Articles on this Page
- 03/24/17--01:39: _賽門鐵克支持其CA
- 03/26/17--12:01: _A Message To Our CA...
- 03/23/17--07:54: _OPM Breach Costs Co...
- 03/28/17--07:40: _Necurs: Mass mailin...
- 03/23/17--08:01: _A Developing Cyber ...
- 03/28/17--19:12: _Necurs: 大宗邮件发送僵尸网络回...
- 03/29/17--10:29: _WEBINAR: Symantec E...
- 03/29/17--10:40: _WEBINAR:
- 03/29/17--14:19: _Channeling my Passi...
- 03/29/17--21:00: _Necurs: メールを大量送信するボ...
- 03/30/17--06:04: _Free Nintendo Switc...
- 03/30/17--22:20: _免费任天堂Switch模拟器以假乱真
- 03/31/17--01:21: _無料の Nintendo Switch...
- 03/31/17--13:20: _Joining Forces with...
- 04/04/17--09:25: _Inspiring Solutions...
- 04/04/17--21:50: _End of Support Life...
- 04/05/17--14:23: _Searching for a New...
- 04/06/17--09:58: _Inspired, United, I...
- 04/06/17--15:14: _IMPORTANT UPDATE: S...
- 04/10/17--06:00: _Longhorn: Tools use...
- 03/24/17--01:39: 賽門鐵克支持其CA
- 03/26/17--12:01: A Message To Our CA Customers
Over time, Symantec would need to revalidate and reissue previously issued certificates
Maximum validity of newly issued Symantec Certificates would be reduced to 9 months
Extended Validation (EV) treatment of Symantec certificates would be removed for at least one year
- 03/23/17--07:54: OPM Breach Costs Could Exceed $1 Billion
- 03/28/17--07:40: Necurs: Mass mailing botnet returns with new wave of spam campaigns
- 03/23/17--08:01: A Developing Cyber Strategy
- 03/28/17--19:12: Necurs: 大宗邮件发送僵尸网络回归伴随着新一波垃圾邮件活动开始
- 03/29/17--10:40: WEBINAR:
- 03/29/17--14:19: Channeling my Passions through a Lifetime of Giving Back
- Most people do not know that at one time in my life I wanted to be a teacher and even took the California Basic Educational Skills Test to become credentialed. Last year, Symantec requested additional volunteers to support the TutorMate partnership through Innovations for Learning. I immediately answered this call.
- The Culver City Senior Citizens Association provides a variety of educational, recreational and social services that meet the needs and interests of seniors and residents with disabilities and all members of the general community. The numerous programs and services offered provide access to information and support as well as opportunities for participation in activities that lead to personal growth, improved health and enriching life experiences. I have volunteered for the Association’s Senior Technology Days helping the elderly gain skills and learn how to leverage technology. Again, skills we take for granted go a long way to providing satisfaction and further independence to seniors.
- Through Culver Palms Meals on Wheels, I have supported providing nutritious meals at an affordable price to persons who are confined to their homes because of illness, accident, convalescence or age. With Meals on Wheels I have also had opportunities to apply my skills in Excel, database management, and Word to strengthen the activities of the organization.
- Additional organizations I’ve volunteered with include Our House Grief Support Center, which provides community grief support services, education, resources, and hope. Since 1993, Our House has helped thousands of grieving children, teens, and adults as they embark upon their journeys to hope and healing. Additionally, Angel City Pit Pulls, an organization dedicated to creating a better future for pit bulls through education, public advocacy, adoptions, and owner support.
- 03/29/17--21:00: Necurs: メールを大量送信するボットネットが、内容を変えてスパム活動を再開
- 03/30/17--06:04: Free Nintendo Switch emulators are fake
- 03/30/17--22:20: 免费任天堂Switch模拟器以假乱真
- 03/31/17--01:21: 無料の Nintendo Switch エミュレータを謳う詐欺にご注意
- 03/31/17--13:20: Joining Forces with Customers for Online Safety
- 04/04/17--09:25: Inspiring Solutions that Transform Communities
- 04/04/17--21:50: End of Support Life for Endpoint Protection 12.x
- Endpoint Protection 12.x clients will no longer be able to download updates from Symantec LiveUpdate or an internal LiveUpdate Administrator.
- Endpoint Protection 12.x clients can still obtain virus definitions from a 14.x Endpoint Protection Manager. This is not a recommended or supported configuration, and should only be considered to maintain protection while completing the upgrade to SEP 14.
