Last week I attended the monthly CTO Council meetings, in which technologists from many of EMC's different business units fly or dial in to discuss the latest internal developments in their area of expertise. Earlier in December I attended the ITAC (Industry Technical Advisory Council), a customer forum where EMC technologists and customers plan and discuss future technology trends.
These gatherings are a great place to network with many of the brightest minds for any given segment of the information industry. It reminds me of the many acquisitions that EMC has made this decade (nearly 50). As the decade winds down and the year flips from '09 to '10, I began to wonder which acquisition could be tabbed as EMC's "best of the decade".
How would "best" be measured? In the late 90s, I was an employee at one of the companies being acquired (when EMC bought DG). Certainly DG CLARiiON was hugely successful from a revenue standpoint. Another acquisition from the 1990s (Conley) did extremely well revenue-wise in terms of hundreds of thousands of PowerPath licenses.
Revenue impact favors those acquisitions that were made earlier in the decade. Filepool is an example of an acquisition that resulted in hundreds of millions of dollars in Centera revenue. Documentum is another example of an early-in-the-decade acquisition that has had resulted in many years of revenue generation. Using this formula makes it tough to gauge the impact of the Data Domain acquisition, for example (which has already started to effect the bottom line). VMware would be an excellent candidate based on revenue.
I arrived at my vote while attending the recent ITAC and CTO Council meetings. At both sets of meetings there was one topic that dominated every discussion and customer direction: security. In my mind the most impactful acquisition that EMC made this decade was the 2006 acquisition of RSA.
When I first heard about the acquisition I thought to myself: "2+ billion dollars? We're going to have to sell a ton of those RSA Key fob thingies". All kidding aside, I knew that information security was critical, but it seemed like a lot of money at the time.
Over three years later, the value and impact of RSA has been significant. I don't know what the revenue impact has been, but as an engineer I've seen the following benefits:
From Data to Information
The acquisition of RSA really cemented the transition of EMC from a "data storage" company to an "information" company in my mind. Certainly acquisitions like Documentum made it clear that EMC was entering new markets that were much more "information-aware". EMC's sweet spot had always been building storage devices that securely store and retrieve huge amounts of data bits, and software like PowerPath that could route data bits through a SAN. The RSA technology (and technologists) focus on issues such as securing information transactions between producers and consumers, as well as securing information from intrusion of storage systems and SANs.
Portfolio Penetration
I can't think of another acquisition that has made so many inroads across the entire EMC product portfolio than RSA. A post-acquisition, reusable "security library" now ships inside of several EMC products. Symmetrix has built-in RSA support. Centera and RSA Envision are certified together. PowerPath supports encryption via the RSA key server. Many products have deployed common sign-on and authentication using an RSA toolkit. The RSA technology has cut across internal development teams and products.
Cloud Security
Every time I participate in forward looking customer sessions about cloud, a technologist from RSA is always involved. I see two key areas of RSA's impact in the cloud (there are many more than two, but these two are critical):
- VDI: Virtual Desktop Infrastructure. As desktops convert to dumber display devices, the security threats move from the remote user site to the virtualized data center that is supporting VDI. The architecture for VDI includes RSA Key Fobs, RSA integration with security technologies such as Active Directory, and RSA gathering and analysis of auditable events via RSA enVision.
- Cloud Cartography: One advantage of hypervisors is their ability to host multiple guest operating systems and reduce the number of deployed servers. In a cloud environment, however, multi-tenancy implies multiple guests with different business goals. Some of these guests can represent the business goals of the "dark cloud". Are hypervisors designed to prevent evil guests from snooping on co-resident VMs? Not necessarily. RSA is right in the middle of securing this vulnerability.
I haven't done justice to all of the cloud security aspects that RSA targets (please leave comments if you'd like to add more). It's clear, however, that RSA is a major piece of the cloud puzzle.
The Research Impact
The final reason for choosing RSA as the acquisition of the decade has to do with the team of people that came along with the RSA technology. They bring with them a strong research bent, the proficiency to publish papers, an involvement with academia, a willingness to lecture inside and outside of EMC, and the ability to influence product groups and customers with next generation directions. Their scope extends externally as well. Brett Hartman of RSA was recently selected as the newest EMC Fellow. Burt Kaliski runs EMC's Global Innovation Network. Cryptographer (and author) Ari Juels is speaking at the 2010 FAST Conference.
In a nutshell, the RSA acquisition has me feeling fairly secure ;>). The price tag was worth it, and will continue to be worth it. The people that came with the team are the biggest asset (there are many more folks that I haven't mentioned in this post).
I'd be interested in hearing any customer feedback on the influence of RSA in their own deployments. And of course, I'd appreciate any comments and/or other thoughts about the "acquisition of the decade".
Steve
http://stevetodd.typepad.com
Twitter: @SteveTodd
EMC Intrapreneur