Oracle has agreed to acquire cloud access security broker Palerra, whose LORIC software manages security and compliance for applications, workloads, and sensitive data stored across cloud services, the companies announced Sunday.
Palerra “offers a unique combination of visibility into cloud usage, data security, user behavior analytics and security configurations, with automated incident responses,” wrote Peter Barker, Oracle’s SVP of identity management and security products, in a letter to customers and partners.
“Customers can respond to cloud security incidents in real time, protecting sensitive company data and workloads across all of the leading cloud services,” he pointed out.
The combination of Oracle Identity Cloud Service and Palerra’s solution will “deliver comprehensive protection for users, applications and APIs, data, and infrastructure to secure customer adoption of cloud,” Barker noted.
The Palerra team will join Oracle. Financial terms of the acquisition weren’t disclosed.
Gearing Up for a Big Play
The purchase likely is linked to a new cloud service Oracle reportedly is building. It’s expected that it will be offered alongside the company’s existing product, which is based partially on the technology it acquired with the purchase of cloud OS startup Nimbula in 2013.
“There’s no doubt that Oracle is going to be a major player in the cloud,” said Al Hilwa, a research program director at IDC.
Oracle “has some incredible software assets and a strong engineering culture to bring to the table,” he told the E-Commerce Times. “We’ll have to watch how fast Oracle can crank growth to really get ahead of the competition.”
Palerra “was built to address specific concerns around moving data, workloads and applications to cloud,” observed Seth Lippincott, lead ERP analyst at Nucleus Research. The purchase extends Oracle’s capabilities.
“As Oracle continues to focus on building its cloud portfolio, Palerra will help it in its efforts to transition on-premises enterprises to its subscription cloud services,” he told the E-Commerce Times.
Oracle still faces cloud adoption challenges from concerns around security, Lippincott noted.
Among the security issues the company has encountered within the past year:
- A cybercrime group, possibly of Russian origin, breached hundreds of computer systems at Oracle and compromised a customer support portal for businesses using Oracle’s MICROS point-of-sale credit card payment systems, Krebs on Security reported last month. Micros is among the top three global POS vendors.
- ERPScan, which provides security software for Oracle and SAP, last year found six vulnerabilities that affected some of the most critical business applications in Oracle E-Business Suite, the core platform of its most popular enterprise application. The applications affected were the Value Chain Execution Suite, Value Chain Planning, Advanced Procurement, Supply Chain Management and Project Portfolio Management.
“Integrating an experienced cloud transition security broker into its portfolio of security services can help Oracle overcome the remaining doubts that enterprise customers still have,” Lippincott suggested.
“Cloud Access Security Broker is another one of those categories that has arisen in the ecosystem as businesses race to the cloud,” said Steve Wilson, a principal analyst at Constellation Research.
“Cloud security access is hygiene. It makes sense for Oracle to acquire a leading specialist and fold it into their offering,” he told the E-Commerce Times.
There will be “a lot of CASB consolidation in the next year or two,” Wilson predicted.
Oracle’s acquisition of Palerra “likely couldn’t have been better timed, with a heavy focus on security and continued news on data breaches,” remarked Rob Enderle, principal analyst at the Enderle Group.
The deal “allows Oracle to argue they are more on top of the problem than their competitors in an area which likely scares the crap out of CIOs at the moment,” he told the E-Commerce Times.
However, CASB technology “tends to be very invasive, and requires a very unique set of skills to develop and implement,” Enderle cautioned. “A lot will depend on how well integrated this already is with Oracle’s offerings, and whether they can retain the core talent needed to service, support and advance the offering once it becomes part of Oracle.”