Symantec had a host of security-related news to share at RSA last week, but that wasn't all. The security solution giant released a fair amount of mobile security news at the Mobile World Congress (MWC) in Barcelona during the same period. Symantec's raft of announcements largely fell into four categories: Cloud security with Symantec O3 Cloud Identity and Access Control; mobile security with a number of mobile-focused apps, services, and updates; enhanced integration with VMware virtualization and cloud products; and a partnership with the Cloud Security Alliance (CSA) that will see Symantec developing training products and services for cloud security training. The week before RSA we spoke with Symantec's Dave Elliott, Director of Global Cloud Marketing, for background on Symantec's announcements.
Symantec O3 Cloud Identity and Access Control
One of the biggest barriers to cloud computing adoption in the
enterprise is handling user identity and access in consistent ways.
Looking at our own internal IT structure at Penton Media, we rely on
several cloud-based services, mainly for reporting expenses, booking
travel, and performing many other necessary (but unglamorous) business
tasks. Each of these services requires a separate username and
password, which makes it difficult to apply consistent security
policies across on-premise and off-premise IT resources.
"Security is consistently identified by enterprises as the top inhibitor to the adoption of cloud computing," says Gartner VP Neil MacDonald. "Since we don’t own or control the infrastructure that cloud-based services are delivered from, there is an increasing need to inject security policy such as identity mapping, encryption and access control between users and the cloud-based services they are consuming."
Like several other providers, Symantec now is taking a crack at solving that problem with the unveiling of Symantec O3 Cloud Identity and Access Control. According to Symantec's Elliott, O3 will integrate with an existing on-premise authentication, authorization and password management structures, and extend those policies into the cloud.
"One of the key features of Symantec O3 is that it provides single sign-on for more than 100 external cloud services," Elliott said. "We gained a lot of expertise [in cloud-based security] when we acquired services from Verisign...that team knows how to build hosted web services, and O3 is layered on top of that." Elliott added that O3 will also integrate with Symantec's existing Validation and ID Protection Service (VIP), which allows established VPN credentials to be used in a cloud context.
Symantec Mobile Security Initiatives
Securing mobile devices has been another hot topic for IT
professionals, and Symantec unveiled a host of new mobile security
efforts at MWC. Symantec's new O3 platform will integrate with
Symantec's enterprise mobility platform, and Symantec's new Mobile
Management for Microsoft System Center Configuration Manager promises
to give users of that platform more mobile security controls and
options. Other Symantec mobile security announcements included a new Symantec Mobile Security app for
Android devices and a new data loss prevention (DLP) product for
tablets.
Symantec Integration with VMware Products
Symantec also announced a number of new integration points with
VMware's cloud and virtualization products, including: Symantec Data
Loss Prevention integration with VMware vShield; upcoming VMware
vSphere 5 support for Symantec Critical System Protection; integration between the new
Symantec Security Information Manager (SSIM) and VMware's vShield log collector for improved security insight into
VMware virtual machines; improved alignment with VMware security standards in the Symantec Control Compliance Suite; and Symantec's Managed Security
Service (MSS) will soon add support for VMware vShield log management.
Symantec CSA Training Partnership
The Cloud Security Alliance (CSA) has been advancing the
cause of security in the cloud for several years, and that effort took a step forward
with the news that Symantec and the CSA has partnered to provide some
training resources for IT professionals. In a statement supporting the
announcement, CSA Executive Director Jim Reavis said that the training
will help companies keep their data secure in the more fluid IT
environment of the cloud.
"The Cloud Security Alliance (CSA) believes in the importance of having standards and best practices governing cloud security, and that is why we are pleased to partner with Symantec to deliver training for the Certificate of Cloud Security Knowledge (CCSK) exam," Reavis said. "This partnership will give IT Security Professionals the knowledge and hands-on experience they need to effectively protect their companies' data in the cloud."
Are you a current Symantec customer? I'd love to hear your feedback on these new announcements. Just add a comment to this blog post or contribute to the discussion on Twitter.
- Follow Jeff James on Twitter at @jeffjames3 – Google+ add Jeff to your circles
- Follow Windows IT Pro on Twitter at @windowsitpro