- Intrusion Prevention, Proactive Threat Protection and all other content will not be available for download through any means.
- Endpoint Protection 12.x will no longer be supported by Technical Support.
- If a problem does occur, your only course of action with Technical Support will be to upgrade to Endpoint Protection 14. All other requests for support will be denied.
- 04/05/17--14:23: Searching for a New DLP System?
- Please describe how your role supports Symantec's Corporate Responsibility initiatives and strategy – both globally and within your region?
- How did you move into this role? Was it due to a personal passion/interest, development opportunity, project opportunity?
- What advice would you give to encourage employees to become involved in corporate responsibility at their company? Especially those that may not feel their knowledge/skills are relevant, or understand how corporate responsibility relates to what they do?
- 04/06/17--15:14: IMPORTANT UPDATE: Status of Symantec’s Distribution GTM Changes
- 04/10/17--06:00: Longhorn: Tools used by cyberespionage group linked to Vault 7
In connection with the statement posted to Symantec’s Blog on March 24, 2017, Symantec has been reaching out to its customers. The text of our most recent customer communication is below:
On March 23, Google posted a blog on a public forum outlining a set of proposals targeted at Symantec SSL/TLS certificates. This was unexpected, and I wanted to reach out to explain what this proposal means for Symantec customers and how we will respond to Google’s proposal, if implemented, in order to ensure business continuity for you. I also want to address Google’s claims about Symantec’s certificate issuance processes and reaffirm our continued commitment to transparency of our practices as a public certificate authority.
First and foremost, I want to reassure you that you can continue to trust Symantec SSL/TLS certificates. Google has outlined proposals, not actions. We object to its proposals and intend to engage with Google to work through its concerns.
To be specific, the key terms of Google’s proposal are as follows:
In the event Google implements its proposal, Symantec will ensure your websites, webservers or web applications continue to work across browsers. Specifically, this may require Symantec to reissue your certificates, which we would do as needed, at no charge to you, to meet the fully expected validity period. In addition, Google’s proposal requires shorter validity certificates, which we would support. We anticipate Google may attempt to impose this shorter validity period on the entire industry, as they have previously tried to do so through an initiative at the CA/Browser forum that was voted down. Shorter certificate validity periods increase customer expense, which we are working to reduce by making considerable investments in automation. We would work with our customers to provide tools to manage any validity period changes that Google might unilaterally impose.
Finally, while Google and Chrome have long been working to remove special treatment for EV certificates in general, other browsers continue to recognize it. We will continue to work with Google and other members of the CA/Browser forum on security best practices for the industry. Our customers get value from the extensive validation on our EV certificates, and derive meaningful results from them. Our brand is powerful: our certificates secure more than 80% of ecommerce revenue and our Norton Shopping Guarantee on average increases ecommerce revenue by more than 5%.
We are proud to be one of the world’s leading certificate authorities. We operate our CA in accordance with industry standards. We maintain extensive controls over our SSL/TLS certificate issuance processes and we work to continually strengthen our CA practices. We have substantially invested in, and remain committed to, the security of the Internet. Symantec has publicly and strongly committed to Certificate Transparency (CT) logging for Symantec certificates and is one of the few CAs that hosts its own CT servers. Symantec has also been a champion of Certification Authority Authorization (CAA), and asked the CA/Browser Forum for a rule change to require that all certificate authorities explicitly support CAA. Our most recent contribution to the CA ecosystem includes the creation of Encryption Everywhere, our freemium program, to create widespread adoption of encrypted websites.
Google’s blog statements about our issuance practices and the scope of our past mis-issuances are exaggerated and misleading. For example, Google’s claim that we have mis-issued 30,000 SSL/TLS certificates is not true. In the event referred to by Google, 127 certificates – not 30,000 – were identified as mis-issued, and they resulted in no consumer harm. We have taken extensive remediation measures to correct this situation, immediately terminated the involved partner’s appointment as a registration authority (RA), and in a move to strengthen the trust of Symantec-issued SSL/TLS certificates, announced the discontinuation of our RA program. This control enhancement is an important move that other public certificate authorities (CAs) have not yet followed.
We do not believe Google’s proposal is in the best interest of the Internet community. We are working to resolve the situation with Google in the shared interests of our joint customers and partners.
In closing, we take certificate issuance very seriously. The events that prompted Google to propose these changes have been addressed with the utmost transparency. We are working hard to ensure that this proposal does not create disruption for you. Please let me know if you would like to schedule a call.
