largest market in authentication but what we're doing is deploying it in a cloud environment, which is the next big thing. Mobile authentication is also a big growth area for us. There are over 300 million identities we're protecting through our software-as-a-service (SaaS) application products. There'll also be other things through mobile and non-token-based authentication, which are coming up real soon. Mobile security presents a huge opportunity for us. How do we protect smartphones and make sure these are secured? The other challenge is how we can turn this device into an authenticator. So these are great opportunities on both fronts: to secure the device, and using the device to secure. Rivals such as Dell Computer, which acquired storage vendor Compellent last month, and Hewlett-Packard have been pretty active on the acquisition front. Are you planning to join in on the M&A (mergers and acquisitions) fray? We will be acquisitive, mark my word on that. Acquisitions aside, though, we're driving a lot of internal innovations as well. So, we'll stay true to our core, but we're going to complement it both organically with our own development as well as through M&A activities. You've been with EMC since 1984, fresh out of graduating from the University of Massachusetts. Ever thought of doing something else, like, investing in your own startup? You know it's an interesting question because I once thought of becoming a venture capitalist (VC). But, I'm not a visionary, I can tell you that now. I think I'm very good with execution, and I can develop a strategy but I can't predict where things are going to be in five years. I probably picked only one stock to invest in in the past five years--General Electric at US$8 a share--because I knew it wasn't going to go under. That's why I never became a VC! Today, I put everything into my work and family but leave the rest, such as investing, to the professionals. Did you plan to stay with the same company for so long? I didn't plan for it. I would have bet anything that I wouldn't have been with the same company for 26, almost 27 years. Never in a million ways would I have planned it the way my career has panned out. In fact, I was 22 years old when I first started out and I wanted to work for IBM, but that offer didn't come in until after I started with EMC. By then, Roger Marino, one of the founders of EMC, wouldn't let me quit. I still see him socially and I thank him for keeping me here every time. I don't know if you consider it a role or a job but, to me, I had about 12 different jobs in my almost-27 years at EMC. That has allowed me to stay fresh and learn. It's like every time I'm wrapping up a role, they would say, 'Hey, do you want to run M&A?' and I'd think, 'I'd love to run M&A!' So I go run M&A. Or 'Hey, RSA's got some changes going on' and I'd say 'I love RSA! They've got so much potential', and there I go. It's just been unbelievable for me. In one sense, being at EMC is all I know, and yet, it's also kind of embarrassing. But who knows what's next? One of my tenets is to do the best job possible and your career and compensation will follow. It's a little bit idealistic, but I haven't seen anybody following this motto not get rewarded by it.
News Article | January 5, 2010
EMC continues to branch out in areas peripheral to storage, most recently in the data governance, risk and compliance sector. The hardware and software vendor announced on 4 Jan. that it plans to acquire privately held Archer Technologies, a provider of GRC software. Financial details of the transaction were not released, but EMC reported that the deal will not have a material impact on revenue for the full 2010 fiscal year. Archer has about 6 million licensed users and a client list that includes 25 of the Fortune 100, EMC said. Archer makes automated, integrated GRC software for managing corporate policies and objectives for their life cycles. Its products automate, analyse and manage business risks, while helping corporate policies adhere to compliance requirements. Archer’s frontline product is the SmartSuite Framework, which includes management functions controlling management of policies, risk issues, compliance, business continuity and audits. The acquisition is expected to close in the first quarter of 2010. Archer will be melded into EMC’s RSA security division. Thus, EMC obtains another brand of software that establishes, monitors and reports on risk and enforcement policies for physical or virtualised infrastructures or both. “Traditional security management focuses primarily on addressing technology issues, but our customers are telling us that their real challenges are in the areas of policy management, audit and compliance,” RSA President Art Coviello said in a news release. “You can’t manage what you can’t see. The Archer solution not only offers the visibility into risk and compliance that customers need, it brings stronger policy management capabilities to the RSA portfolio. The end result is customers are able to better manage their security programs and prove compliance across both physical and virtual infrastructures, and effectively communicate to the business.” Better centralised management of new-generation data centre features appears to be driving EMC’s acquisition strategy. In May 2009, EMC acquired Configuresoft, a former OEM partner that makes server configuration, change and compliance management software. In August 2009, EMC bought FastScale, whose software optimises image management to enable better performance and scalability of private cloud systems.
News Article | March 2, 2010
SAN FRANCISCO--EMC, RSA, VMWare and Intel have announced a new collaboration to introduce a framework encompassing security and compliance for cloud computing in the enterprise space, revealed key executives. At a media briefing here Monday, before the start of this year's RSA Conference, executives from the various companies detailed plans to utilize Intel's new Westmere processing chip, which will feature a new platform called "Trusted Execution Technology (TXT)". This technology will provide authentication for every step of the boot sequence, from verifying the hardware configurations and initializing the BIOS, to launching the hypervisor, according to the partners. This "trusted computing infrastructure" concept will be based on a hardware root of trust that will come with Intel's latest chip and encryption technology, secure virtualization environment, security information and event management, and GRC (governance, risk and compliance) management software, the companies said in a joint statement. This comes after EMC's January acquisition of Archer Technologies, which provides GRC software. EMC acquired RSA in June 2006 and VMWare in December 2003. "Today, most organizations have little to no visibility of what's occurring within the infrastructure layers of clouds, making it impossible to verify their security," Pat Gelsinger, president and COO for EMC's information infrastructure products, said in the statement. "Together, our companies are demonstrating that internal and external clouds can be visible, measurable and reportable for the secure management of a company's most important business processes." Speaking to ZDNet Asia after the briefing, RSA CTO Bret Hartman noted that the TXT technology is an "expansion" of an earlier Intel iteration known as the "Trusted Platform Module". The TXT was developed specifically for the Westmere processor, he added. "We're putting together all the current physical technologies and infrastructure of EMC, RSA and VMWare and together with Intel's contribution, create a commoditized product that will provide companies a granular, in-depth look into their IT systems in the future," Hartman said. By securing the entire stack down to the hardware, companies can bypass the problems of running their applications over legacy systems and other unsecured hardware infrastructure, he explained. He noted that this system will also enable IT administrators to specify applications that can run over the cloud, and prevent unrecognized software from running on companies' cloud networks, whether public or private. However, no specific product launches have been lined up yet, Hartman said. "Hopefully, we will see products in the market within a year or so," he said. Kevin Kwang of ZDNet Asia reported from the RSA Conference in San Francisco.
