Does IBM i Need Independent Security Vendors?
February 7, 2018 Alex Woodie
Over the past 10 years, the number of independent IBM i security vendors has dwindled as bigger companies backed by deep-pocket investors scooped up smaller firms. Today there are only a handful of security firms that HelpSystems and Syncsort (Vision Solutions) have not acquired. We chatted with the heads of those companies to hear their thoughts on the matter.
HelpSystems has been the biggest force for consolidation in the IBM i business, completing over a dozen acquisitions since it kicked off a decade-long buying spree with its acquisition of ASC back in October 2006. Many of HelpSystems’ deals involved IBM i security software firms, including:
Linoma Software – June 2016
Tango/04 Computing Group — February 2016
Skyview Partners — June 2015
Halcyon Software — January 2015
Safestone Technologies — June 2012
Bytware — September 2008
PowerTech Group — August 2007
Vision Solutions has been a late arrival to the IBM i security consolidation party, but it has moved quickly, buoyed by a belief that high availability and security share similar aspects, both from a business and technological point of view. Just after it announced the deal to buy Enforcive (formerly BSafe) last summer, the company was merged with Syncsort. Then in December 2017, it added Cilasoft and its IBM i security and auditing tools.
That leaves just a handful of independent IBM i security software firms not owned by HelpSystems or Vision/Syncsort, including Raz-Lee Security, Townsend Security, Kisco Information Systems, and Trinity Guard.
Patrick Townsend, the CEO and founder of Townsend Security, says the consolidation can either be good or bad for IBM i customers.
“I think that consolidation in the IBM i space is inevitable given the state of the market,” Townsend tells IT Jungle. “Whether it is good or not depends on the business model and attitude of the consolidators.”
Townsend, whose firm is a leader in development of native IBM i encryption and tokenization solutions, says he gets contacted by venture capital and private equity firms about potential deals nearly weekly. “I’m sure that is true for all of the ISVs in the IBM i space,” he says. “No one should be surprised by that.”
That’s not changing how he approaches business, however. “The things I focus on are: How can we better serve our customers? How can I better serve and honor our employees? What innovations do we need to pursue to help make our customers and their stakeholders more secure?” Townsend says. “If we stay passionately focused on doing what’s right, everything else will take care of itself.”
Shmuel Zailer, the CEO and founder of Raz-Lee Security, says his company is not currently for sale. “Everybody has a price tag,” he adds. “But I don’t see myself working for anyone else. I see myself continuing to develop software and doing it with the good mood that we have, investing in new methods and new products, and not have to report to somebody to justify it.”
Zailer says that the fewer number of independent IBM i security software vendors there are left in the market, the more innovation on IBM i security will stagnate and fall behind other platforms. He uses the Authority Collection functionality introduced in IBM i 7.3 nearly two years ago as an example. Raz-Lee unveiled a product called Authority Inspector last year, but says he’s not seeing a big push by established vendors to support the technology.
Trinity Guard is the exception to the rule. The company, which was founded several years ago by the original developers of the highly respected PentaSafe product that languished under NetIQ and Micro Focus, is looking to establish itself as an innovator in a shrinking market. In fact, Trinity Guard supported Authority Collection with its TGAudit solution just as IBM shipped the new OS, according to the company’s co-founder, Tony Perera.
Overall, the industry consolidation “is a bad thing for customers,” Perera says. “In a typical merger, one vendor’s products get neglected or end-of-lifed, and you could end up with out-of-date software. Having competition is always good for product innovation. Also, mergers sometimes lead to a percentage of employees being laid off.”
Perera is happy about one aspect of consolidation, however: “It gives us more opportunity to replace the company’s solution,” he tells IT Jungle, adding that he is not currently considering offers for the company.
Rich Loeber, the CEO of Kisco Information Systems, sees different aspects to having industry giants move into the security business.
“I think that a small independent developer is positioned to provide better service to customers, so from that perspective, consolidating under large organizations could be detrimental to customers,” he says. “But, this is my only reservation to the move to consolidation.”
The consolidation hasn’t changed how Kisco sells software, he says. “We have continued to market our software in the same way and it continues to yield an acceptable level of sales and maintenance renewals for us,” Loeber says.
Over the years, Loeber has been approached several times, but nothing has come of it. Asked if his company is currently for sale, he responded: “We are not officially on the market, but I would be open to discussing it if approached.”
All the CEOs contacted for this story think it’s important to have a base of independent software vendors. They all stated their number one goal is to continue to meet the needs of customers, which is the lifeblood of any small business.
“I think it strengthens the market and gives customers a lot more choice,” Loeber says. “Behind each of these independent developers is a visionary who is able to think beyond conventional parameters and the software that they develop ends up serving customer needs better.”
“We need the competitive pressure to help keep us focused on doing the best we can for our customers,” Townsend’s Townsend says. “We all recognize that the IBM i market is a legacy market that is no longer growing and this presents a challenge. IBM certainly knows that and has adjusted accordingly. It is this condition of the IBM i market that puts pressure on ISVs.”
Trinity Guard’s Perera agrees. “Innovation needs to keep happening,” he says. “Hackers are not going to stop finding new ways to penetrate servers.”
Zailer says Raz-Lee invests a substantial amount of the company’s resources into development. “The needs are growing daily,” he says. “The more the IBM i opens itself [through open source software] the more threats might arrive to the IBM i.”