TechWeb

Startup Of The Week: Aveksa Brings Discipline To Data Access

Oct 26, 2007 (08:10 PM EDT)

Read the Original Article at http://www.informationweek.com/news/showArticle.jhtml?articleID=202601674


Data breaches and insider threats -- what's a company to do? Rigorous enforcement of data access policies is part of the answer. Aveksa's software lets IT managers establish data access privileges and manage who gets access to which applications. Business managers, security pros, and compliance specialists collaborate in the process.
--John Foley

AVEKSA

HEADQUARTERS: Waltham, Mass.

PRODUCT: Aveksa Enterprise Access Governance Suite

PRINCIPALS: Deepak Taneja, co-founder and CEO; Dan Peterson, co-founder, VP of field engineering; Jim Ducharme, VP of engineering; Patrick Welch, VP of sales

INVESTORS: Charles River Investors, Pequot Ventures

EARLY CUSTOMERS: Amscan, Cigna, XL Capital

Deepak Taneja, co-founder and CEO, Aveksa

Taneja's Aveksa helps brings order to chaos


THE NAPKIN PITCH
Data access management is a best practice in IT governance. Data access privileges, or entitlements, are determined by an employee's "role." In large companies, there can be thousands of roles and billions of entitlements, and they change constantly. Aveksa brings order to this chaos, reducing risk while helping companies comply with regulatory requirements.

WHAT IT'S NOT
Aveksa's software is not a security application. It leaves identity management, authentication, authorization, and provisioning to products designed for those purposes. CEO Taneja refers to such tools--sold by CA, IBM, Sun, Netegrity, and others--as the security-enforcement layer. They control user access to information. Aveksa's software is a governance layer that complements such gatekeeping tools. Says Taneja, "We think of it as a business application that deals with security data."

BACKGROUND
CEO Taneja was formerly CTO of ID management vendor Netegrity, acquired by CA in 2004. Ducharme, Welch, and other members of Aveksa's management team are of Netegrity-to-CA lineage.

WHAT'S NEW
The Aveksa 3 suite, due for release in November, comprises two applications. An update to the existing Aveksa Compliance Manager--which automates monitoring of and reporting on user access rights--features enhanced detection of identity changes and new capabilities for change management and auditing. The new Aveksa Role Manager lets security pros, compliance personnel, and business managers work together in defining roles; capabilities include role discovery, modeling, and certification.

TIMELINE
Timeline Chart

Read InformationWeek's Startup City blog