Computer Associates has bought the ID-finding technology for mainframes it uses in its eTrust Cleanup product to gain greater control over it.

The software from InfoSec automatically finds and removes obsolete IDs and user access rights. Terms of the purchase agreement were not disclosed, but CA has been reselling the technology for the past two years, the company said.

Mainframe systems running the software can check information such as the "last used" date for the login, or correlate the user ID with other sources of user information to determine whether it is obsolete, according to Ron Moritz, CA's chief security strategist.

The eTrust Cleanup product currently works alongside CA user provisioning and management tools like CA-ACF2 and Top Secret. CA bought the technology to gain more control over it and more flexibility integrating it with other CA products, Moritz said.

Proliferating user IDs are a huge security problem for companies and increase the risk of hacking and virus attacks. However, finding and removing unused IDs or access privileges after an employee leaves a company or changes roles is difficult and time consuming. The forgotten IDs are frequently flagged in security audits of a company's mainframe systems, Moritz said.

CA plans to integrate eTrust Cleanup more tightly into its identity and access management products to help companies comply with new data privacy and integrity regulations such as the Sarbanes-Oxley Act, the Gramm-Leach-Bliley Act and the Health Insurance Portability and Accountability Act, CA said.

Identity and access management has been a top CA priority in recent months. In October, the company announced that it was buying Netegrity, an identity management software company, for $430 million.

Earlier this month, it announced plans for a series of software releases to help customers manage diverse user identity and authorisation schemes. CA said it wants to offer technology products that allow users to simplify authorisation and auditing as users move from Web portals to back-end resources like mainframe computers and database applications.