Startup Of The Week: Aveksa Brings Discipline To Data AccessStartup Of The Week: Aveksa Brings Discipline To Data Access
New application lets security pros, compliance specialists, and business managers collaborate in roles-based governance.
October 26, 2007
Data breaches and insider threats -- what's a company to do? Rigorous enforcement of data access policies is part of the answer. Aveksa's software lets IT managers establish data access privileges and manage who gets access to which applications. Business managers, security pros, and compliance specialists collaborate in the process.
--John Foley AVEKSA HEADQUARTERS: Waltham, Mass.
PRODUCT: Aveksa Enterprise Access Governance Suite
PRINCIPALS: Deepak Taneja, co-founder and CEO; Dan Peterson, co-founder, VP of field engineering; Jim Ducharme, VP of engineering; Patrick Welch, VP of sales
INVESTORS: Charles River Investors, Pequot Ventures
EARLY CUSTOMERS: Amscan, Cigna, XL Capital
THE NAPKIN PITCH Data access management is a best practice in IT governance. Data access privileges, or entitlements, are determined by an employee's "role." In large companies, there can be thousands of roles and billions of entitlements, and they change constantly. Aveksa brings order to this chaos, reducing risk while helping companies comply with regulatory requirements. WHAT IT'S NOT Aveksa's software is not a security application. It leaves identity management, authentication, authorization, and provisioning to products designed for those purposes. CEO Taneja refers to such tools--sold by CA, IBM, Sun, Netegrity, and others--as the security-enforcement layer. They control user access to information. Aveksa's software is a governance layer that complements such gatekeeping tools. Says Taneja, "We think of it as a business application that deals with security data." BACKGROUND CEO Taneja was formerly CTO of ID management vendor Netegrity, acquired by CA in 2004. Ducharme, Welch, and other members of Aveksa's management team are of Netegrity-to-CA lineage. WHAT'S NEW The Aveksa 3 suite, due for release in November, comprises two applications. An update to the existing Aveksa Compliance Manager--which automates monitoring of and reporting on user access rights--features enhanced detection of identity changes and new capabilities for change management and auditing. The new Aveksa Role Manager lets security pros, compliance personnel, and business managers work together in defining roles; capabilities include role discovery, modeling, and certification. TIMELINE Read InformationWeek's Startup City blog
About the Author(s)
You May Also Like