Symantec unveiled some of its plans for the encryption technology it acquired by buying PGP and GuardianEdge, as well as how the VeriSign acquisition could fit in.
Not long ago, Symantec was going the OEM route for encryption. That
all changed in June when the company announced it had closed on
the PGP and GuardianEdge acquisitions.
This past week, Symantec detailed more of its plans for the technologies
unveiling a strategy that stretches from whole-disk encryption to
protecting data copied to removable devices. The key word for
Symantec is integration--bringing encryption to bear in
conjunction with authentication and DLP (data loss prevention)
technologies from other acquisitions.
the reason for the acquisitions, was really to complete the product
set," explained Tim Matthews, director of product marketing at
Symantec. "[The company is] well known for antivirus, anti-malware
[and] security in general...it only made sense to buy encryption
technologies to protect the information itself."
In the months since the combined $370 million acquisitions of PGP
and GuardianEdge, Symantec has been working to address overlap between
the two new assets and integrate them into the Symantec portfolio.
Those efforts manifested themselves in Symantec's announcement of four
products this week, all of which are slated for release in the winter
One is a new version of PGP Whole Disk Encryption, in which Symantec
has added support for Intel AES-NI technology. Symantec also integrated
the product with Intel's Anti-Theft Technology, which allows
organizations to render stolen or decommissioned PCs unusable. Also in
the area of whole-disk encryption, Symantec is adding support for Mac
OS X to its Endpoint Encryption Device Control product.
Beyond that, the company also announced plans for Endpoint
Encryption Device Control, a rebranding of GuardianEdge's technology.
With Endpoint Encryption Device Control, organizations will be able
to manage the use of portable storage devices and media drives.
The product is slated to feature a number of capabilities,
including the ability to control access to ports and monitor
device use and file transfer activity.
Last but not least is Symantec Endpoint Encryption Removable Storage
Edition, which the company said will enable content-aware control over
information users want to copy to removable devices.
Scott Crawford, research director of Enterprise Management
Associates, said Symantec's acquisitions of PGP and GuardianEdge
suggests the priority going forward is not only controlling information
but the systems where information is found.
"The announcement of [a] capability that supports more advanced
anti-theft functionality and device control are early indicators of
this," he said. "Looking ahead, it is possible to see a larger role to
be played in concert with, for example, DLP as an engine for automating
the application of encryption or device control policy, and the
extension of management for these capabilities to hosted offerings
following the release of Symantec's hosted endpoint security
offering...Symantec is clearly out to extend its lead in endpoint
security management in a market where moves such as Intel's acquisition of McAfee
new challenges for the company, and to make sure its stake in endpoint
security remains part of its strategic priorities going forward."
There also are plans for deeper integration with another major Symantec acquisition
the future as well, Matthews said. For example, PGP encryption
products can work together with user authentication to provide stronger
"In the future, Symantec is considering taking this a step further
by using VeriSign authentication-one-time password or client
certificate-to allow strong authentication for administrators or users
to log into their encryption application, such as an e-mail account, or
management console, such as PGP Universal Server," he said.
"If you look at the most commonly deployed technologies after a data
breach...they are encryption, DLP and authentication, and now Symantec
has all three of those," he added. "So [what] we see here already is
integration between encryption and DLP, [and] you can look for more
integration with the VeriSign technologies down the road as well to
offer strong authentication to work with the encryption."