Moving to strengthen its position as a vendor of secure enterprise communications solutions, Secure Computing (NASDAQ: SCUR) announced Wednesday the acquisition of Securify, which provides identity-based monitoring solutions tying user behavior on the network to business systems.
The combination of the two companies’ technologies will let users detect unauthorized behavior on corporate networks in real time and shut it down automatically. “The Securify piece tells you what people are doing; our piece lets you do something about it,” Secure Computing vice president of global technical strategy Scott Montgomery told InternetNews.com.
Secure Computing will pay about $15 million for the purchase. If Securify meets its revenue goals for the fourth quarter of 2008 and for 2009, Secure Computing will pay out another $5 million, Montgomery said.
The acquisition is expected to close in the fourth quarter of this year subject to certain conditions. Securify brings the capability of real time monitoring and logging “in addition to its immediately profitable business,” Secure Computing president and chief executive officer Dan Ryan said in a conference call after announcing the purchase.
News of the purchase at 4 p.m. ET sent Secure Computing’s share prices, which had fallen to below $4.40 earlier in the day, up to close at $4.53. That was a one-cent gain over the opening price, but a far cry from the 52-week maximum of $10.54.
Secure Computing’s purchase of Securify follows the sale of its Secure SafeWord authentication product line to information security company Aladdin Knowledge Systems (NASDAQ: ALDN) in July. The transaction will be completed this month.
By selling Secure SafeWord and buying Securify, Secure Computing said it’s focusing on its core competencies. “Our core business is protecting communications, and this strong authentication device was not a fit,” Montgomery said about the sale to Aladdin. “We had to do additional training, train channel partners, and it was never core to our strategy.”
Buying Securify lets Secure Computing keep up with changes in the business and technology environments. “As people extend their networks into IPv6
Tapping business policies in Microsoft’s Active Directory
That evolution moves away from static policies governing security to dynamic ones created by tapping business policies already in Microsoft (NASDAQ: MSFT) Active Directory, Montgomery added.
The connection to Active Directory is where Securify’s strength lies. Enterprises store their business rules in directories, and many use Active Directory. Securify leverages the business rules to drive security policies, instead of making corporate IT create security policies from scratch based on business rules. Then, when a breach is discovered, it immediately notifies one of Secure Computing’s firewall products, which automatically will shut down the affected system.
This will strengthen protection against insider breaches, which are increasingly becoming a source of concern. “If a guy in sales is banging on customer data and sales information that doesn’t belong to him, I want to shut him down,” Montgomery said. “I don’t care if he’s been spear phished; do your forensics after he’s been shut down.”
Spear phishing is a targeted form of phishing, which is an attempt to get sensitive information by using someone else’s identity. Salesforce.com was hit by a wave of spear phishing attacks in November.
“Enterprise companies have spent billions of dollars in fleshing out, testing, rolling out, propagating, synching their Active Directories,” said Montgomery. “We help organizations map their security to their business through Active Directory.”