LAUNCH NOTIFICATION: PartnerAssist Transformation Assistance for NetBackup Catalog Manipulation (Update)
Overview
We are pleased to announce an update to the existing PartnerAssist Transformation Assistance for NetBackup Catalog Manipulation service. This service update includes updated IP artifacts and new automation tools which are utilized in providing support assistance with Catalog manipulation for NetBackup 7.5 software only implementations as well as for the majority of scenarios utilizing NetBackup Appliances. This service is available to eligible Partner Consultant’s for fee, effective January, 25th 2013. Please contact the PartnerAssist team on a per engagement basis to determine the number of service units (hence cost) required. This service is also available to Symantec Consultant’s, on an as needed basis.

寄稿: Joseph Bingham

数週間前にシマンテックは、航空宇宙/防衛産業に属するグループを標的にしたスピア型フィッシング攻撃の急増を確認しました。この攻撃で狙われた組織は少なくとも 12 を数え、航空機メーカー、航空管制局、政府、軍事企業などが含まれています。
 

図 1.航空宇宙/防衛産業を標的にしたスピア型フィッシングメール
 

攻撃者は、標的を選ぶ際に取締役や副社長といった要職にある個人を特定しています。電子メールの内容はいずれも同一で、航空宇宙/防衛産業の展望に関して 2012 年に発行されたレポートがエサとして利用されています。これは、元の電子メールがこのレポートを作成した企業から送られてきたように見せかけるためです。また、社内の従業員によって、あるいは対象となる産業に属する関係者から転送されたように思わせる工夫もされていました。

この電子メールに添付されている悪質な PDF ファイルを開くと、Adobe Reader の 'SWF' ファイルに存在するリモートメモリ破損の脆弱性（CVE-2011-0611）の悪用が試みられます。悪用に成功すると、悪質なファイルだけでなく、成功率を高めるために正常な PDF ファイルも一緒に投下されます。
 

図 2.ユーザーに表示される正常な PDF ファイル
 

投下される正常な PDF ファイルは業界レポートで、これはエサと考えられますが、不思議なことに攻撃者はわざわざこれに手を加えてブランド情報を削除しています。

正常な PDF ファイルの裏では、svchost.exe ファイルの悪質なバージョンが投下されます。このファイルが悪質なバージョンの ntshrui.dll を Windows ディレクトリに投下します。この脅威で使われているのが、DLL 検索順乗っ取りとして知られる手口です（ntshrui.dll は KnownDLLによって保護されていません）。svchost.exe ファイルが explorer.exe ファイルを呼び出すと、explorer.exe は Windows システムディレクトリにある正規の ntshrui.dll ではなく、Windows フォルダにある悪質な ntshrui.dll ファイルをロードします。シマンテックは、この svchost.exe ファイルと ntshrui.dll ファイルをどちらも Backdoor.Barkioforkとして検出します。

このバージョンの Backdoor.Barikiofork には、以下の機能があります。

• ディスクドライバを列挙する。
• osamu.update.ikwb.com にあるコマンド & コントロール（C&C）サーバーにアクセスする。
• システム情報を盗み出す。
• 後続の更新ファイルをダウンロードして実行する。

今回見つかったスピア型フィッシング攻撃から、攻撃者が高度な知識と組織力を備えていること、特に標的を誘うのにどのようなソーシャルエンジニアリングが最適かという情報の収集に長けていることが、いっそう明らかになりました。

各企業の皆様は、電子メールに関して万全のセキュリティ対策を講じるとともに、パッチ管理についても改めて見直してください。今回悪用された脆弱性に対しては、2011 年にすでにパッチが公開されています。

* 日本語版セキュリティレスポンスブログの RSS フィードを購読するには、http://www.symantec.com/connect/ja/item-feeds/blog/2261/feed/all/jaにアクセスしてください。

A few weeks ago, the Symantec Partner Communication team launched its first ever Google+ Hangout, “Cut the FUD—Debunking Common Misconceptions About Backup Exec” with the Symantec Backup Exec team. The result: an engaging 40-minute discussion for our partners on Backup Exec with in-house experts who dispelled common product-related misunderstandings.

But what are Google+ Hangouts you ask? Hangouts are video chats with up to nine people. They can be a powerful tool for businesses to get “face time” with partners and customers and talk about the issues that matter most to them. They can be prerecorded or live (which was the route we chose to go). For those looking for more specifics on Google+ and how to do a Hangout, check out a recent blog post we did on the subject.

Why did we do a Google+ Hangout? We wanted to create useful video content that our followers can learn from whenever, wherever. The beauty of a Google+ Hangout is that those who couldn’t join us live still have the opportunity to check out the conversation.  

So without further ado, check out the first ever  Symantec Google+ Hangout with the Backup Exec  team “Cut the FUD - Debunking Common Misconceptions About Backup Exec”.

If you’re interested in checking out any of our future Google+ Hangouts—or to suggest future topics you’d like to see us cover, connect with us on Twitter, Facebook or LinkedIn.

See articles in the Symantec social media series for partners.

