DLP and e-discovery: two sides of the same governance coin?

We commented recently on Symantec’s acquisition of cloud archiving specialist LiveOffice. The announcement also afforded Big Yellow an opportunity to unveil what it calls “Intelligent Information Governance;” an over-arching theme that provides the context for some of the product-level integrations it has been working on. For example, it just announced improved integration between its Clearwell eDiscovery suite and its on-premise archive software, EnterpriseVault (stay tuned for more on this following LegalTech later this month).

There’s clearly an opportunity to go deeper than product-level ‘integration,’ however.  In a blog post, Symantec VP Brian Dye raised an issue that we have been seeing for a while, especially among some of our larger end-user clients. In the post, Brian discusses the fundamental contention that all of us – from individuals to corporations to governments — face around information governance — striking the right balance between control of information and freedom of information.

Software has emerged to help us manage this contention, most typically through data loss prevention (DLP) tools – to control what data does and doesn’t leave the organization — and eDiscovery and records management tools, to control what data is retained, and for how long. Brian noted that there is an opportunity to do much more here by linking the two sides of what is in many ways the same coin, for example by sharing the classification schemes used to define and manage critical and confidential information.

This is an idea that we have discussed at length internally, with some of our larger end-user clients, and with a good few security and IM vendors. Notably, many vendors responded by telling us that, though a good idea in principle, in reality organizations are too siloed to get value from such capabilities; DLP is owned and operated by the security team, while eDiscovery is managed by legal, records management and technology teams. While some of the end-users we have discussed this with are certainly siloed to a point, they are also working to address this issue by developing a more collaborative approach, establishing cross-functional teams, and so on.

A cynic would point out that some self interest might be at play here too from a vendor perspective; why sell one integrated product to a company when you can sell them essentially the same technology twice. But of course, we’re not the remotest bit cynical (!)  There is also the reality that at most large vendors, product portfolios have been put together at least in part by acquisitions.  Security and e-discovery products may be sold separately because they are, in fact, separate products with little to no integration in terms of products or sales organizations.  And vendors may not yet be motivated to do the hard integration work (technically, organizationally), if they are not seeing consistent enough demand from consolidated buying teams at large organizations.

Wendy Nather, Research Director of our security practice, notes that such integration is desirable;

– Users don’t WANT to have meta-thoughts about their data; they just want to get their work done, which is why it’s hard to implement a user-driven classification process for DLP or for governance.  The alternative is a top-down implementation, and that would work even better with only one ‘top’ — that is, the security and legal teams working from the same integrated page.

However, Wendy also notes that such an approach is itself not without complexity;

– Confidential data can be highly contextual in nature (for example, when data samples get small enough to identify individuals, triggering HIPAA or FERPA); you need advanced analytics on top of your DLP to trigger a re-classification when this happens.  Why, you might even call this Data Event Management (DEM).

It’s notable that Symantec is now starting to talk up the notion of a unified, or converged approach to data classification. Of course, it is one of the better-positioned vendors to take advantage here, given its acquisitions in both DLP (Vontu in 2007) and eDiscovery (Clearwell in 2011), while LiveOffice adds some intriguing options for doing some of this in the cloud (especially if merged with its hosted security offerings from MessageLabs).

Nonetheless, we look forward to hearing more from Symantec — and others — about progress here through 2012. Indeed, if you are attending LegalTech in New York in a couple of weeks, then our eDiscovery analyst David Horrigan would love to hear your thoughts. Additionally, senior security analyst Steve Coplan will be taking a longer look at the convergence of data management and security in his upcoming report on “The Identities of Data.”

In other words, this is a topic that we’re expending a fair amount of energy on ourselves; watch this space!