Executive Vice President & GM, Symantec Website Security
Greg Touhill, less than a week after his resignation as the first government-wide chief information security officer (CISO), estimated that the cybersecurity breach at the Office of Personnel Management (OPM) could cost the government more than $1 billion in identity management solutions over the next decade.
Speaking at the Institute for Critical Infrastructure Technology’s Winter Summit, Touhill helped give a little more insight into the potential financial cost of the 2014 breach. OPM issued a contract in 2015 that could be worth more than $500 million to provide credit monitoring to the more than 21 million people affected by the breach.
The OPM breach offers two key learning opportunities for the Trump administration, even two-plus years after it happened. First, the breach shows not only the personal impact on citizens, but also the financial crunch on government. Touhill’s $1 billion estimate is just part of what the total cost will be to government, an amount that may not be fully known for many years to come.
Second, the OPM breach can serve as a warning to take future threats seriously. The Trump administration has already issued an outline of its cybersecurity policy. As the administration takes root, equipping agencies with the right tools and policies will be paramount. The OPM breach is the worst government cyberattack in history, but one that could be repeated without proper care.
Data loss prevention (DLP) has been proven to be one of the best tools to mitigate the possibility of a significant breach like we saw with OPM. DLP can restrict confidential information like logins and passwords from leaving the safety of the network. It can also prevent data breaches from becoming major incidents, monitoring what confidential information is leaving a network’s endpoints. Additionally, it allows security staff to determine what was compromised, through what channel and more. DLP solutions protect the one thing that hackers want: data.
By placing a focus on incorporating DLP solutions into an overall cyber strategy, the Trump administration can promote the reduction in cyber breaches, while reducing their severity – and financial implications – at the same time.
For more information about DLP, read this report.
Unexplained three-month absence resulted in a seven-fold decrease in rate of emails containing malware.
President Trump held a listening session with officials and outlined cyber priorities during a January 31 meeting as the administration focuses on putting together a more comprehensive cybersecurity strategy.
Federal Computer Week reported on the meeting, including a number of details that the cyber community will be happy to see. First and foremost is an understanding from the Trump administration of the importance of cybersecurity along with an approach that builds upon existing cybersecurity efforts.
The Trump administration has also spent time working on a cybersecurity executive order that will require agencies to implement the National Institute of Standards and Technology cybersecurity framework to manage risk. And, the administration also plans to conduct four separate cybersecurity reviews. These will look at cyber vulnerabilities and recommendations for protection; an assessment of the capabilities of cyber adversaries; a look at federal cyber capabilities; and a plan to work with the private sector to boost public-private information sharing.
"We must work with the private sector - the private sector is way ahead of government in this case - to make sure that owners and operators of critical infrastructure have the support they need from the federal government to defend against cyber threats," Trump said at an event to discuss his administration’s early cyber efforts.
All of these are positive steps. As the FCW story suggests, the Trump administration is taking a thoughtful and thorough approach to setting up a cybersecurity policy. While it is one thing to rush policies into place, the administration appears to be learning from experts in the field and then making decisions based off those conversations.
That is the best way to ensure that the nation’s cybersecurity roadmap is clear.
Throughout these reviews, the Trump administration will consider many things. At the top of their list should be a robust cloud security approach. While the administration has shown a desire to cut government spending, an increased use of cloud computing could help do that, at least when it comes to information technology. Agencies have been slower than the private sector to move to the cloud because of security concerns, something that has been addressed, but never fully fixed.
At Symantec, we’ve championed a consume, build and extend model to going to the cloud. While there are many methods for cloud security, we’ve found this to be one that allows organizations to use cloud services with confidence while not becoming so restrictive that the cloud loses its advantages. We congratulate the Trump administration on the steps they’ve taken so far in cybersecurity and believe with the right focus can continue to improve the government’s overall network security. Working cooperatively with industry as the administration’s cyber policy progresses will only strengthen the government’s ability to “move the dial” in protecting its assets and information.
WEBINAR: SEP 14: Part 4 of 5: Easy Ways to Improve Your Security Posture
TIME: 10:00 AM PT / 1:00 PM ET
SPEAKER: Kirk Gibbons, System Engineer, Symantec
5-Part Webinar Series: Endpoint Protection…what really matters?
