In an effort to help large enterprises use their endpoint security tools to their fullest capacity, Cupertino, Calif.-based Symantec Corp. is offering a set of services to help deploy, manage and monitor these technologies.
Through the Symantec Managed Endpoint Protection Services, businesses are assisted with deploying Symantec endpoint tools with help understanding their security policy, mapping that security policy to the tools’ configuration, rolling them out and even migrating from a previous non-Symantec technology.
The management and 24/7 monitoring aspect of the service offerings apply to endpoint environments in general, regardless of whether it’s a Symantec tool, and conducted from Symantec’s security operations centres where signs of security attacks are escalated to the customer at a service-level agreement of 10 minutes, said Geyer. Customers can view incident alerts via an online portal, which retains event logs for 92 days for PCI compliance and potential forensic reasons.
Actually, customers had expressed a desire for help optimizing and monitoring their environments, he noted.
The offering is driven by the fact that IT resources for managing endpoint security tools have slimmed down as a result of the economic downturn, said Grant Geyer, vice-president of managed services at Symantec.
One product among Symantec’s endpoint security offerings, Symantec Endpoint Protection, is much more than just an antivirus tool, with capabilities like antispyware, firewall technology, access control and intrusion prevention, said Geyer. “There is a significant amount of functionality in the toolset on top of basic antivirus that organizations, if they are understaffed, can use help in configuring to their policy,” he said.
A business in the financial services sector may not want its traders to be able to connect USB devices to extract data, or install applications for fear of malware, said Geyer. The endpoint tools can also define that only certain trading applications can be installed or restrictions be placed on thumb drives. “All of that functionality is over and above the basic malware protection,” he said.
“It’s about getting the most out the products.”
But a lack of IT resources is not the only driving factor behind the offering. The “staggering” growth in malware — an increase to 1.65 million unique pieces of malware in 2008 from 624,000 in 2007 — has dramatically altered the threat landscape for organizations, said Geyer.
In fact, he said, 90 per cent of malware in 2008 had a direct goal of stealing confidential data from users for financial gain. “There’s real loss on the table here for organizations,” said Geyer.
Symantec’s 2009 Managed Security in the Enterprise report, based on a study of 1,000 security managers and practitioners, confirmed to Symantec that the threat landscape had worsened, said Geyer. Among the findings, 31 per cent reported lost personal identifiable information, and one in five reported lost customer credit card information.
With the increase in malware coupled with limited IT resources, said Geyer, “it seems that organizations are caught between a rock and hard place.”
According to Candice Low, research analyst with London, Ont.-based Info-Tech Research Group Ltd., the decision to make an extra investment in services atop the purchase of endpoint protection tools is really a function of cost versus in-house resources and skills, and will depend on the individual IT department.
“For a large IT department that may have the resources and skills available in-house, outsourcing becomes a matter of cost, whether is it cheaper to perform these services in house or to outsource them,” said Low.
Symantec has been actively increasing its service offerings, most recently adding content protection services to its repertoire with the acquisition of U.K.-based security vendor MessageLabs Ltd. in late 2008, said Low. Symantec’s Managed Endpoint Protection Services, she said, will only serve to enhance its service offerings and allow it to move into a new part of the security market.
“It will encourage Symantec’s customers that may previously have been seeking a MSSP (managed security services provider) to stay with the company, thus increasing customer retention, and will help attract new business,” said Low.