Archer, which has some six million licensed users, is a privately held company; the financial terms of the acquisition were not released. EMC said Archer will remain in Overland Park, Kansas, and operate as a part of EMC's RSA Security Division.
IT organizations are increasingly viewing important parts of their operations from the vantage point of GRC. "Our customers are telling us that their real challenges are in the areas of policy management, audit, and compliance," said Art Coviello, RSA president, in a statement. "The Archer solution not only offers the visibility into risk and compliance that customers need, it brings stronger policy management capabilities to the RSA portfolio. The end result is customers are able to better manage their security programs and prove compliance across both physical and virtual infrastructures."
Archer's SmartSuite Framework delivers out-of-the-box solutions in categories of policy, risk, compliance, enterprise, incident, vendor, threat, business continuity, and audit management. The solution enables users to tailor solutions to their specific requirements in both on-premises and Archer SaaS models.
EMC indicated that Archer will work effectively not only with RSA, but also with EMC's recently acquired Ionix unit as customers work to automate their IT configurations across servers, networks, and storage environments.
"With Archer, we can also make information security a more integrated element of overall IT-GRC efforts," said Coviello. EMC cited a recent Forrester Research report on GRC noting that organizations that coordinate their governance, risk, and compliance processes can reduce audits and streamline compliance reporting.