RealTime IT News

Identity Security Looks to Command 'Presence'

For each security software company that gets snapped up, another one seems to take its place.

Presence Technology emerged from stealth mode this week with new software to help companies maintain accurate user and content identity data between distributed systems.

The Salt Lake City startup's PresenceID software automatically provisions password management, single sign-on security and compliance reporting across software systems regardless of their code makeup or protocols.

PresenceID ensures that identity synchronization and virtualization tasks are distributed between the identity source systems that originate, delete and edit identities, and the PresenceID Hub Manager and PresenceID Spoke Managers that synchronize, virtualize, manage and integrate user and content identity data.

Presence Technology President and CEO David Doane said PresenceID breaks down the barriers that keep resources, such as files, applications and services, from working with each other within modern legacy security systems from IBM , HP , Sun Microsystems  and others.

"I've got these applications and servers all over the enterprise and I've got the ability for an administrator to come in and set up my entitlements within the sphere of that domain for that application, but I don't have anything that automates that across the entire network," Doane told internetnews.com in an interview.

"Those identity management products are system-centric -- originally designed to work for specific systems and they're hierarchical. That works very well for authentication, but that doesn't work in the Internet world today where we have these massively distributed systems."

Companies have been clamoring for this kind of flexible approach, which closely aligns security federation with service-oriented architecture (SOA)  at a time when distributed computing networks are becoming the norm for the way businesses do business with their partners, suppliers and customers.

Admins can operate PresenceID software from a Web browser.

The software will work with pretty much any host computer, client server network and application, as well as -- and most importantly -- loosely coupled Web services  in a network.

"We're turning identity into a service platform," Doane added.

PresenceID only requires a SQL-compliant database, Java application and standard Web servers to run.

PresenceID will be available from Presence and select integrators in January at $98 per user, per year as a subscription model. Companies pay only for number of users and duration. Presence's will launch by Jan. 1, if not sooner, Doane said.

PresenceID software is the latest product in a growing security software market for managing identities.

IT administrators implement such software to help them organize and manage the relationships between users, content and other IT resources, creating a kind of clearinghouse for identifying entities in an enterprise.

The key with PresenceID is that it provides such value in an automated fashion, obviating the need for IT admins to manually provision access privileges.

Experts believe the market is ripe for buying and selling opportunities. Startup Securent, with its Entitlement Management System software, is also addressing the challenge of provisioning and securing identities as they are created across an enterprise network.

However, security vendors are falling as fast as they rise; yesterday Websense agreed to purchase data-loss prevention startup PortAuthority for $90 million.

In the last few years, HP  bought TruLogica, Oracle  bought Oblix (which in turn bought Gupta's Confluent), Thor and OctetString, among other big fish-little fish plays.

Bigger dominoes fell in 2006, with EMC  acquiring RSA Security and IBM  notching Internet Security Systems.