Symantec had a host of security-related news to share at RSA last week, but that wasn't all. The security solution giant released a fair amount of mobile security news at the Mobile World Congress (MWC) in Barcelona during the same period. Symantec's raft of announcements largely fell into four categories: Cloud security with Symantec O3 Cloud Identity and Access Control; mobile security with a number of mobile-focused apps, services, and updates; enhanced integration with VMware virtualization and cloud products; and a partnership with the Cloud Security Alliance (CSA) that will see Symantec developing training products and services for cloud security training. The week before RSA we spoke with Symantec's Dave Elliott, Director of Global Cloud Marketing, for background on Symantec's announcements.
Symantec O3 Cloud Identity and Access Control
One of the biggest barriers to cloud computing adoption in the enterprise is handling user identity and access in consistent ways. Looking at our own internal IT structure at Penton Media, we rely on several cloud-based services, mainly for reporting expenses, booking travel, and performing many other necessary (but unglamorous) business tasks. Each of these services requires a separate username and password, which makes it difficult to apply consistent security policies across on-premise and off-premise IT resources.
"Security is consistently identified by enterprises as the top inhibitor to the adoption of cloud computing," says Gartner VP Neil MacDonald. "Since we don’t own or control the infrastructure that cloud-based services are delivered from, there is an increasing need to inject security policy such as identity mapping, encryption and access control between users and the cloud-based services they are consuming."
Like several other providers, Symantec now is taking a crack at solving that problem with the unveiling of Symantec O3 Cloud Identity and Access Control. According to Symantec's Elliott, O3 will integrate with an existing on-premise authentication, authorization and password management structures, and extend those policies into the cloud.
"One of the key features of Symantec O3 is that it provides single sign-on for more than 100 external cloud services," Elliott said. "We gained a lot of expertise [in cloud-based security] when we acquired services from Verisign...that team knows how to build hosted web services, and O3 is layered on top of that." Elliott added that O3 will also integrate with Symantec's existing Validation and ID Protection Service (VIP), which allows established VPN credentials to be used in a cloud context.
Symantec Mobile Security Initiatives
Securing mobile devices has been another hot topic for IT professionals, and Symantec unveiled a host of new mobile security efforts at MWC. Symantec's new O3 platform will integrate with Symantec's enterprise mobility platform, and Symantec's new Mobile Management for Microsoft System Center Configuration Manager promises to give users of that platform more mobile security controls and options. Other Symantec mobile security announcements included a new Symantec Mobile Security app for Android devices and a new data loss prevention (DLP) product for tablets.
Symantec Integration with VMware Products
Symantec also announced a number of new integration points with VMware's cloud and virtualization products, including: Symantec Data Loss Prevention integration with VMware vShield; upcoming VMware vSphere 5 support for Symantec Critical System Protection; integration between the new Symantec Security Information Manager (SSIM) and VMware's vShield log collector for improved security insight into VMware virtual machines; improved alignment with VMware security standards in the Symantec Control Compliance Suite; and Symantec's Managed Security Service (MSS) will soon add support for VMware vShield log management.
Symantec CSA Training Partnership
The Cloud Security Alliance (CSA) has been advancing the cause of security in the cloud for several years, and that effort took a step forward with the news that Symantec and the CSA has partnered to provide some training resources for IT professionals. In a statement supporting the announcement, CSA Executive Director Jim Reavis said that the training will help companies keep their data secure in the more fluid IT environment of the cloud.
"The Cloud Security Alliance (CSA) believes in the importance of having standards and best practices governing cloud security, and that is why we are pleased to partner with Symantec to deliver training for the Certificate of Cloud Security Knowledge (CCSK) exam," Reavis said. "This partnership will give IT Security Professionals the knowledge and hands-on experience they need to effectively protect their companies' data in the cloud."
Are you a current Symantec customer? I'd love to hear your feedback on these new announcements. Just add a comment to this blog post or contribute to the discussion on Twitter.