... you're waiting for an identity management acquisition and then along come three at once. This time it's IBM which has acquired 40-person, privately-held Encentuate. If you think that Ecentuate's size is indicative of gap-filling motivations from IBM then you'd be right. The 7-year old company is a specialist in enterprise single sign-on (ESSO), which until now has been provided through IBM's OEM relationship with Passlogix. Clearly, owning rather than OEMing technology gives IBM greater control of its ESSO destiny - particularly as Encetuate is Java-based which should help with integration with the broader Tivoli identity management portfolio. In fact, during the announcement briefing the two companies explained how Tivoli Identity Manager is already able to manage Encentuate provisioning (although there are no production customer deployments). This is presumably the result of work that IBM Global Services did with Encentuate at the Singapore Government: the two companies weren't technology partners.

Having said this is largely about filling gaps in the IBM identity management portfolio, Encentuate does bring more than ESSO to the IBM table. The company has done a good job of integrating with a variety of strong authentication solutions and has a rather nifty ability to take physical access tokens (door swipes and so forth) so that they can be used as second authentication factors. Encentuate also has some neat audit and compliance capabilities which IBM will undoubtedly tie into the Tivoli Compliance Insight Manager (based on the acquisition of Consul in late 2006). In addition to the technology upside, Encentuate could also help IBM in the healthcare market, where smaller players such as Imprivata and Sentillion have done quite well: there's a good smattering of healthcare customers amongst Encentuate's 80.

Overall a smart acquisition by IBM. I am not so sure whether IBM's Tivoli Access Manager for Enterprise Single Sign-on customers will be quite so happy though. The company has committed to continued support but the next iteration of the product is going to shift from Passlogix to Encentuate. IBM will make it attractive for them to move but replacing identity and security solutions is, by definition, a risky business and I am sure they will have to carefully balance the risks of moving against those associated with sticking with a product which is not going to see further development.