'Security for mobile devices represents a great opportunity for us'

Riding on the concept of 'Confidence in the connected world',

digital security solutions major Symantec is growing rapidly and expanding

aggressively. Symantec is making big investments in India in terms of manpower

and intends tapping a larger pie of the Indian security solutions market. The

company has recently launched its second R&D facility in India, based out of

Chennai. The new innovation center will accommodate 1,000 employees who will

compliment the company's existing center of innovation in Pune, which has

2,100 employees. The Chennai center will play a significant role in developing

innovative products and services across Symantec's portfolio and focus

extensively on developing next-generation Security 2.0 products, including the

famed Norton product line.

Symantec's chairman and CEO, John W

Thompson, was recently in Chennai to inaugurate the company's Chennai

center. Thompson has grown Symantec from a small consumer software entity to a

market leader for security and availability solutions aimed at helping customers

to manage their digital assets. In September 2002, US President, George W Bush,

appointed Thompson to the National Infrastructure Advisory Committee (NIAC) to

make recommendations regarding the security of US' critical infrastructure. In

an exclusive interaction with Dataquest, Thompson talks about Symantec's

role in enabling customers to proactively manage their digital assets, whether

it is desktops, notebooks, servers, storage or mobile devices. Excerpts

How do you feel about visiting India?



Every time I come here, I see incredible growth and vitality. Our company is
much about access to talent. In India, our employee size grew by 30%, against

the overall company's HR growth of 11%. This speaks of our commitment to the

Indian market. Expanding into any country is indeed a challenge, and India is no

exception. The first premise is in finding an answer to: How do I get

established as a part of the local operating environment? And to attain this, we

need access to people who can influence outcomes that will help move our

business value. So, we took help of the local government and other partners who

made this center possible.

Managing the end-point has indeed become a challenge today. How

is Symantec addressing this issue?



Our idea as a solutions company is to un-bundle the complexity coming out of
heterogeneity. For instance, if you take the typical data center, it's

populated with a range of devices-Windows, UNIX, Linux and their variants.

What we do is to take the complexity out: the end-point, historically, is

dominated by Windows. However, what emerges or is clear at the end-point is less

about platforms and more about what the user is doing. This represents a huge

opportunity for us to deliver different technologies, that runs not just on

Windows but on diverse devices and OS. For instance, we have just launched

Version 5 of our mobile product that runs on Symbian and Windows Mobile. It's

more about small form factor devices getting the same rich features of a

PC-based environment. Heterogeneity of IT infrastructure represents a great

opportunity for us.

What about Mobile devices and the opportunity for Symantec?



We believe that security for mobile devices represents a great opportunity
for us. Today, users are migrating from a typical PC-based to a multi-device

usage experience. Even in the context of India, huge mobile subscribers added in

millions every quarter represent a huge opportunity.

What is the world beyond firewalls and anti-virus?



The practical answer is in having a larger security strategy. Ultimately,
what we are doing is to protect data, and this means a need to move security

techniques and technologies closer to where data is managed and manipulated. So

encryption technologies-key management technologies-are the ones going to be

important, and will assume another layer to the traditional firewall and virus

solutions. If you look at the most recent trends, large infrastructure software

companies have decided to add security capabilities to their portfolio, which in

my mind underscores this notion that security is no longer a watch room, rather

it has to be built into the application and the very infrastructure.

Are you saying that enterprises need a risk management strategy?



We certainly think that one should think about IT risk management, and
security is one component of that. In the IT risk paradigm the constituents are

aspects like security, compliance, performance, and availability risks. Hence,

an IT organization must have a strategy to deal with all these risks through a

managed strategy. I believe compliance is a very important constituent as

industry and the governments' increasingly say that you need to comply with a

set of rules and guidelines. So here we enable enterprises to manage security,

compliance, and risk.

Do you think there is a convergence of security, storage, and

systems management?



That's the very space we target. We call it infrastructure software
opportunity. Systems, security, and storage management-it's a collection of

software that sits above the OS and below the application; and customers make

huge investments here. And this is the opportunity Symantec is targeting. What

we do is take out the complexity and cost out of the IT infrastructure and usher

in capabilities to meet compliance also. In the process we are also addressing

niche areas like solutions for security threats coming from within. We have

recently launched a brand new product called database security that addresses

this very important but niche domain. These are extension of our Web-based core

security products.

And, managed security services?



We have a very healthy managed security services business around the world.

It's growing at about 20% over the last few years, and our focus here is on

monitoring and managing technologies. Our managed services also show the high

degree of confidence clients have in our technology and services.

Any product company has to deal with piracy, what are your

thoughts here?



I am in favor of any initiative aimed at stopping piracy. Industry and the
governments should work together to stop piracy of all digital media. We work

closely with an organization called Business Software Alliance (BSA) across the

world, and help them and the governments in countries they operate in. BSA is

very active in India and I understand that with their initiatives piracy levels

in India have come down. My view on piracy is that as long as economies do not

have IP-based infrastructure, they do not care about piracy. But India is

playing a bigger role in IP creation and working towards stopping piracy.

Finally, who creates these viruses?



Well, frankly, I don't have an answer. But what started as kids' games
has indeed become big. The point I would like to stress here is the sea change

in threat levels. It's no longer just viruses. There are threats like 'phishing'

that lead to fraudulent money transfers and identity theft. As a security

solutions company, we are providing technologies and services that protect

companies' digital assets in all possible ways.

Ibrahim Ahmad

and Shrikanth G



maildqindia@cybermedia.co.in