Part 4 of 5: Easy Ways To Improve Your Security Posture
Effective communication between the network and the endpoint is critical to quickly identifying advanced threats and preventing the spread of infection. The more automated the process the less damage an attack can do.
Join use to learn what tight integration between Symantec Endpoint Protection and Secure Web Gateway looks like. You will discover:
•Why tighter integration between the network and endpoint improves security posture
•How new REST APIs help orchestrate a rapid response at the endpoint
•What the future plans are for new APIs, integrations, and global threat intelligence
Lastly, watch a demo that showcases how easy it is to integrate Symantec Endpoint Protection and Secure Web Gateway and what orchestrated response looks like.
Register Today: Click Here
• Symantec Endpoint Protection 14 Webinar Series Part 1 of 5: Addressing Unknown Threats with Advanced Machine Learning http://bit.ly/SEP14Series0126
• Symantec Endpoint Protection 14 Webinar Series: Part 2 of 5: Block The Risk Of Ransomware http://bit.ly/Part2Webinar0223
• Symantec Endpoint Protection 14 Webinar Series: Part 3 of 5: Achieving Zero-Day Attacks and What To Do About It http://bit.ly/Part3Webinar0323
TIME: 10:00 AM PT / 1:00 PM ET
SPEAKER: Ken Durbin, CISSP Strategist: CRM & Threat Intel, Symantec
Considered the gold standard for cybersecurity, the National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF) is being utilized by the Federal Government agencies to reduce risk.
Key Learning Objectives:
•Overview of the NIST CSF
•How the NIST CSF is currently being used by the Federal Government to compliment The Federal Information Security Management Act (FISMA )
•Possible future use cases
Join this webcast for a review on best practices for the NIST CSF being utilized by Federal, State and Local Government
Symantec’s Volunteer of the Quarter initiative highlights and rewards those employees who dedicate their time and talents to those in need. We have a long and proud history of encouraging our employees to volunteer. While the driving force of our efforts is largely altruistic, there is even more to volunteering than giving back to our communities. Volunteering makes our company a better place to work, so employees are helping both Symantec and the organizations they volunteer for.
Today we highlight Yvette Washington, Sr. Business Operations Analyst at Symantec who has a 20-year history serving her communities.
Symantec’s Volunteer of the Quarter Yvette Washington shares her story of giving back for the past 20 years.
You know when you meet that person who seems like they have done every job under the sun? I am that person when it comes to volunteering. For over 20 years, I have been volunteering ten hours per month to a number of different causes, including one-off opportunities that interest me. Whether leveraging my technology skills to educate seniors, setting up for events, leading arts and crafts activities, supporting animal protection, assembling backpacks for camping trips, conducting office work, gardening, painting. You name it, I have done it.
I volunteer because I choose to make a positive difference in someone else’s life and in doing so I get the benefit of having my life changed as well. Additionally, volunteering has allowed me to apply myself in areas I have always been passionate about such as education. Lastly, I have realized the potential impact of my skills and expertise outside of primary day job. For example, I apply my technology know-how to support seniors increase their knowledge and use of technology, support nonprofits by leveraging my skills in Excel, database management, and Word, and I have learned to build and manage teams more effectively.
We often take our core professional skills for granted as we use them every day. However, remembering that not everyone has the skills themselves or that every organization has the resources to recruit them, will expand your perception of how you can help and give back. Additionally, most of us find enjoyment doing what we do best, especially when it is helping others.
Over the past twenty years, my outlook on life has been impacted by my involvement with various organizations (including, but not limited to):
Innovations for Learning is a national nonprofit that has been working for more than 20 years to help primary grade teachers be more effective in their pivotal task of teaching students to read. TutorMate, a program of Innovations for Learning, is one of the nation’s leading online volunteer tutoring programs helping tens of thousands of first grade students in low income communities learn to read. A great part of TutorMate’s platform is you can volunteer from anywhere. Your home, your desk, anywhere that fits your schedule. Through the online platform over 200 leading corporations and organizations are supporting literacy for low-income students.
This volunteer opportunity is unique in that it has allowed me to fulfill one of my life long passions without even leaving the office.
People often ask how I find the time to volunteer. Seeing the direct impact that charities have on people has made me want to support these organizations. I have also been able to channel my passions through a lifetime of giving back and for this, I am grateful.
For Yvette Washington, Symantec Volunteer of the Quarter, managing teams and people management are two skills professionals can strengthen by taking part in collective efforts to give back.
