Symantec Says The Worm And Virus Problem Is Solved. Here's What's Next

Symantec announced Tuesday some of the specific products, services, and strategy behind its "Security 2.0" initiative it's been hinting about the past several weeks.

Symantec chairman and CEO John Thompson started off by declaring that the problem of "worms and viruses is solved." The more relevant threats today are phishing and fraud as well as organized crime's interest in stealing and reselling personal information, and its Security 2.0 products are aimed at those. The new offerings include a Norton Confidential Online Edition that promises more secure online transactions, an identity-protection partnership with VeriSign, a security services partnership with Accenture, and new Symantec products for improving database and e-mail security.

Norton Confidential Online Edition, which won't be available until next year, is based in part on Symantec's Norton Confidential product, which the company acquired along with Whole Security last year. It promises to help banks protect their online customers from phishing, pharming, and other scams targeted at stealing personal information and money. It will do this by authenticating a bank's site each time a customer logs in so that the customers know they're on a legitimate site. The software will also block keylogging, screen capture, and password-stealing programs.

Symantec also plans to provide its Norton customers with access to VeriSign Identity Protection Authentication Service, which lets end users use one-time passwords when conducting online transactions. Symantec's relationship with Accenture will expand Symantec's 1,000-person services operation around mitigating compliance risks, managing security operations, and building more secure applications.

Symantec Database Security monitors data flowing to and from databases and, depending upon a company's security policies, alerts administrators whenever it detects data containing intellectual property or sensitive information being sent out of the database. "It acts as a security camera rather than a security guard," says Jeremy Burton, group president of Symantec's security and data management group, who adds that future versions of Database Security will allow administrators to automatically block such data from being distributed.

The company also expanded its movement into the e-mail security market with the announcement of its Mail Security 8300 Series appliance, set to ship in November. The 8300 Series will be available as part of the Secure Exchange products and services that Symantec offers with Dell. This includes Dell PowerEdge servers and PowerVault storage, Dell-EMC storage, Symantec Mail Security for Microsoft Exchange, Symantec Enterprise Vault, and Backup Exec. Secure Exchange can be used not only to report on suspicious e-mail but to block that e-mail as well.

Customers at Tuesday's event agreed the worm and virus problem is largely under control, and that Symantec needs to push into new areas of security. "IM is becoming the new threat vector," says Seth Shestack, acting chief information security officer for Temple University. "Telling students they can't have access to IM is like telling a bank they can't use money."

The availability of antivirus software and network security appliances over the past couple of years has "pushed those problems into the background," agrees David Jordan, chief information security officer for Arlington, Va.'s, department of technology services.