News Article | June 27, 2015
NEW YORK and LONDON, April 22, 2015 /PRNewswire/-- OpenFin, the leading provider of HTML5 runtime technology for the financial industry, today announced it has raised $3.0 million in additional financing. The round was co-led by Bain Capital Ventures, Pivot Investment Partners and Nyca Partners, with participation from 20 senior financial industry executives including Cris Conde, former CEO of SunGard and Tom Glocer, former CEO of Thomson Reuters. The funds will be used for product development and engineering team expansion in both New York and London. "Eleven of the world's largest banks and trading platforms are already using OpenFin to run high-performance, multi-window HTML5 applications on sell-side and buy-side desktops," said Mazy Dar, Chief Executive Officer of OpenFin. "We are thrilled to have the support of so many financial industry leaders and entrepreneurs as we scale to meet our customers' needs." OpenFin's technology is aimed at the institutional finance space which has strict requirements around security and performance with an annual IT spend of over $40 billion. "Technology advances in the consumer space have been breath-taking but in the institutional world, bank desktops are still dominated by legacy software," said Hans Morris, Managing Partner of Nyca Partners and former President of Visa. "Banks clearly want to accelerate the development of financial applications, and OpenFin provides the technology to enable that to happen." "Financial institutions face the daunting challenge of reinventing themselves while reducing costs across their global infrastructures," said Dinkar Jetley, co-founder of Pivot Investment Partners and former CEO of Worldwide Securities Services at J.P. Morgan Chase. "Tailored for the financial industry, OpenFin enables significant cost take-out from in-house builds while paving the way for innovation." Based on the Google Chromium open-source project and hardened to meet bank security requirements, OpenFin's HTML5 runtime enables native, multi-window experience, seamless desktop integration with Java / .NET / C++ / Flex, and requires zero install. "We make it easy to build desktop applications that are fast, beautiful, thin, secure and cross-platform," said Chuck Doerr, President and COO of OpenFin. OpenFin also announced the hiring of Jen Collet as COO Europe, Steve Greenblatt as VP of North American Sales, and the appointments of Paul Humphrey and Aron Miodwonik as strategic advisors. Collet was COO of Post Trade Risk at ICAP, a leading markets operator. Greenblatt was a founding member of Liquidnet, a global institutional trading network. Humphrey previously served as CEO of Electronic Broking at Tullett Prebon, a leading interdealer broker, and was Global Head of E-Commerce at ABN Amro. Miodownik previously held senior technology and operations roles at Merrill Lynch and UBS and is currently managing director at Cambrian Consulting. OpenFin anticipates continued hiring to meet growing demand as financial industry firms migrate to HTML5. About OpenFin OpenFin is the leading provider of HTML5 runtime technology for the financial industry. The company's patent-pending software is based on Google's Chromium open-source project and purpose-built to meet the security and performance needs of the financial industry. Founded in 2010, OpenFin is backed by Bain Capital Ventures, Pivot Investment Partners, Nyca Partners and senior executives from the financial industry. The company is a graduate of the First Growth Venture Network, a New York based accelerator, and the FinTech Innovation Lab, an annual program run by the Partnership Fund for New York City and Accenture for early and growth stage companies that have developed cutting edge technology products targeted at financial services customers. For more information, please visit www.openfin.co. Contact: Mazy Dar (firstname.lastname@example.org) About Bain Capital Ventures Bain Capital Ventures is the venture arm of Bain Capital, which has approximately $70 billion of assets under management worldwide. The firm's history of investing in early stage companies dates back to 1984 with over 125 venture investments since inception. Bain Capital Ventures manages approximately $2 billion of committed capital, has over 65 active portfolio companies, and has offices in Boston, New York, and Palo Alto. The firm's history of backing successful IT and software companies includes Solarwinds, LinkedIn, Rapid7, Archer Technologies, Network Intelligence, AppAssure and Gartner. More information is available at www.baincapitalventures.com. Contact: Matt Harris About Nyca Partners Nyca Partners is a venture capital and advisory firm exclusively focused on applying innovation in financial services into the global financial system. Nyca has rich experience and deep connections in both finance and technology, which provides a unique perspective and facility to help entrepreneurs transform payments, credit models and financial infrastructure. For more information, visit www.nycapartners.com. Contact: Hans Morris About Pivot Investment Partners Pivot Investment Partners LLC is a team of CEO-level operating executives who have grown and transformed financial services businesses around the world. The firm works closely with a select set of high-potential financial services and FinTech companies, investing operating expertise and capital in their success and accelerated growth. More information is available at www.pivotinvestment.com. Contact: Dinkar Jetley