Necurs が、理由不明のまま休止していた 3 カ月の間、マルウェアを含むメールの比率は 7 分の 1 にまで減少していました。
Fake emulators for newly released Nintendo console used as bait to get users to fill out survey scams and download potentially unwanted applications.
At Symantec, we operate one of the world’s largest cyber intelligence networks, which means we see more threats and protect more customers from the next generation of attacks. We help companies, governments and individuals secure their most important data wherever it lives. As we engage in assisting customers, we instill our brand vision, mission, and values into every interaction.
Cyber security is a critical issue facing businesses, institutions, and individuals across our global society. In 2015 alone, we saw a record setting total of nine megabreaches of personal data, and the reported number of exposed identities jumped to 429 million. While protecting information is the purpose of our business, we also believe it should be a central element of corporate responsibility for every company in the digital age. Through our Global Intelligence Network, made up of more than 63.8 million attack sensors recording thousands of events per second, and the monitoring of threat activity in more than 157 countries and territories, we are continually serve the security needs of our customers.
In addition to educating our customers on how to leverage our world-class cybersecurity products, we often seek opportunities to educate them, their families, and communities on personal cybersecurity.
For example, as part of our community efforts to promote online safety, Symantec’s Saudi Arabia office recognized an opportunity with customer Saudi Electricity Company to offer online safety education to employees and families of the country’s primary electric utility company. With digital transformation core to the country’s “2030 Vision” safety online is a top priority for corporations and community leaders. The initiative also helped support the company’s own CR efforts for community engagement offering online safety training for children and employees of the company.
Leveraging Norton’s Online Safety in the Community materials as well as those developed in partnership with partner Common Sense Media, volunteers from Symantec’s Saudi office dedicated time to developing and localizing content for over 20 online safety sessions. In November and December of last year alone, they offered 12 Internet Security Awareness sessions across four main cities, supported by 36 Symantec volunteers.
To date, through the partnership with Saudi Electricity Company, Symantec has offered training for more than 100 children ages 6-18 years, along with 52 Saudi Electricity Company employees.
Throughout the events, we found that students and families were very interested in the subject, especially with regards to cyberbullying as the subject is not often openly discussed. For example, the students shared examples of cyberbullying among friends and were very interested how to identify and deal with such incidents.
Corporate responsibility (CR) is a key component of Symantec’s brand vision, mission and values, and strengthens our ability to build trust and loyalty with our stakeholders, including customers. Many people, including our customers, may assume that CR is a separate part of our business, when it is often integral to the value we offer customers and demonstrates our shared desire to making our world a safer place.
Symantec partners with Saudi Electricity Company to provide online safety education to employees and their families.
Eyas Hawari is Symantec’s Country Manager Saudi Arabia
 Symantec ISTR Report, Volume 21, 2016
At Symantec, we believe that together, we have the power to change the world and make it a better, safer place. We connect our business to society, supporting nonprofits and other community organizations through grants and software donations. Core to this is providing support to the communities we operate in across the world.
Located among one of the world’s epicenters for business and technology, the business community of Mountain View has continued to thrive, however, not without its challenges. From improving access to community resources, to ensuring equal opportunities for quality education and healthcare, to rising rental costs, Mountain View is similar to most communities where opportunities for improvement lie.
Enter Inspire Mountain View, a contest to inspire innovation that makes Mountain View, the location of our corporate headquarters, a more compassionate and equitable community, and a better place to work and play. We are excited announce a $50,000 sponsorship of the contest that will uncover top solutions to strengthen the community either lead or sponsored by nonprofits.
Highlighted in a February article on the challenge by local media The Mountain View Voice, "We're calling on all innovators, creators and dreamers who want to make Mountain View a better place," said Joe Eyre of the Los Altos Community Foundation, managing partner for Inspire Mountain View. "The whole idea here is to make the community more compassionate, equitable and a better place to live and work."
Symantec joins three other leading Silicon Valley technology peers supporting the contest – Google, LinkedIn and Synopsys.
A total of $175,000 will be awarded in three grants of $25,000, $50,000 and $100,000. Voting is open to the public from any location, region, country and runs from April 4 – 21, with the winners in each category announced on May 3rd.
Join us to become inspired by the creative and innovative ideas of others, and to support a competition for community changing solutions!
Symantec have published a document stating the End Of Life for Symantec Endpoint Protection for 12.X.
