Time to hug a PGP employee?

| 1 Comment | No TrackBacks
| More

Very rarely do I ever get to witness the effects of a corporate takeover first hand but the acquisition of PGP by Symantec, announced lunchtime on the last day of InfoSec 2010 was to be different.

I had been through the usual InfoSec battering of interviews, key notes and random discussions which are the hallmark of this important annual event. My antenna was starting to pick up some odd behaviour chez PGP. Stranded executives unable to attend "because of the ash" (because of the cash?) coupled with a rather bizarre discussion with another very pre-occupied executive on the Thursday morning who insisted they "only had time for a 10 minute chat" and hid their laptop from view in the public display area.

Clearly something was not right.

I was sitting on the Symantec stand an hour or so later having a chat with a senior product person when I was told the news. What was to be a pleasant discussion about Symantec turned into a bit of a navel gazing exercise as we all ruminated about the ramifications of the deal.

Symantec has had an encryption sized hole in their offering that had been papered over but never properly filled. Unlike McAfee, who realised the importance of encryption and went after Safeboot in late 2007, Symantec never really took the plunge until this week. The OEM relationship that Symantec had with GuardianEdge provided them with some data protection experience which has now been confirmed with the purchase of that company for a seemingly cheap £70M. Certainly in the past I had heard good things about GuardianEdge but have been rather disappointed in their performance over the past couple of years as they seemed to retrench back to the US, neglecting EMEA. Maybe it was a BOGOF - Buy One Get One Free - and Symantec thought they may as well pay a bit more and get GuardianEdge as well.

PGP have been upping their game recently, as was demonstrated by the TrustCenter acquisition, taking them further into the security infrastructure world. The strategy appeared to resonate well and gave me cause to think that PGP had finally gotten their strategic act together and were set on a very interesting path. Clearly Symantec thought the same hence the $300M deal.

Symantec now have to turn this acquisition into something useful, and something that will prove the market wrong, many of whom consider them to be synonymous with irritating bloatwear. PGP is good, well proven technology that carries a strong brand and should not be sucked into the "borg" never to be seen again.

As for the PGP people I saw on Thursday afternoon at InfoSec. Clearly they were too junior to be counting their stock options and were actively considering their futures. I for one felt an urge to give them all a hug and tell them it will all come right in the end, my only hope is that I am right.

Nigel Stanley
Practice Leader - Security
Bloor Research

No TrackBacks

TrackBack URL: http://www.computerweekly.com/cgi-bin/mt-tb.cgi/34641

1 Comment

I am saddened greatly by the news of PGP's takeover. Symantec has improved it's AV services considerably in recent years (better detection rates and removal) however this is not to say I trust them at properly implementing there interpretation of what PGP encryption should be like. I think many people who used this application in the past undoubtedly will be p*ssed off and apprehensive of using Symantec's version and depressed about the future of this an open source app that was once useful to many even if I rarely used it myself. Many relied on this for their protection and privacy. Well, good luck with all of that now. Makes me think of HijackThis being bought out by TrendMicro. The money offered was way to enticing to ignore I suppose but that doesn't make it anymore appealing to the end-users who will need to deal with the possible repercussions. I only hope they [Symantec] do the right thing by keeping it free and open source so users and devs can decide if it's still safe and worth of their use.
Thanks for the article Nigel.

Leave a comment

About this Entry

This page contains a single entry by Fran Howarth published on October 31, 2011 3:45 PM.

Best practices for email archiving was the previous entry in this blog.

Find recent content on the main index or look in the archives to find all content.

-- Advertisement --