Fresche Takes On IBM i Security With Trinity Guard Acquisition
March 14, 2022 Timothy Prickett Morgan
There are things that you worry about that you can’t do anything about, and there are things that you worry about that you actually can do something about – and have a fiduciary responsibility to do. Death and taxes are in the former category, and the security of mission-critical IT platforms are in the latter.
Fresche Solutions, which expanded from its core application and database modernization business with the acquisition of Abacus Solutions last October, has been on the hunt to do more deals to help IBM i customers tackle the hard problems they face and give them new ability to innovate and quickly deliver new solutions. And that is why Fresche has acquired Trinity Guard, one of the last major, free-standing security companies in the IBM i market.
Raz-Lee Security, Townsend Security, and Kisco Information Systems are still independents, and we would not be surprised to see Fresche or Precisely snap up these remaining players to build a security portfolio. Precisely, the combination of Vision Solutions and Syncsort, already acquired Enforcive and Cilasoft to start building its security portfolio and HelpSystems, arguably the largest of the IBM i conglomerates, ate PowerTech, Bytware, Safestone Technologies, Halcyon Software, and Skyview Partners to build out its portfolio.
Trinity Guard was founded in 1990 by Pauline Brazil Ayala and Tony Perera, who both helped create the PentaSafe IBM i security products that, after changing hands many times, landed in the Micro Focus conglomerate. Over the years, Trinity Guard has created security, compliance, and intrusion detection software for both IBM i and Linux platforms. IBM i shops tend to believe in “security through obscurity” or have a false notion that the IBM i platform is inherently more secure than other platforms. (As IBM i security guru Carol Woodbury is fond of saying, IBM i is inherently “securable” but not necessarily “secure” if you don’t know what you are doing and if you are not constantly on guard.
The financial details of the acquisition of Trinity Guard by Fresche were not disclosed, but what we can tell you is that Trinity Guard has been heads down for the past few years developing the next generation in IBM i security products – and this is just the start. Building up and building out the Trinity Guard portfolio of products and services is the mandate that chief executive officer Steve Woodard has been given, and there is no doubt in his mind or ours that the need is large and that it is going to take a different approach to turn the fear that IBM i shops have – as well as their complacency – when it comes to security into best practices and budgets. But mark our words: In this modern world of escalating ransomware and malware, where the average ransomware breach costs $4.6 million (presumably the ransom and/or the damage from downtime), there has never been a better time to help people secure their systems or more need to do so.
“If you look at all of the survey data that vendors do in the IBM i market, they say that somewhere between 20 percent and 30 percent of the IBM i base actually have security tools,” Woodard tells The Four Hundred. And then we launched into a conversation about surveys that are self-selecting the active part of the IBM i base and not reaching the IBM i laggards, who tend to be on older hardware and systems software, not have software maintenance, and often run older legacy applications that still work just fine. “Even if you go plus or minus 10 percent on that, security for IBM i is still a $100 million opportunity.”
That sounds about right, but the disconcerting thing is how few IBM i shops have security tools. When we talked to Perera a little more than a year ago, he reckoned that somewhere around 10,000 of the 120,000 IBM i shops in the world had security tools installed. Or call it 30 percent of the 30,000 active IBM i customers in the world and it is still around 10,000 customers. Given the climate out there on the Internet today, each and every other IBM i shop in the world needs security software – or better still, security services run by experts – if they are not going to be exposed to an extinction-level event by bad actors.
“Here is why the acquisition of Trinity Guard is so timely,” continues Woodard. “Now, after the Abacus acquisition, we can go to our customer base and tell them that we can manage their IBM i platforms and then ask them what they are doing in terms of security. And, we’re making the software much more accessible to the market through a flexible subscription model or permanent license model. We’re also putting together a new model with Abacus, our network operations center, to provide security as a service as well as managed services remotely. So all of a sudden, our customers are going to be able tell us to just take all of this scary security stuff and deal with it.”
The good news for both Fresche and the people at Trinity Guard who want their tools to be more widely distributed to protect companies in this hostile environment is that there is very little overlap between the installed bases of the two companies.
“Every time we have acquired a company, we have been really surprised that there isn’t as much overlap as we ever expected,” says Marcel Sarrasin, chief product officer at Fresche. “We used to say that we had been marketing at the various companies for twenty or thirty years, that we know everybody and everybody already knows us. That is not the case, and the overlaps between these companies that are part of Fresche is not what I expected and is lower, in fact.”
The net effect of that is that Woodard believes he can at least double the Trinity Guard base in a year and a half, and that is using a mix of selling the Trinity Guard tools directly as well as selling security as a service through Abacus. We think that Woodard is possibly underpromising so he can overdeliver. And we have done that, too, as any good engineer does. The point is, with the right mix of products and services – and at the right price points – the cumulative knowledge of Trinity Guard and Abacus can be spread across a large number of IBM i customers, many of whom do not have the skills or the time to properly secure those mission critical systems. To put a stake in the ground, we think that Fresche can very likely double the installed base of Trinity Guard tool buyers in a year and sell three times as many customers on subscriptions if the pricing and packaging is right.
Defining what “right” is, in this context, is the tricky part.
This is something that Perera was pondering even before Fresche came knocking on the door. “We kept our pricing simple compared to the competition, and we just price Trinity Guard based on an LPAR license,” Perera explains. “We had been talking about a partnership even before we did the acquisition, and now we have the ability to do a subscription model for a service. One of the biggest issues that the IBM i platform faces, as you well know, is that these companies do not have the people to manage the hardware, the applications, and the security.”
Letting go of the security is probably going to be the easiest, particularly if the team developing the tools is behind the service operating them. The second easiest thing to let go of is managing the hardware. IBM i shops will never let go of managing their applications and databases is our guess, but they will take help here if they get into a skills shortage bind.
We look forward to seeing what Fresche does in the security realm and how it expands out its portfolio of products and services. We have a feeling that this is only the beginning.