The URL has all the details of the dates, differences between SEP 12.x & SEP 14 and most frequently asked question. SEP administrators should start planning the upgrade of the SEP 14.End of Support Life for Endpoint Protection 12.x
What April 3rd, 2021 means to you
The benefits of upgrading to Endpoint Protection 14 go well beyond the end of virus definition updates, security updates, and technical support for version 12.x. Endpoint Protection 14 provides overall improved security and better protects your environment today, as well as tomorrow.
It's a familiar refrain: Cloud services and mobile devices have made the challenges of safeguarding company data even more acute. Sensitive information now travels far beyond the relative safety of in-house networks into consumer cloud storage services where it's accessed by employees using unsecured mobile devices.
Yet while these risks are well understood, the number of data breaches continues to rise. A combination of greater security complexity and motivated cybercriminals has made the management and protection of corporate data increasingly more challenging.
One way to maximize protection against data loss and theft is the deployment of an advanced data loss prevention (DLP) solution. To help you effectively protect your organization, we've listed the following seven key features to look for when evaluating a DLP system.
1. Content-aware detection capability
One of the cornerstones of sound security is the ability to detect, with great accuracy, all of the confidential information in an organization — whether that information is at rest, in use, or in motion. More specifically, advanced DLP systems should possess the ability to fingerprint structured data sources, use fingerprinting techniques to uncover confidential information in unstructured data (such as Microsoft Office documents, PDFs and JPEGs) and detect content by looking for matches between keywords, expressions, patterns and file properties.
Additionally, the most advanced DLPs employ vector machine learning to protect intellectual property that may be challenging to describe due to subtle characteristics (think source code or financial reports). This type of rare or difficult-to-describe content is detected using the statistical analysis of unstructured data to compare it to similar content or documents.
By employing these content-aware detection capabilities, organizations can find confidential data stored virtually anywhere and in any format, while greatly reducing false positives.
2. The ability to define and enforce policies across an entire environment
These days data is dispersed across a variety of devices and storage environments, making the ability to consistently define and enforce policies an imperative. The best DLP solutions combine a unified management console with a business intelligence reporting tool, providing the ability to write policies and enforce them everywhere while reducing information risks.
This setup provides the functionality to define data loss policies, review and repair any incidents, and conduct basic system administration across all endpoints, mobile devices, cloud services and on-premise systems. Additionally, the best solutions provide a robust analytics tool that allows for ad hoc analysis and advanced reporting. Users can extract and summarize system data to create reports and scorecards for various organizational stakeholders.
These features ensure consistent policy application and the ability to take action, when the need arises, to safeguard sensitive data.
3. Strong protection and monitoring features for cloud-based storage and email
The cost savings and added flexibility offered by cloud migration are enticing benefits. Yet it's critically important to reap these rewards without compromising in terms of visibility and the control of sensitive business data. That's why the most sophisticated DLP solutions give you enterprise-grade protection and monitoring for cloud-based storage and email.
These features assist in secure collaboration among employees but with deep visibility into files that users store and share on Box, for example. Users can tap into powerful content discovery tools to quickly scan Box Business and Enterprise accounts in an effort to see what's being shared, stored and used — then remediate policy violations as they are discovered.
An advanced DLP solution should also have the capability to monitor and protect sensitive information transmitted via email, making sure of quick detection of sensitive data and the subsequent notification of users creating policy violations. Suspect emails should be redirected to a secure encryption gateway or blocked in real time to prevent leakage of the most sensitive information.
4. Securing data on traditional endpoints
The emergence of mobile and cloud hasn't lessened the need to protect traditional endpoints, which continue to serve as a critical repository for confidential business data. The best DLP solutions include the functionality to monitor, discover and protect information on desktops, whether traditional or virtual, as well as off or on corporate networks.
The right DLP solution should include features for local scanning, detection and real-time monitoring for a variety of events across a range of operating systems. It should also enable the monitoring of confidential data that is being copied, downloaded or transmitted between laptops and desktops, whether it involves applications, email, cloud storage or removable storage.
Additionally, the use of multiple scanning options (such as idle and differential scanning) to increase performance, and pop-up notifications in the event of a policy violation, are desirable features that help ensure endpoint users are fully protected.
5. Full protection for mobile devices
Today the line between our business and personal lives has grown very blurry, thanks in large part to our mobile devices. Users want (and expect) to be able to access sensitive business data where they want and how they want — which often means they'll use personal devices to do so.
