Why SAP purchased MaXware

* SAP consolidates its identity practice

I expected one trend this year to be a continuance of the consolidation that’s been occurring over the past couple of years, the “convergence of vendors,” as I mentioned last January. Last week’s announcement that SAP had acquired MaXware is simply the latest occurrence.

This wasn’t SAP’s first acquisition in the identity arena. Last year SAP purchased Virsa Systems, a participant in the governance, risk management and compliance area of identity management. Some thought at the time that SAP would need to make further acquisitions in order to fully integrate Virsa’s technology – or to develop a fairly comprehensive identity practice of its own.

The major driver for SAP, of course, is the competition from Oracle. When Larry Ellison annexed PeopleSoft, after PeopleSoft acquired J. D. Edwards, the battle line was drawn. Oracle’s successful integration of its identity management acquisitions - Phaos Technology, Thor Technology, OctetString and others - meant that SAP would have to acquire or develop similar technology or forever be on the defensive, or subject to the mercies of technology partners, when competing with Oracle for customers.

MaXware had been up for sale for a while. Maybe not actively, but it was known that the right offer would be accepted. Some people are saying that SAP simply bought the identity management vendor that offered the best price and easiest acquisition. While that might have been part of the equation, I think the nature of MaXware’s business was at least as strong a reason. MaXware was one of the tiny number of independent virtual directory companies left (there’s still SymLabs and Radiant Logic as well as the open source Penrose Project). This validates the theory (OK, MY theory) that governance, risk management and in particular, compliance, can’t be effectively implemented without a virtual directory.

Some will point to MaXware’s provisioning services and say SAP needed them to counter Oracle’s purchase of Thor. That’s true, but not the deeper reason which is that provisioning – just like compliance – requires virtual directory technology.

The directory is the base for identity, and the virtual directory is the mechanism for tying the various parts of identity together. SAP has made the effort to begin to consolidate its identity practice; time will tell if it can make anything of it.

Join the Network World communities on Facebook and LinkedIn to comment on topics that are top of mind.
Now read: Getting grounded in IoT