Ottawa-spawned Entrust Inc. has partnered with the e-security business practice of PricewaterhouseCoopers to offer its technology and related services worldwide.
The strategic alliance will allow PwC’s beTRUSTed entity to provide Entrust’s Internet security software to both companies’ clients globally.
Under the agreement, Entrust and beTRUSTed will assign dedicated global sales professionals and product and marketing teams to work in tandem from beTRUSTed’s facilities in the Americas, Europe and Asia/Pacific.
BeTRUSTed will provide security services for customers based on Entrust’s enhanced Internet security products and customers that have already purchased digital identity services from Entrust will be transitioned to beTRUSTed in the first quarter of 2002.
Now headquartered in Dallas, Entrust was spun out of Nortel Networks in 1997 and retains most of its operations in Canada’s capital. Founded as a Nortel business unit in 1994, Entrust pioneered public-key infrastructure technology, a platform it has used to develop its Internet security solutions, and create a broad set of capabilities, including identification, entitlements, verification, privacy and security management. Entrust’s customers include NASA, Merrill Lynch and the Government of Canada.
Ian Curry, vice-president of product management, said some customers do take it upon themselves to implement Entrust security solutions because they don’t want to open their business to a third party. But others either don’t have the resources or don’t want to devote resources to something that’s not their core competency and look to outsource their security requirements. “It’s a very a binary reaction,” he said.
As the security market has become more mature, said Curry, there are more customers that want to outsource.
Curry said it’s difficult to find appropriate partners, but not because the technology is complex. “It’s because of the complexity of society.
“What PwC is going to be running for our customers is some very important software that is really going to be providing the foundation of their security, so the important thing is that the customer trusts them — from a human perspective and from a competence perspective,” he said. “You can’t find a better name than PwC to fit both of those dimensions.”
Not only will PwC be servicing Entrust’s customers, said Curry, but it will also provide a channel to gain new customers. “They are very early in the loop with customers and their new directions,” he said. “They tell the customer what direction to take in that loop.”
Curry said customers are looking for security solutions that are very secure, easy to use and operate at a low cost. “That’s been the real nut to crack, and that’s what Entrust does.”
Security still needs to be integrated into business applications, and that’s where PwC comes in.
John Garvey, COO of PwC’s beTRUSTed group, said Web enablement of existing applications is a strong driver for organizations to look for comprehensive security solutions, and companies often want to address security very early into their broader consultations with PwC on other business issues.
“A lot of our clients are using digital Entrust identities to create e-signature paperless applications for example,” he said. “Some of them are building from scratch, some of them are taking existing applications and e-signature enabling them.”
Because Web enablement means exposing applications and IT infrastructures to partners and customers, security has become an issue affecting the whole business.
“The whole area of security — particularly identity management — is becoming a board level issue that our clients are discussing with us,” said Garvey.
Dan McLean, research analyst with IDC Canada in Toronto, agreed. “I think it should be a board room issue,” said McLean. “It should be administered by IS departments but making the actual decisions around how much and to what degree is really a business decision. The fundamental problem is that businesses have too often handed over the responsibility of IT security to the IS folks.”
McLean said so many of the implications of poor security have a lot to do with business or the bottom line. “A (security) breach can devalue a company tremendously. You can restore files. The real implication is how your customers and partners feel about you afterwards.”
Getting security solutions provided by an outsourcer is becoming more common, added McLean. “What businesses have done traditionally is look to provide point solutions, typically to address something that has already been a problem,” he said. “What companies are going to need and are going to demand is something that’s more comprehensive and more holistic.”