Enterprise Strategy Group | Getting to the bigger truth.TM

Symantec Moving to Define an Encryption Architecture
Jon Oltsik   |   Thursday April 29, 2010  |  0 comments | Filed under: Uncategorized

Today, Symantec announced that it is acquiring two encryption companies: GuardianEdge and PGP. Some will see this as a late counter-punch to Check Point‘s acquisition of PointSec, McAfee‘s acquisition of SafeBoot, and Sophos‘s acquisition of Utimaco. In other words, Symantec is finally getting in the full-disk encryption game, primarily on laptops.

Wrong interpretation. Symantec does get endpoint encryption technology, but there is a lot more here than meets the eye. In my humble opinion, Symantec also gets:

  1. A killer install base. Between the two companies, Symantec gets a foothold in the enterprise and midmarket across the globe. Symantec also bolsters its federal government business, where encryption is a very big deal.
  2. Encryption beyond PCs. Check Point, McAfee, and Sophos bought good companies, but the focus in all cases is on endpoints–PCs, mobile devices, USB keys, etc. Symantec gets this, but also gains encryption technology for file systems, e-mail, mainframes, etc. This gives Symantec a leg up.
  3. A leading key management platform. A wise man once said, “encryption is easy, key management is hard.” PGP recognized this and built a great key management platform to manage encryption keys for mobile devices, PCs, e-mail, mainframes, etc. Symantec also gets a seat at the KMIP and IEEE encryption standards table.
  4. An encryption and key management play. In discussing these deals, I haven’t seen anyone mention the added value Symantec gets from PGP’s recent acquisitions of TC Trust Center and Chosen Security. Symantec gets a root CA capable of offering PKI as a service. This gives a tremendous opportunity. Symantec can become an identity broker in the cloud for enterprise authentication, B2B trust, consumer identity protection, etc. Imagine what Symantec can do if it ships every copy of endpoint security software with an X.509 certificate. In my mind, this opens up a whole host of possibilities.

In the next few years, large organizations will realize that encryption technologies have become ubiquitous across the enterprise with no central management. This could be a real problem for data restoration, especially in a disaster recovery situation. At that point, they will look for partners to bring order, processes, and central control to this chaos. As of today, Symantec is extremely well positioned for this burgeoning–and extremely critical–market opportunity.

Related posts:

  1. Open E-mail Encryption Issue with Massachusetts CMR 201 17
  2. Symantec + Verisign = Cloud Security
  3. CA Enters Encryption Key Management Market
  4. What Will Symantec Do Next With Verisign?
  5. Amazon EC2 and Symantec: What Does it Mean?

Tags: , Chosen Security, , GuardianEdge, , , , , ,

All views and opinions expressed in ESG blog posts are intended to be those of the post's author and do not necessarily reflect the views of Enterprise Strategy Group, Inc., or its clients. ESG bloggers do not and will not engage in any form of paid-for blogging. Click to see our complete Disclosure Policy.

Add a comment

Search
About ESG | Register | Contact Us | Disclosure Policy | Terms of Use | Privacy Policy
© 2011 Enterprise Strategy Group, Milford, MA 01757 Main: Fax:

Switch to our mobile site