A powerful DLP solution can help businesses make concessions to today's evolving business norms without sacrificing security by offering monitoring and protection functionality to all iOS and Android devices, regardless of ownership. The ability to monitor and detect when users are downloading confidential material to their iOS and Android devices — and to prevent such transmission when necessary — is imperative for full mobile security.
6. An answer to the problem of unstructured data
Unstructured data presents a real challenge — it represents the vast majority of all data and it's growing at a rather jaw-dropping rate of 70 percent annually. Given this growth, it's no surprise that organizations find it difficult to manage and protect this data effectively.
The most advanced DLP solutions, however, help tackle this problem by letting organizations take control of their unstructured data, making it less vulnerable to cybercriminals and less-than-diligent employees. The first step is a rigorous scan of databases, network file shares and other repositories, using cutting-edge technology that can recognize hundreds of different file types based on the binary signature of the file.
The best DLP solutions then have the power to automatically secure any exposed files that are detected, making sure to quarantine or move files, or apply policy-based encryption and digital rights to specific files. Custom file remediation options — and easy integration with third-party security solutions — are also key features.
Finally, a data governance tool that's designed with unstructured data environments in mind can offer you highly actionable intelligence into data ownership and usage. By discovering confidential files, identifying data owners and understanding access history and file permissions, you can illuminate "dark data" by shining a light on the data in your environment, ultimately gaining the ability to see who owns it, who can access it and how it's being used.
7. Protection for data in motion
Studies show that half of all employees use personal accounts to handle work email. Given this, it's hardly surprising that emails and the web are where most data gets lost. By investing in an advanced DLP solution, however, you can significantly reduce the odds of this occurring by monitoring a wide range of network protocols and preventing users (both authorized and otherwise) from mishandling data.
The right DLP solution can detect confidential information over a range of protocols (HTTP, FTP, SMTP, custom port-specific protocols, etc.) while providing thorough content inspection of all communications without packet loss (some solutions will sample packets during peak loads, but this creates a greater risk for false negatives).
Additionally, inspections of business email and outbound web traffic for confidential data — with subsequent notifications for policy violation — are a fundamental feature for protecting moving data.
Cloud and mobile have conferred profound benefits on today's organizations — yet they've also raised the ante in terms of security. To give your business maximal protection against data loss and theft, make sure your next DLP system offers the seven core features outlined above.
From increasing the diversity of our workforce and industry to reducing our environmental impacts to empowering our communities through philanthropic investments and volunteering, corporate responsibility (CR) touches every aspect of Symantec’s business. We’ve defined our strategy and are continually working towards our goals to operate as a responsible global citizen.
In addition to our dedicated global corporate responsibility team, every day Symantec employees across countries and business units collaborate to deliver on our mission of protecting our customers, our communities and our planet.
We are happy to feature a quarterly series – Inspired, United, Ignited: Symantec’s Corporate Responsibility Champions- that profiles stand out examples of our how our employees directly contribute to the implementation of our CR strategy. Some are leaders in our CR team, members of our Green Teams or champions for our employee resource groups, others are innovating to address needs in their function or region. All are inspiring others, uniting communities and igniting change to make Symantec a leading corporate citizen and to make our world a safer place.
Today we highlight Fran Rosch, Executive Vice President and General Manager of Consumer Business Unit at Symantec, passionate about supporting Symantec’s corporate culture of responsibility.
I want to create an organization that is supportive of volunteerism and other corporate responsibility (CR) activities. Where our leaders walk the talk and demonstrate to employees that CR is a core value of the company, that we are making room for our employees to contribute to our CR initiatives or those they are passionate about.
To achieve this, we are embedding volunteerism into how we do business, using it as a way to empower employees, to channel their passions and to connect with each other in new ways. Just as relationships are built jointly achieving business goals, they can be built and strengthened achieving impact for our communities.
We have set a goal to reach four hours of volunteer time per employee. At present, 22.1% of employees log at least four hours of volunteer time through our support of over 200 nonprofits.
As the executive sponsor of Symantec’s LGBT employee resource group PRIDE, diversity of our workforce is a personal passion. I am working with global diversity leaders to ensure that the business identifies targets and diversity is integrated into recruiting and retention plans. I believe we have come a long way, but still have much farther to go.
Participating in activities helps us move forward as a business. I have seen the power of volunteering, the joy and satisfaction after returning from an activity. I also see the direct benefit of diversity on teams on a daily basis. We don’t thrive when we all bring the same perspective and experiences to the table. The more diverse we are – whether it is socioeconomic, gender, race, culture – the more ideas and options we present leading to successful growth and innovation.