Quick HP-Autonomy thoughts

Just after the HP call about its Q3 numbers and the deal, here’s my initial (very) quick take as it’s late here in London:

  • This deal is about getting serious about software under Leo Apotheker. It gives HP a real information management story, greatly boosting its presence in the archiving, e-Discovery and enterprise search businesses.
  • However, company cultures are not complementary, the HP way is a long way from the hyper-aggressive sales and marketing culture at Autonomy. Maintaining Autonomy as a separate entity run by Mike Lynch proves this and calls into question how much real synergy can be had from such a structure. I cannot see that being sustained.
  • This instantly makes HP a bigger e-Discovery player than IBM or any of the major IT firms.
  • Product overlap exists in document and records management but gets HP into the web content management and website optimization markets.
  • Autonomy has resisted deals over the years as its market capitalization ballooned as it went on its own acquisition binge. Autonomy couldn’t have waited much longer as it would have grown too big to be swallowed by even the largest predator.
  • At least Autonomy customers will now have a services organization to call on after they’ve bought the software. Customer support and after sales service has not been a strength of Autonomy.
  • This leaves the FTSE 100 with just one software firm of note.

3PAR’s rocketing valuation; belief, scarcity and little bit of luck

I had the opportunity to meet up with David Scott, CEO of 3PAR, the current belle of the ball in storage as the bidding war between HP and Dell continues to intensify (read our analysis of the deals for free by clicking here). Though discussion of any details concerning the acquisition process was strictly off limits, Scott provided some interesting color on why he believes the battle for 3PAR is taking his company’s valuation to unprecedented levels.

Actually, our conversation was a continuation of a discussion that we began over dinner at 3PAR’s analyst event in California a few weeks ago. During that discussion I asked Scott why 3PAR hadn’t yet been acquired; his response pretty much described the events that are now playing out. Scott believed there was in effect a Mexican stand-off taking place; multiple vendors would potentially be very interested in making a bid for 3PAR, but a fear of being outbid – and losing out – was holding them back. Thus, for the time being it was generally in all potential suitors’ best interests for 3PAR to remain independent.

Why Dell decided to break rank and shoot first is not entirely certain at this point — though HP losing its CEO may have been a trigger — and was certainly not on the menu for discussion with Scott. But the CEO was more forthcoming on the reasons for this fear of being outbid, which are rooted in 3PAR’s scarcity; ie the belief that there is no viable alternative acquisition target to 3PAR. The bidding war that has played out since Dell made its first offer would appear to support this. Why? Scarcity seems like a crazy assumption to make in an industry that is constantly spitting out new startups.

Scott’s reasoning for this scarcity has both demand-side and a supply-side dimensions, both of which have taken a couple of turns of the IT cycle to come to fruition. On the supply side; cast your mind back a decade, and the IT world was alive with the prospect that ‘xSPs’ (especially storage service providers and application service providers) would play a transformative role in delivering IT as a service; Cloud 1.0, if you like. What these xSPs required was a way of building these services on a scalable, secure and shared technology infrastructure. Unfortunately for SSPs such as Storage Networks, the infrastructure components to build such a stack were not available, and the entire model collapsed under the weight of having to build dedicated systems for each customer.

But the promise of the xSP model was also the catalyst for innovation at all levels of the IT stack. There was nothing inherently wrong with the model of IT-as-a-service – it was, and remains, highly attractive. What was needed was a new underlying architecture that could provide the required scale and flexibility as cost effectively as possible, such as blade servers, virtualization software and ‘utility’ storage.

Thus, as interest in the xSP model began to build, VC money started to flow into storage startups developing ‘carrier grade’ platforms; in particular Cereva Networks, Yotta Yotta, Zambeel and 3PAR. Only one of those companies managed to make a go of it; the rest succumbed to the same burst bubble that did for the xSPs. Cereva (which had raised almost $140m in VC funding) collapsed in 2002, Zambeel (which raised around $66m) closed its doors in 2003, while the assets of YottaYotta  (which took in around $100m) were eventually acquired by EMC.

As the only remaining player in this new generation of high-end storage platforms, Scott says 3PAR was in a unique position. Perhaps even more crucially, these failures meant VCs were now loath to invest in high-end storage startups; even if the next “3PAR killer” came along, it would have struggled for funding. Instead, VCs turned their attention to startups targeting the mid-range storage market – LeftHand Networks, EqualLogic, Compellent, Pillar — which was growing much more quickly than the now-slowing high-end space.

