'Security for mobile devices represents a great opportunity for us'

Riding on the concept of 'Confidence in the connected world',
digital security solutions major Symantec is growing rapidly and expanding
aggressively. Symantec is making big investments in India in terms of manpower
and intends tapping a larger pie of the Indian security solutions market. The
company has recently launched its second R&D facility in India, based out of
Chennai. The new innovation center will accommodate 1,000 employees who will
compliment the company's existing center of innovation in Pune, which has
2,100 employees. The Chennai center will play a significant role in developing
innovative products and services across Symantec's portfolio and focus
extensively on developing next-generation Security 2.0 products, including the
famed Norton product line.

Symantec's chairman and CEO, John W
Thompson, was recently in Chennai to inaugurate the company's Chennai
center. Thompson has grown Symantec from a small consumer software entity to a
market leader for security and availability solutions aimed at helping customers
to manage their digital assets. In September 2002, US President, George W Bush,
appointed Thompson to the National Infrastructure Advisory Committee (NIAC) to
make recommendations regarding the security of US' critical infrastructure. In
an exclusive interaction with Dataquest, Thompson talks about Symantec's
role in enabling customers to proactively manage their digital assets, whether
it is desktops, notebooks, servers, storage or mobile devices. Excerpts

How do you feel about visiting India?

Every time I come here, I see incredible growth and vitality. Our company is
much about access to talent. In India, our employee size grew by 30%, against
the overall company's HR growth of 11%. This speaks of our commitment to the
Indian market. Expanding into any country is indeed a challenge, and India is no
exception. The first premise is in finding an answer to: How do I get
established as a part of the local operating environment? And to attain this, we
need access to people who can influence outcomes that will help move our
business value. So, we took help of the local government and other partners who
made this center possible.

Managing the end-point has indeed become a challenge today. How
is Symantec addressing this issue?

Our idea as a solutions company is to un-bundle the complexity coming out of
heterogeneity. For instance, if you take the typical data center, it's
populated with a range of devices-Windows, UNIX, Linux and their variants.
What we do is to take the complexity out: the end-point, historically, is
dominated by Windows. However, what emerges or is clear at the end-point is less
about platforms and more about what the user is doing. This represents a huge
opportunity for us to deliver different technologies, that runs not just on
Windows but on diverse devices and OS. For instance, we have just launched
Version 5 of our mobile product that runs on Symbian and Windows Mobile. It's
more about small form factor devices getting the same rich features of a
PC-based environment. Heterogeneity of IT infrastructure represents a great
opportunity for us.

What about Mobile devices and the opportunity for Symantec?

We believe that security for mobile devices represents a great opportunity
for us. Today, users are migrating from a typical PC-based to a multi-device
usage experience. Even in the context of India, huge mobile subscribers added in
millions every quarter represent a huge opportunity.

What is the world beyond firewalls and anti-virus?

The practical answer is in having a larger security strategy. Ultimately,
what we are doing is to protect data, and this means a need to move security
techniques and technologies closer to where data is managed and manipulated. So
encryption technologies-key management technologies-are the ones going to be
important, and will assume another layer to the traditional firewall and virus
solutions. If you look at the most recent trends, large infrastructure software
companies have decided to add security capabilities to their portfolio, which in
my mind underscores this notion that security is no longer a watch room, rather
it has to be built into the application and the very infrastructure.

Are you saying that enterprises need a risk management strategy?

We certainly think that one should think about IT risk management, and
security is one component of that. In the IT risk paradigm the constituents are
aspects like security, compliance, performance, and availability risks. Hence,
an IT organization must have a strategy to deal with all these risks through a
managed strategy. I believe compliance is a very important constituent as
industry and the governments' increasingly say that you need to comply with a
set of rules and guidelines. So here we enable enterprises to manage security,
compliance, and risk.

Do you think there is a convergence of security, storage, and
systems management?

That's the very space we target. We call it infrastructure software
opportunity. Systems, security, and storage management-it's a collection of
software that sits above the OS and below the application; and customers make
huge investments here. And this is the opportunity Symantec is targeting. What
we do is take out the complexity and cost out of the IT infrastructure and usher
in capabilities to meet compliance also. In the process we are also addressing
niche areas like solutions for security threats coming from within. We have
recently launched a brand new product called database security that addresses
this very important but niche domain. These are extension of our Web-based core
security products.

And, managed security services?

We have a very healthy managed security services business around the world.
It's growing at about 20% over the last few years, and our focus here is on
monitoring and managing technologies. Our managed services also show the high
degree of confidence clients have in our technology and services.

Any product company has to deal with piracy, what are your
thoughts here?

I am in favor of any initiative aimed at stopping piracy. Industry and the
governments should work together to stop piracy of all digital media. We work
closely with an organization called Business Software Alliance (BSA) across the
world, and help them and the governments in countries they operate in. BSA is
very active in India and I understand that with their initiatives piracy levels
in India have come down. My view on piracy is that as long as economies do not
have IP-based infrastructure, they do not care about piracy. But India is
playing a bigger role in IP creation and working towards stopping piracy.

Finally, who creates these viruses?

Well, frankly, I don't have an answer. But what started as kids' games
has indeed become big. The point I would like to stress here is the sea change
in threat levels. It's no longer just viruses. There are threats like 'phishing'
that lead to fraudulent money transfers and identity theft. As a security
solutions company, we are providing technologies and services that protect
companies' digital assets in all possible ways.

Ibrahim Ahmad
and Shrikanth G

maildqindia@cybermedia.co.in