BitArmor Buy Will Strengthen Trustwave's PCI Services

Archived Published: 18 January 2010 ID: G00173961

Analyst(s): |

  Free preview of Gartner research


Trustwave customers will benefit from its purchase of data encryption provider BitArmor, but the deal will have a limited effect on the mobile data protection market, which established vendors will continue to dominate.

News Analysis


On 12 January 2010, Trustwave, a provider of payment card industry (PCI) compliance management solutions and services, acquired BitArmor. BitArmor's DataControl provides encryption for files, full drives, removable media and e-mail attachments. The foundation of BitArmor's intellectual property is a technology called "Smart Tags" which contain encryption and protection policies that stay with data as it travels from device to device. The terms of the deal are confidential.


This deal continues Trustwave's strategy of acquiring complementary technologies to enhance its PCI-oriented managed services. Trustwave, which provides PCI security assessments to midsize merchants and offers managed services to meet PCI requirements, acquired data loss prevention vendor Vericept in September 2009 and sees the acquisition of BitArmor as the next logical extension.

The acquisition forms part of Trustwave’s plan to start penetrating the endpoint protection platform (EPP) and mobile data protection (MDP) markets, but will have little impact on either market for several reasons. Trustwave’s market strength concentrates on services for midsize and smaller merchants focused on complying with PCI mandates, and BitArmor's presence in the MDP market was limited in terms of client numbers. BitArmor provides data control software that secures, tracks and controls sensitive data by attaching tags to the data to facilitate policy management decisions on laptops, removable media, servers and e-mail attachments. The tagged data approach provides a granular control to data protection, because every file can directly assert its access policy, but will often be more than PCI mandates require.

Although this acquisition should bring financial stability to BitArmor's operations and increase its sales through Trustwave's direct sales force and strong channels, Gartner believes that the deal will have less impact on the encryption market than previous acquisitions, such as McAfee acquiring Safeboot. Previous Trustwave acquisitions have validated our opinion that Trustwave's core business is in PCI-related services, not in being an enterprise software product vendor.


  • Merchants looking for a managed encryption solution to meet PCI requirements: Evaluate Trustwave, but still be wary of using the same firm for qualified security assessor (QSA) and remediation services.

  • BitArmor customers that do not fit the profile for Trustwave's PCI services: Evaluate Trustwave's product road map against your incumbent encryption vendors that are focused on user workstations in Gartner's "Magic Quadrant for Mobile Data Protection" .

Recommended Reading

(You may need to sign in or be a Gartner client to access the documents referenced in this First Take.)

© 2010 Gartner, Inc. and/or its Affiliates. All Rights Reserved. Reproduction and distribution of this publication in any form without prior written permission is forbidden. The information contained herein has been obtained from sources believed to be reliable. Gartner disclaims all warranties as to the accuracy, completeness or adequacy of such information. Although Gartners research may discuss legal issues related to the information technology business, Gartner does not provide legal advice or services and its research should not be construed or used as such. Gartner shall have no liability for errors, omissions or inadequacies in the information contained herein or for interpretations thereof. The opinions expressed herein are subject to change without notice.

Why Gartner

Gartner delivers the technology-related insight you need to make the right decisions, every day.

Find out more

Call +1 855-515-4486 or contact us

to become a Gartner client.