Scott admits 3PAR came under pressure to target the mid-range space more aggressively (and it did release smaller versions of its InServ arrays), but the company’s core efforts remained on the high-end, with a continuing focus on direct-, rather than channel-based, sales. Scott and his team remained as convinced as ever that ‘utility’ computing was real, and would eventually pay dividends via 3PAR’s scalable storage platform.

In particular it found traction with the next generation of service providers –such as managed hosting providers and telcos – that, subscribers to the cloud model attest, will collectively host the vast majority of the enterprise IT workloads of the future. Indeed – and this is where the demand-side argument comes in – the post-recession reality for organizations of all types and sizes – from financial services giants to local government offices – is that they are looking for more cost effective methods of running their IT processes.

These service providers differentiate themselves on quality of service and cost, and the only way of achieving this – according to Scott – is through best of breed IT infrastructure. Scott and co have made much of the fact that seven of the ten largest service providers by revenue are 3PAR customers, and we’re sure this point is not lost on HP, Dell or any other would-be acquirer.

Of course, with hindsight it’s easy to make the facts fit a story, but we’d note that 3PAR‘s own strategy and messaging has scarcely changed since day one. 3PAR has always targeted ‘utility’ computing, and has stuck with the term as the rest of the industry dispensed with what to them was just the latest buzzword (for proof, see the first research report (451 clients only) we wrote on 3PAR, back in 2002). Indeed, for 3PAR and Scott, delivering IT as a utility is an integral part of its proposition; it gets to the core of why the company believes it is different, and why (at least) two giants of the industry are prepared to pay well-over-the odds to own.

Why Autonomy won’t – or shouldn’t – buy Open Text

At the time of Autonomy’s Q2 results last week, a fair few commentators said an acquisition of Open Text was imminent. We know that a large deal is imminent and the enterprise value of Open Text (OTEX) is in Autonomy’s ball park. Plus OTEX – itself a roll-up machine somewhat akin to Autonomy –  isn’t exactly in the rudest of health right now.

On the earnings calls CEO Mike Lynch said Autonomy’s next major acquisition would not be done to buy growth (we have already expressed our thoughts on that), nor would it be done simply because the price is right. It would have to be a strategic move, a game-changer. Well, OTEX isn’t that, in our mind at least. So what would such a deal give Autonomy?

Sure, it would give it practically all the document management business in the legal sector. But so what? Autonomy already has a lot of that via its Interwoven acquisition. It would also bring with it yet more overlapping content management products and a collaboration business being eaten by SharePoint. On the plus side, it would roughly triple Autonomy’s customer base to about 65,000 organizations.

Of course, I could be completely wrong and August 18 could be the date on which that is proved, as it’s OTEX’s Q4 results announcement. That is, if SAP hasn’t got there first.

Still, Tibco or Informatica make far more sense to us as truly strategic acquisitions for Autonomy. But of course, in order to buy something you have to find a willing seller, and we’re not so certain those sorts of companies relish the prospect of ending up inside Autonomy as much as a company that has few other choices might do.

Thoughts on OTEX + VIGN

Open Text discussed its acquisition of Vignette on its earnings call this afternoon.  The stated rationale is:

  • Add last remaining major ECM play to Open Text’s portfolio.
  • Access to Vignette’s customer base, improve service and support (i.e., try to stabilize maintenance revenue).
  • Cross-sell opportunities.

My thoughts:

  • None of the above is particularly compelling.
  • Open Text loves a bargain and apparently this one was too good to pass up.  Backing Vignette’s cash and short-term investments out of the deal, Open Text only paid 1x Vignette’s trailing twelve-month revenue.
  • Open Text will maintain Vignette much as it has Hummingbird – keep the products mostly separate, try to hold onto the maintenance stream, cut Vignette’s costs.
  • I don’t buy into product or technology-based reasons for Open Text wanting to own Vignette.  There’s tons of overlap.
  • There will undoubtedly be some Vignette vs. RedDot struggles at Open Text over which is the WCM line of choice.  Interesting since WCM is only a sideline for Open Text in the big ECM picture anyway.
  • A bargain can still bring headaches and there will be WCM competitors lining up to benefit from uncertainty (not that many WCM players seem to spend much competitive energies worrying about Vignette these days).