Lastly, business is personal, and people like to buy from people, especially those that share your values and respect. I believe that universally people value organizations that share their values, support their communities. Diversity and community giving at Symantec is often a common ground where I connect with customers and business partners. A focus on creating social impact makes us more well-rounded as individuals and companies, it builds stronger relationships.
My passion for making a difference in the lives of others really stems from my childhood. I grew up in a family where inclusivity, respect and thought for others was central to our family ethos.
Sometimes you take for granted how the values instilled at a young age make an impact on your life later on. I was a brother to three sisters and there was never a differentiation in how we were treated, the expectations of us, the opportunities that our parents supported us in pursuing. That has played a direct role in my passion to ensure everyone is supported in this way, at Symantec and in the broader community.
I am in a very lucky position at Symantec. My broader responsibilities as a leader of Symantec's Consumer Business Unit has allowed me to take my passions for diversity and service and promote them throughout the organization. I have the opportunity to bring ideas to life and to hopefully positively influence on a large scale.
Additionally, having a dedicated team focused on CR and diversity makes all the difference. With a team looking at how corporate giving and diversity can strategically be embedded in our business gives that much more purpose to the individual actions of our employees. This team is constantly creating unique opportunities and employees appreciate this, they see the connection to our business and the world, and want to do their part to support this.
Fran Rosch, EVP and GM, Consumer Business Unit at Symantec shares his passions and inspiration for supporting a culture of corporate responsibility at Symantec.
First off,find your passion and channel it.
What has your personal and professional journey taught you? What passions have you developed along the way? How can those be applied to achieving impact.
Additionally, people get motivated in different ways – some thrive on a busy schedule, some are most productive if they feel like they have a balanced life. Find the balance that works for you.
One person cannot do everything and we are all extremely busy in our professional and personal lives. I can’t, and don’t, take part in every opportunity that comes my way. Find opportunities that suit you and your schedule, and don’t forget that every bit counts.
Instead, I look for ways that giving back can complement my role. For example, I encourage our business unit employees to bring CR opportunities to team meetings. Whether it is supporting STEM education or going to the Food Bank, it is a great way to get to know each other. We often integrate giving opportunities into off sites for those who may not be aware of opportunities or be able to take the time outside of office hours.
Additionally, Symantec has done much of the hard work of finding and developing points of engagement. All you need to do is take part! For example, our employee resource groups (ERGs) offer activities around specific areas such as LGBT or gender diversity, supporting our young professionals. Through Global Service Week you can take time off to volunteer, the matching grant program means that your donations are automatically doubled, and through Dollars for Doers volunteer hours are matched with donations.
Through all of this your impact is multiplied – meaning your one hour a year, or one hour per week, can always go one step further.
I hope you will join me, and thousands at our company, to find your passion for giving back, channel it and make a difference in the lives of others.
As you know, we have been hard at work integrating the Symantec and Blue Coat partner communities. I wanted to give you a quick status update on changes to our Distribution GTM.
We are in the process of integrating the Symantec and Blue Coat distribution partners into a single Distributor landscape. Strategically, we decided to fine-tune our Distribution GTM approach by partnering with fewer, more strategic Distributors who will provide more support to you during the sales cycle.
We are dividing our Distributors into a select few “Multi Geo” Distributors and a variety of Local Distributors. We also are awarding distribution rights to support only our SMB business, only our Enterprise Security business, or both. We have chosen our Distribution partners, awarded specific distribution rights, and are currently in the process of signing contracts with all of them.
I am happy to share that we’ve chosen our Authorized Distributors for the Enterprise Security business in North America: Ingram Micro, Synnex, and Westcon |Comstor.
I’ll share our selections for Authorized Distributors in the Small Business and Public Sector segments in a future communication. We expect contracts to be signed by mid-April. Once we are formally in contract with our strategic Distributors, we will post a list of Authorized Distributors on PartnerNet by April 15th.
Your Symantec Sales Representative will work closely with you to ensure your business is not disrupted during the rollout of our new Distribution GTM model. Rest assured, Symantec will honor open quotes issued in Q4 until these expire during Q1.
If you have any concerns whatsoever, please reach out to your Symantec Sales Representative or contact me directly at firstname.lastname@example.org
Thank you for your continued partnership.
VP Channel Sales, Americas
First evidence linking Vault 7 tools to known cyberattacks.