Viruses and worms are being placed on the backburner as IT security vendor Symantec Corp. shifts its focus from device security to protecting information and online interactions with the launch of a new strategy dubbed Security 2.0.
At the launch of Security 2.0 in New York City early this week, Symantec chairman and CEO John Thompson unveiled his company’s new vision of introducing software and services aimed at regaining user confidence in online interactions.
He said IT security, in today’s connected environment, is less about locking down the physical network perimeter, and more about protecting digital collaboration and transactions.
The problem of worms and viruses is largely solved and is now deemed as “victories from the last battle,” said Thompson. “After all, it’s been some time since a fast-moving virus or worm really threatened the connected world.”
IT security executives attending the event agreed with Thompson’s observation that viruses and worms are now problems of the past.
The government of Arlington in Virginia significantly reduced the number of spam and virus attacks coming into its network by deploying anti-spam and antivirus appliances, said Arlington’s chief information security officer (CISO) Dave Jordan.
“Now rather than seeing thousands of viruses a week, [we are seeing] three digits or less than a hundred; [we have] really put that problem into the background,” said Jordan.
At Temple University in Philadelphia the number of viruses the IT guys are dealing with has also “tremendously decreased,” according to the university’s CISO Seth Shestack. He said new threats, especially in the university, are increasingly in the area of instant messaging.
Protecting information exchanged through enterprise online collaboration and business interaction in the digital realm will be the focus of the next breed of Symantec products and services, according to Thompson.
“When enterprises are confident, they collaborate more online with their partners and employees all over the world,” Symantec’s chief executive said.
The first batch of new Symantec products and services based on Security 2.0 includes software for database security, as well as tools for protecting unstructured data from e-mail, instant messaging and file servers, according to Jeremy Burton, group president for Symantec’s enterprise security and data management.
Symantec Database Security provides real-time fraud and data leakage detection and auditing capabilities. The tool, said Burton, allows the IT administrator to keep a SQL (structured query language) database audit trail for compliance requirements. This includes the ability to monitor information that leaves the database and alert administrators when sensitive information is accessed.
Later this year, Symantec will launch its Mail Security 8300 Series, which provides integrated e-mail content filtering that controls inbound and outbound e-mail traffic. It enables the administrator, for example, to stop an outgoing e-mail if the message contains confidential information, explained Burton.
Mail Security 8300 integrates with Symantec’s Web Security tools so that a data thief is also prevented from sending out confidential information using a Web-based e-mail account, said Burton.
Other Symantec security tools are also in the pipeline such as an upcoming archiving tool, which categorizes and indexes data from e-mail, instant messaging and file servers, and Symantec’s Discovery Accelerator, an analysis tool that lets administrators mine archived messages for legal discovery or evidence gathering, said Burton.
The archiving tool and Discovery Accelerator are expected to be available in early 2007. At the Security 2.0 event, Symantec demoed how these security tools can be integrated and centrally managed, a feat that would have many IT managers smiling from ear to ear, according to one Canadian analyst.
The current state of IT security management is similar to the “nightmare” that enterprise network management faced in the 70s and the 80s, before network management tools like Tivoli and OpenView were introduced, said James Quin, senior research analyst at London, Ont.-based Info-Tech Research.
“These (network management) tools were introduced to give that single pane of glass view to network management and it simplifies things; we haven’t [reached that] yet with IT security,” said Quin.
One expected benefit of a centralized security management console is unburdening end users, who are typically expected to be responsible for the security of their desktop, explained Quin. Users, for instance, have had to make the decision of whether to open an attachment or not.
“By having a centralized infrastructure, the decisions are made at one central point,” said Quin. “You enable organizations to utilize the expertise of their security staff and take a weight of responsibility off the end users.” He added such a strategy would accomplish two things: improve enterprise security, and allow end users to do their jobs and get more productivity out of them.
Symantec also announced a partnership with New York-based Accenture – a management and technology outsourcing company – to establish Security Transformation Services, a global organization that will pool in consultants from both companies to offer security expertise to various organizations.