Our full deal analysis is available for 451 clients.

M&A in ECM this week and a look ahead

We covered two small acquisitions in the ECM realm this week (for 451 Group clients, our TechDealmaker service has (or will have shortly) the full deal analysis reports),  Open Text’s purchase of the file format viewing division of Spicer Corp. for $12m and Hyland Software’s Liberty IMS buy for an undisclosed sum.

Neither of these deals, which are both small, is all that interesting in and of itself.  Open Text is getting a bit of technology to view CAD files, large schematics and other large and complex files without having the software used to create those files installed locally.  This is a good addition to Open Text’s line, particularly as it looks to sell more vertically-customized apps in markets like energy and construction.  Hyland has purchased a small competitor in the SMB market, mostly to expand its customer base in a few key verticals.

What is interesting about these deals, aside from the fact that they closed on the same day at a time when acquisitions aren’t exactly booming, is that they both come from independent ECM vendors looking to carve niches for themselves in a market increasingly dominated by the likes of IBM, Microsoft, Oracle and EMC (though Hyland is majority-owned by PE firm Thoma Cressey Bravo).  Both have indicated that there will be more acquisitions ahead as they look to secure their positions and future acquisitions by both vendors are likely to be more of the same.

Open Text and Hyland operate on different scales — Open Text’s revenues in calendar year 2007 were $677.8m while Hyland’s were $104m.  Open Text is also securely in the enterprise market while Hyland plays more at the mid-tier and in the SMB market, though the two do compete sometimes in government accounts and for accounts payable apps.

Hyland appears to be  more aggressively on the acquisition trail at the moment, noting as part of the Liberty IMS announcement that plans are to “more than double our size in the next three years” via both inorganic and organic means. But Open Text has also indicated repeatedly that it will do ‘tuck-in’ technology buys, like the Spicer acquisition.

Open Text and Hyland aren’t the only independent ECM vendors remaining nor the only ones likely to make acquisitions in the near future.  Interwoven and Vignette are also here.  Both made technology buys in the past year, Interwoven bought multivariate testing vendor Optimost for $51m last October and Vignette parted with just $7m for the assets of video delivery service Vidavee in April.  These buys indicate that these two are more interested in Web content management (WCM) at the moment, even though both have broader product lines, and future buys will most likely continue to fill out WCM portfolios.  This is in contrast to Hyland and Open Text, who are both likely to stay more to document management, records management and BPM-related acquisitions.  But none of these vendors is likely to make a major buy.

That said, these vendors themselves are perennial potential acquisition targets. Thoma Cressey Bravo may be fattening Hyland up for an eventual sale, but it will likely look to consolidate more of the mid-tier ECM market first.  But the others – Open Text, Interwoven and Vignette – could themselves be up for grabs by giants like SAP or HP.  In either case, we’re far from done with ECM acquisitions.

Our take on M&A in enterprise search

I’ve gathered all my current thinking on potential M&A in enterprise search in a SectorIQ that we published earlier this week to our customers. In it, I look at four main potential targets plus a few other small ones and look at a few of the likely acquirers. (This is the way we write all our Sector IQs, btw and they’re a great way of getting a quick grasp on what might be coming down the pike in any particular sector of the IT industry)

Fortunately those of you that are not our customers (yet!) are able to read it via our arrangement with the New York Times DealBook section. Click here to see the NY Times posting or go here to go straight to the report – and while you’re there, sign up for a trial of our M&A KnowledgeBase, where we’ve been collecting details of every IT, internet and telecoms deal since the start of 2002!

Finally, a quick word about the headline. We like to have some fun here at 451 with these things and while I appreciate that this one might have been pushing things a little in terms of clearly explaining what the report was about, when else would I be able to use it? 😉