Novell has quietly bolstered its ID governance portfolio after acquiring the technology assets of a tiny British company and signing a 'perpetual' licensing deal with California-based ActivIdentity.

Novell acquired the technology assets of Somerset, UK-based Fortefi, a provider of compliance and ‘privileged user management solutions'. Essentially, Novell is getting two Fortefi products, namely Command Control and Compliance Auditor.

The cash acquisition, for an undisclosed sum, will give Novell increased corporate governance capabilities over security policies, as well as providing an access management system to help IT managers maintain the appropriate level of access privileges for end-users.

This is similar to what Texas-based SailPoint already offers. Its technology is also designed to help organisations better manage user privileges, by helping them implement strong and consistent controls over user access to business critical applications and data - identity governance in other words.

Fortefi has been in operation for approximately five years. "Effectively, it is an acquisition of the company because Novell is acquiring all the products that Fortefi produces," said Fortefi's former CEO, Jim Taylor. "The deal is more in the area of software for control and compliance on Unix and Linux machines," he said.

"We had several options available to us, but we felt that the Novell deal was of mutual benefit to both parties, as the technology was a good fit," he told Techworld.

"We liked what Novell is doing in the management and security space, and it has a similar culture to ours, with the same goals. Fortefi was a project of passion that we put a lot of work into, so we were also looking for the right place to put the company," he said.

Taylor said the majority of staff, himself included, would be moving to Novell.

Compliance has previously been a major issue for the financial services sector due to Sarbanes-Oxley, but is now becoming an increasingly important issue for enterprise businesses because of EuroSOX and other regulations.

Indeed, European businesses were warned last year by Fujitsu Siemens Computers that compliance is about to become as much of an issue for them, as it already is for their US counterparts. This is because regulations are increasingly demanding that organisations can maintain valid audit trails of user activity, data access and system transactions.

Novell said it will use the Fortefi assets in its Novell Privileged User Manager, which will be due sometime in the second quarter.

The Novell Privileged User Manager will then become part of Novell's Compliance Management solutions, which aims to automatically enforce security and access-related policies, making it easier for organisations to prove compliance and ensure trusted access.

Besides the acquisition, Novell also said that it has acquired a perpetual source code licence to ActivIdentity's single sign-on solution, SecureLogin. This had been previously available to customers via an OEM agreement as Novell SecureLogin since 2001.

Enterprise Single Sign-on (ESSO) enables a user to access all permitted computers and systems without the need to enter multiple passwords. Novell says ESSO reduces human error and helpdesk requests, "but is difficult to implement because most applications and systems support different password mechanisms."