Critical Infrastructure Security, Incident Response, TDR

From RSA: Symantec’s latest R&D

User education was the main theme weaving together Symantec's R&D in enterprise, consumer and SMB security during Monday's Symantec roundtable. Performance, identity, family safety and data loss prevention were the specific topics of discussion between Symantec and industry thought-leaders during the all-day meeting, which actually occurred around a long rectangular table at the Westin on Market.

Kevin Rowney, who founded Symantec's recent DLP acquisition, Vontu, showed bar charts produced by Vontu that show the amount of data loss violations per department. In this case, the largest red-line on the chart led to HR, something Rowney says is quite common. The reports make an excellent education tool and could be used with incentives for departments competing to get the best score on their data practices (see image).

David Mortman, CSO in-residence for Echelon One, recalled how he'd developed his own program a few years back at another company that informed a user of a data gaffe. “It'd say, ‘You just copied confidential data. Did you mean to do that?'” Mortman said. “After that we had a huge drop in that behavior.”

Vontu and other loss prevention vendors have automated this with educational pop-ups telling users how they just violated data use policy. In particular, Trend's DLP product also includes links to additional education should it be required.

Symantec also laid out a Norton family service plan that would enable the technically inclined to remotely administer computer security for their family members and friends who inevitably call when something's wrong. This latter development project of Symantec's could also play to the SMB space, says Michael Santarcangelo, II, founder, Security Catalyst, a security incubation firm in East Greenbush, N.Y.

Mortman, Santarcangelo and other participants saw great value in the ability to assist mom from home or work instead of having to drive over to mom's house whenever she calls. However, they worry about exploitation of the peer-to-peer connection Symantec would be brokering between the family IT administrator and the computers being managed.

Also on the consumer side, Symantec demonstrated a family safety software service alpha, in which families form online safety rules and a simple dialog pops up to tell a young user why mom won't let her talk to SLEAZY_BOY on the web until mom knows more about him. It would also enforce curfew, enforce safe search (blocking certain terms), and let parents know if their 14-year-old is posing as a 19-year-old on MySpace.

Again, attendees of the small gathering saw value in the service, particularly in the case of absentee parents. But they worried about the program being abused by overbearing parents (or spying spouses) or as a replacement for real-world parental supervision.

They were also concerned about the fact that Symantec, by acting as service provider for the family safety program, would control the data and meta data of surf, chat and other sessions that the program stores at a Symantec site. These are records and data that normally don't all exist in one place. Chat would be at the ISP, for example, search at the search engines, and so on.

These are all issues Symantec will be mulling as it plans to release new products along these lines. Symantec wouldn't specify release dates of any of these alpha and beta projects, but expect to see some of these new features appearing in Norton 09 for Windows, with Mac versions lagging sometime behind. 

For more coverage of the RSA Conference, visit our special RSA Conference 2008 microsite. It contains news and announcements from the show floor, as well as podcasts, video and opinion columns from keynote speakers and industry luminaries, like RSA Conference's Sandra Tom La Pedis and Tim Mather, Symantec's John Thompson and Kevin Haley, and IBM's Val Rahmani.

Deb Radcliff

Deb Radcliff was the first investigative reporter to make cyber crime a beat starting in 1996 after researching a best-selling book about Kevin Mitnick called the Fugitive Game. Since then, she has written hundreds of articles for business and trade magazines, won two Neal awards for investigative reporting, and was runner up for a third. She stood up an analyst program for SANS Institute and ran it for 15 years before joining the Cyber Risk Alliance as strategic analyst on the business intelligence unit. And she wrote her first book in a cyber thriller series, “Breaking Backbones: Information is Power,” which is selling well on Amazon and other outlets.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.