This article originally appeared on
SearchSecurity.com.
Symantec Corp. says its latest products and partnerships will
thwart online outlaws who attempt to raid company databases for
sensitive information that can be used for a variety of fraud.
 | | | | | Consumers and enterprises alike
need to feel confident that their information is safe and their
interactions are secure.
John Thompson,
Chairman and CEOSymantec Corp. |
| | | | | |
| |
|
On Tuesday, the Cupertino, Calif.-based antivirus giant unveiled
Security 2.0, its strategy for protecting customers from what it
calls the next generation of threats targeting personal information
and interactions. At a company event in New York, Symantec Chairman
and CEO John Thompson said the concept brings together an ecosystem
of products, services and partnerships to offer that
protection.
"Confidence is the essential component in today's digital
world," he said. "Consumers and enterprises alike need to feel
confident that their information is safe and their interactions are
secure. Otherwise, the digital lifestyle will not be as exciting or
dynamic and we will not realize the full potential that new
technologies bring to the connected world."
A new product included in Security 2.0 is Symantec Database
Security, designed to provide real-time fraud and data leak
detection along with auditing capabilities. It caters to
businesses, government agencies and academic institutions that are
increasingly at risk of data breaches that can damage an
organization's reputation and
expose millions of people to identity fraud.
Symantec executives cited the growing number of data breaches
and the resulting exposure of confidential information as the
motivating factors behind the release of the tool. "It has a
feature that I call extrusion detection, which alerts
administrators when sensitive data is leaving the network," Steve
Trilling, Symantec's vice president of research and advanced
development, said in an interview recently. "And it operates on a
copy of the network traffic, so it doesn't slow anything down."
Trilling said the product builds a profile based on what's
considered "normal" interaction with the database and alerts the
enterprise when it detects abnormal activity that falls outside the
normal profile. It also monitors all information that leaves the
database, alerting administrators when someone tries to upload
sensitive information like Social Security or credit card
numbers.
The product also keeps an audit trail of all activity on the
database server, an important feature since enterprises need
detailed logs to demonstrate compliance to their auditors.
Along with the new products, Symantec announced two
partnerships:
- One is with Pendleton, Ore.-based Accenture, a global
management consulting, technology services and outsourcing company.
The two firms have established Accenture and Symantec Security
Transformation Services, an organization that will build and
implement data security solutions to help companies assess risk in
their IT environments.
- The other is with Mountain View, Calif.-based VeriSign Inc. and
the goal is to jointly combat online fraud and identity theft.
Symantec will offer support for the VeriSign Identity Protection
(VIP) Authentication Service, which allows consumers to use
one-time passwords to protect their online identity. The companies
also plan to jointly market combined identity and security
solutions to financial institutions, online retailers and end
users, according to a prepared statement.