The day has arrived. Well, once the acquisition closes it will. SAP is an Identity Management vendor. A few days ago, they announced the acquisition of MaXware.
The way the market's been going, it was only a matter of time. For SAP to keep up with the Joneses (namely Oracle), they had to build out their software portfolio. They cannot be considered an enterprise software vendor until they do. They still do not have the reach that Oracle has, but I have a feeling the long term vision is to get there. They will not survive otherwise because Oracle will blow them out of the water.
For so long, SAP has only been able to watch as Oracle gobbled up competitor after competitor as they executed their strategy of becoming the world's biggest software vendor. SAP's cash cow was also beginning to dry up and the executives obviously knew that. The question was what were they going to do about it. You can only rely on revenue from support, services and upgrades to old software for so long. SAP have been fortunate in being able to rely on their dominance of the ERP and CRM space from the 90s. Those days are fast running out and for SAP, it was a matter of evolve or fall way behind. The reason for a customer to buy Oracle over SAP of late has become much more compelling. If you buy SAP, you get CRM and ERP software. Well, they have a Portal, but that's a commodity nowadays. They also have Netweaver, but that's just a fancy name for the infrastructure which supports their web service initiatives. As a customer, I'd get a lot more from Oracle. If I buy an ERP or CRM system from Oracle, I have the support to be able to leverage an Application Server (ok, SAP have one too, but who runs anything on that except SAP?), a Relational Database, Portal, Grid Computing, Identity Management, Business Intelligence etc. Their software stack is much more compelling. Sure, there is integration to be done, but there's more chance of having the integration pieces fit together...or at least be able to kick Oracle if bits don't work.
SAP have been falling behind for awhile and they knew it. Enterprise Identity Management is a must nowadays. You cannot run a mid to large size environment without proper Identity Management. One could even argue that it's on the way to becoming commoditised. In fact, I've suggested in the past that it would sooner rather than later. And who are SAP's major customers? Mid to large size customers!
If a company wants to be considered to be a serious software vendor, they need Identity Management capabilities - much like they needed an application server product in the 90s. We're no longer talking about people that want security. Identity Management has become a business problem. It is also an application development problem. It is also a process problem. The list goes on. I'm not saying anything new here. Those that know this space know that Identity Management projects touch everything in the enterprise. It defeats the purpose of the project if it doesn't...or at least is there isn't a long term plan to have it "hook into" everything and vice versa.
SAP have taken a step towards catching up with Oracle. In doing so however, they've also put themselves in the firing line of IBM (more than before - they already compete in the Portal space), CA, Sun, BMC, HP and EMC/RSA. This now places an interesting dynamic between SAP and the vendors on the list who are key SAP partners. IBM for example, are one of the biggest (if not the biggest) SAP implementation partners in the world. It'll also cause more interesting battles internally within IBM as well, with the services teams potentially being able to choose SAP Identity Management for their customers over IBM Tivoli (they IBM WebSphere guys might be able to identify with this as they probably already went through this with the Portal product). This is of course nothing new for IBM. The services arm of IBM has long had to deal with the wrath of IBM Software Group when they propose a competitor's software solution. This just moves SAP further up the "don't you dare suggest competitive software to your customer" list.
MaXware alone doesn't give SAP the Identity pieces to be a dominant player in this space however. They are a few pieces away from seriously competing with the other big Identity vendors. MaXware doesn't give them access control and authorisation components for example. In fact, I wonder why they didn't go after a company like Courion. They have a more complete solution set. Maybe it really isn't their intention to play in this space (although if it's not, then they have some serious strategy issues).
SAP aren't quite there yet in terms of competing with Oracle from an enterprise software stack perspective. They are also not quite there in the middleware stakes in trying to compete with IBM (and of course Oracle). SAP need a few more pieces before they can seriously challenge the enterprise software accounts of IBM and Oracle and start trying to displace the enterprise software agreements so prevalent in large customers, which is where all the big dollars are. It'll be interesting to see where they head next.
If I were running SAP (not that anyone would ever listen to me), I wouldn't focus so much on the catch up and start to look longer term at what's next on the horizon. Databases are a commodity for example. I doubt SAP will worry about trying to fill that gap. They cannot afford to or they'll be playing catchup forever. Remember, acquisitions are followed by integration and that takes a lot of time and money. They should ignore the commoditised components, fill out pressing customer needs (where it makes sense to) and start to build or acquire the pieces that will be required in the enterprises of 2010. If SAP are still viewed primarily as an ERP/CRM vendor in 2010, they're in real trouble.
I doubt they will ever die. Too many customers have too much invested in SAP deployments around the world. It's sort of like the mainframe. It's still around because it costs too much to move off it. It's cheaper to just build around it. But if SAP don't evolve, they won't grow. They'll just be stuck supporting existing customers and making small amounts of revenue through support and upgrade contracts (comparatively to what they would through making new software sales). Why? Because if they don't grow, new customers will buy Oracle.
Saturday, May 19, 2007
Friday, May 18, 2007
No more Identity?
I've finally relented and have finally gotten myself a job. Living in London is expensive, so I had to eventually :)
While the role I've taken is still in information security, it doesn't focus directly on Identity and Access Management. The focus of my new role will be more data centric. Namely focusing on data usage, monitoring, and leakage prevention. The technology essentially lets you have an enterprise view of what data is being used for which purposes and by whom. It can also enforce operating system level controls to prevent people from performing certain actions on critical or sensitive data. At the very least, everything is being monitored, if not enforced. When I say context, I mean everything from the type of file, what's being done to it and what the contents of the file are. I'm over-simplifying. It does more than that, but I don't want to write an essay. Seeing it in action reinforced my belief in the need for this type of solution in the market. It's actually very cool...and I'm not just saying that.
I won't continue on with the sell job. In fact, I've purposely not mentioned who I work for...at least not yet (if you REALLY want to know, it's not hard to find out if you're web-savvy enough). I don't want to turn the blog into a selling tool. It's MY blog after all...not the company's. I'll just keep writing exactly what I think on here and call things like I see them.
All that being said, I maintain my interest in the Identity area, so I won't stop talking about that. I may just deviate from it now and then...which is not really that different from what I've been doing anyway.
Incidentally, my coverage region is EMEA (Europe, Middle East and Africa). So for those of you in the region, I may be seeing you around :)
While the role I've taken is still in information security, it doesn't focus directly on Identity and Access Management. The focus of my new role will be more data centric. Namely focusing on data usage, monitoring, and leakage prevention. The technology essentially lets you have an enterprise view of what data is being used for which purposes and by whom. It can also enforce operating system level controls to prevent people from performing certain actions on critical or sensitive data. At the very least, everything is being monitored, if not enforced. When I say context, I mean everything from the type of file, what's being done to it and what the contents of the file are. I'm over-simplifying. It does more than that, but I don't want to write an essay. Seeing it in action reinforced my belief in the need for this type of solution in the market. It's actually very cool...and I'm not just saying that.
I won't continue on with the sell job. In fact, I've purposely not mentioned who I work for...at least not yet (if you REALLY want to know, it's not hard to find out if you're web-savvy enough). I don't want to turn the blog into a selling tool. It's MY blog after all...not the company's. I'll just keep writing exactly what I think on here and call things like I see them.
All that being said, I maintain my interest in the Identity area, so I won't stop talking about that. I may just deviate from it now and then...which is not really that different from what I've been doing anyway.
Incidentally, my coverage region is EMEA (Europe, Middle East and Africa). So for those of you in the region, I may be seeing you around :)
Subscribe to:
Posts (Atom)