Identity management and single sign-on technologies have a tainted history in Australia, according to Imprivata's Asia-Pacific regional manager, Anton Baranyay. But greater security and compliance requirements are opening new doors for authentication technology, he claims. Baranyay spoke to ARN about general security market trends as well as the vendor's single sign-on technology and channel plans.
What does your role entail?
As we are new to this region, my role is primarily around building channels, business development and finding customer opportunities.
How is your channel set up?
We work through distributors like Unixpac who represent us in the marketplace, and go out to market through their channel partners. We have a few channel partners as well.
What is Imprivata's market proposition?
Because ours is a new product, and a new type of product in the single sign-on marketplace, there are opportunities for partners to make larger margins than they would if they were working with more established hardware appliance vendors.
As an organisation we also focus quite heavily on having resources available to support our channel partners, such as marketing tools and established programs. It's a two-pronged approach: we certainly don't expect our partners to go out and work out how to do this completely on their own.
What are you doing to build your market presence?
We've got to find user opportunities, and we've got to find channel partners. Our initial focus was on branding and getting our name out there, and then getting feedback around who's interested at looking at our product and representing it. We also have media campaigns to generate leads both in the channel and with users.
What challenges do you face growing local sales?
One thing that is obvious to me in the Australian market is that single sign-on has a tainted reputation. There have been vendors trying to do projects for a long time, but some of the system integrators I've been speaking to have found projects haven't gone very well. The technology is too complex, too expensive and old. Our product is packaged as an appliance so it can be deployed quickly and easily. For a customer this means they plug boxes in. If one box fails, there's another one to take its place.
The second major benefit about the product is that it is non-invasive. A customer can implement the product without having to go through the processes of deploying onto directory infrastructures with schema extensions and the equivalent. Thirdly, the actual product and the agent itself is packaged as a single deployment. Many of our competitors require users to deploy multiple components on the desktop side.
What trends are you seeing in the security space? I think identity management is one of the areas of IT security that hasn't got enough focus in Australia. What's clear is that there are password issues in all organisations - major banks through to healthcare organisations, utilities providers and government, are struggling to address those issues. So there's an opportunity for modular-based products to come and fix those pain points.
A second trend I'm seeing is convergence of security technology. Our physical/logical integration module links network authentication and building access.
Why has it taken so long for the market to adopt single sign-on?
The pain point has been there for a long time, but the technology hasn't been able to stand up to requirements. I think if you look back, there have been vendors in this market since the early 1990s trying to do single sign-on. Typically, those vendors have been snapped up or become OEM partners for the big system integrators, but the underlying technologies are more legacy-based and focused more on scripting. We shipped our first product in 2004, so we've developed a new product built on XML code. The process of doing single sign-on is now drag-and-drop and can be handled by non-development resources.
How do see the security market evolving?
If you speak to an IT resource at a major institution, they will have a broad spectrum of things to consider. There are more stringent regulations and considerations around IT risk and compliance coming to Australia. What we're going to do in the short term is use the focus and explosion of interest in compliance, security and improvements of access to data on company networks to bring our product into the market.