Symantec promises customers protection it can't provide for itself

Company is spreading its 'safe cloud' vision and technology while investigating a hack attack it suffered today

Symantec laid out at RSA today its grandiose, long-term vision as a one-stop provider cloud security -- while doing damage control after allegedly suffering a significant data breach at the hands of hacker group HTP (Hack the Planet), which exposed on PasteBin hundreds of users names, email addresses, and hashed passwords.

The purported breach, which Symantec is investigating, was one of many revealed today as groups like HTP and Anonymous reportedly laid siege to high-profile companies such as PayPal and ImageShack. The attacks, which coincide with Guy Fawkes Day, serve as another reminder of the growing threats of the increasingly porous cloud-based world.

It's no surprise that Symantec is seeking to take advantage of organizations' very real fears about diving into the cloud. The fact that the company has suffered other significant attacks from prominent hacker groups may give pause to would-be customers interested in enlisting Symantec's aid until it can prove it can provide the level of security it promises.

Nevertheless, the security company touted a vision in which cloud-based applications and services will continue to proliferate in step with increasing troves of data and where clouds will become increasingly complex as companies shift from public and private environments to a hybrid model. Those clouds will be safe, per Symantec's vision, to the point that companies will be able to put sensitive information in the cloud with confidence, thanks to increased security, data control, and availability. Naturally, Symantec asserts it will be a key player in achieving this safe-cloud vision, where data flows among securely disparate cloud environments, servers, networks, data troves, PCs, laptops, and mobile devices.

Among the core components to Symantec's vision is Symantec 03, which the company describes as a security control point for the cloud. Formally released in February, Symantec 03 is a "cloud information protection platform," according to the company, providing identity and access controls, information security features, and information management capabilities. Among its features is an access control layer that provides single sign-on and identity brokering. Symantec 03 is designed to tap into an organization's existing identity infrastructure and supports context-based authorization, password management, and federation services.

New to Symantec 03 is a Cloud Identity and Access Control feature that, according to the company, provides businesses with a single, secure access point to a variety of cloud and Web applications and services.

Symantec also announced a Symantec File Share Encryption, which the company said ensures that files saved to Dropbox remain safe while still accessible across mobile devices. The tool, which uses Symantec Encryption Management Server (formerly PGP Universal Server), supplements Dropbox's native encryption, allowing organizations to use their existing directory scheme to limit access to confidential data via policies. It also ensures that individuals who have left an organization can't open open sensitive, encrypted Dropbox files, according to the company, and it's designed to protect confidential data from potential cloud breaches and to limit access to confidential data.

Symantec has announced a File Share Encryption tailored for iOS, due out next year, which will include a file viewer app for the iOS devices.

Also on the mobile front, the company announced Symantec Mobile Encryption for iOS and Symantec PGP Viewer for Android. Available early next year, these offerings aim to solve the problem of protecting confidential email data on mobile devices. The iOS version gives users the ability to compose encrypted email, according to Symantec. Recipients of encrypted email who also have Symantec Mobile Encryption for iOS will be able to access encrypted messages with a click. Otherwise, they can click a URL to retrieve encrypted email messages from a secure server.

Additionally, Symantec announced Version 7.0 of its Protection Engine for Cloud Services 7.0, a client/server application that allows customers to incorporate malware- and threat-detection technologies into "almost any application," according to the company. The offering intends to protect application from threats caused by SMTP emails, mobile phone emails, Web access, Internet downloads, and files on cloud storage sites.

This story, "Symantec promises customers protection it can't provide for itself," was originally published at InfoWorld.com. Get the first word on what the important tech news really means with the InfoWorld Tech Watch blog. For the latest developments in business technology news, follow InfoWorld.com on Twitter.

Join the discussion
Be the first to comment on this article. Our Commenting Policies