Asia's Source for Enterprise Network Knowledge

Thursday, October 23rd, 2014

Information security management

Symantec encryption buyouts raise open source, overlap questions

Symantec's announced acquisitions Thursday of data encryption specialists PGP Corp. and GuardianEdge Technologies have industry watchers wondering which products will stay and go, and how open source PGP will fare in the wake of the buyouts.
 
Symantec has had analysts puzzling for years about why the company has only licensed rather than bought into encryption technology, but made a bold statement today with the $370 million worth of planned acquisitions in a bid to address customer needs related to regulatory requirements and growing mobile device usage.
 
The acquisition of both companies, however, raises questions about which products and brands will survive. Symantec simply says at this point it will support products from both vendors into the future.
 
"There's definitely overlap with PGP on the desktop," points out Gartner analyst John Pescatore. "Our bet is GuardianEdge survives in the long run."
 
He notes Symantec has cultivated a very close relationship with GuardianEdge, a favorite of the financial and government sectors, through OEM relationships and has integrated its technology into the Symantec Altiris management framework.
 
One strength of PGP is its server-side encryption and security offerings, which compete with products from vendors such as nuBridges, Voltage, Vormetrics and RSA with its BSafe toolkit. Demand is growing for server-side encryption because of the Payment Card Industry data security requirements, Pescatore says.
 
Symantec says PGP counts 100,000 enterprise customers with more than 1,000 employees, and 1 million small-to-midsized customers with fewer than 1,000 employees.
 
For its part, Symantec says it sees PGP and its public-key encryption technology as its ticket to innovations making use of key management.
 
Symantec is a market leader in the data loss prevention (DLP) product arena, and "for complete use of DLP, encryption is an important part," Symantec CEO Enrique Salem told financial-industry analysts earlier this morning on a conference call to announce the acquisitions.
 
The PGP platform for key-management will contribute to Symantec's focus on creating a "policy-based approach" in security, Salem said. In addition, a start-up acquired by PGP, called ChosenSecurity, offers another path into identity management related to establishing trust among users and sites, he noted.
 
"We will standardize on the PGP key-management platform," says Francis deSouza, senior vice president, Enterprise Strategy group, Symantec.
 
PGP's key-management technology is expected to be used as a way to manage keys for GuardianEdge, as well, deSouza says. Symantec intends to support both the PGP and GuardianEdge product lines, though the reality is there is product overlap. The PGP key-management technology is also expected to play a big role in many Symantec endeavors in cloud computing and storage.