Adding an additional Client Access Server (CAS) in your Exchange 2007 or Exchange 2010 environment is something that you probably need to do.  The question is what impact does this have on the Enterprise Vault environment?  Sometimes it is quite some time after the initial setup of the environment and how the EV + OWA side of things is long forgotten.  The steps to add an additional CAS are quite simple:

1. Edit the IP restrictions on the EVAnon virtual directory

- Add in the IP address of your new CAS server.

2. Edit the ExchangeServers.txt file

- Add in the IP address of your new CAS server.

3. Install the EV OWA Extensions.

- To add the EV functionality.

And that is it!  It's really that simple.  In the first step you are making the change 'live' to the environment.  In the second step you're making the change future proof.  If you recall you populate the ExchangeServers.txt file with the IP addresses of the CAS's before running the OWAUSER.WSF script.  So by adding the IP address of the new CAS server in to the file now, if you ever re-run the OWAUSER.WSF it will be already up to date, matching your environment.

Many people simply install the OWA extensions.  If you do that then it is likely that people will see EV functionality, and icons and so on, but, when they try to do something with them, they won't work.  This includes retrieval of archived items, which is probably the most common thing.  It will of course only not work for the users who go through the new CAS.

Veritas Storage Foundation and High Availability Solutions (SFHA) 6.0.3 is now available

For AIX , Solaris, Red Hat Enterprise Linux, SUSE Linux and HP-UX

SORT links are below:

Use SORT notifications to receive updates on new patches and documentation.

Cheers

Tony

InfoWorld recently ran an interesting article discussing 5 signs that indicate you might be the victim of an Advanced Persistent Threat (http://images.infoworld.com/d/security/5-signs-youve-been-hit-advanced-persistent-threat-204941?page=0,0&source=rss_security). The signs outlined in the article are good, but I don’t think that the author intended for this to be a comprehensive list.  With that in mind, this blog series takes a look at some of the other signs you might be an APT victim.  Like the InfoWorld article, this series isn’t intended to be comprehensive; rather it will just provide more food for thought in the effort to detect and defend against advanced attackers.
 
Sign 1:  Gaps in System and Security Logs
 
Part of what separates advanced attackers from script kiddies is the effort that goes into concealing the attackers presence and avoiding detection of their activities.  One tool in the advanced attackers toolkit is deletion of log files.  Often, they do not delete the log file in its entirety.  Instead, they may opt to remove log entries created during the times they are active on a system or be extremely surgical and remove the log entries specific to their activities.
 
The simplest way to defend against this type of attack is to write all logs to a separate logging server or better yet, export real time to a managed security service provider or security incident management solution.  This would force the attacker to go after the (hopefully) well defended logging server, MSP, or SEIM in order to attempt log modification.  Symantec’s Managed Security Service and it’s SSIM (or a combination of the two) are an excellent way to defeat this type of attack.
 
Sign 2:  Unexplained Changes in System Configurations
 
This can take on a number of forms including everything from starting/stopping of system services, registry changes, changes in ownership of system files, creation of new local privileged accounts, registry changes, etc.  In some cases, advanced attackers will actually make changes to system configurations that actually IMPROVE system performance and security.  By improving performance, systems may receive less attention from system administrators than they otherwise would, thereby reducing the chances of detecting the presence of an attacker.  Security improvements help attackers ensure that they do not lose control of the system to other attackers.
 
The best approach to defending against this activity is to have formally established secure build standards and to monitor for unauthorized changes to system configurations.  Symantec’s Control Compliance Suite Standards Manager, Critical System Protection, and Endpoint Protection (Behavioral Analysis engine) can all be utilized to layer defenses against this type of attack.
 
Sign 3:  Anomalous Traffic
 
The InfoWorld article touches on this but limits the discussion to unexpected large data flows.  While this is often true in the last phases of APT activity, earlier in the attack, activity is often performed “low and slow” in order to avoid detection.  However, even in low and slow phases, there are opportunities to detect anomalies in network traffic.  There are a few things I would recommend looking for in terms of anomaly detection:
 

Greetings Earthlings (well, most of you at least) After a great engagement in November, the Backup Exec team went back to Reddit for more last week. We lived through our first AMA and came out better people for it. The transcript from that event has been a topic of conversation in Engineering, Product Management and even in some executive leadership meetings.  We wanted to hear more, only this time, we were focusing on virtualization.  Since we wanted to narrow the focus a little bit, this is an AM(Almost)A because we had assembled some key creators of the Backup Exec virtualization strategy.

The event was again a success.  We garnered roughly a 70% approval rating on over 200 votes.  All told, there were over 140 comments including questions, answers and the odd troll.

Our setup for these AMAs is a bit like the South Park writers room.  We gather key players from Engineering, Quality Assurance, Product Management and Marketing.  Our main goal is to provide technical answers to questions and provide best practices advice for folks looking to optimize their environments.  Reddit is not a place to go if you are planning on spouting ad slogans or spin.  Redditors are there for unfiltered exchanges and direct conversation so we have to provide real answers that solve problems.

When a question comes in, it goes up to the room.  Depending on the subject, it can be debated as to what is the best answer, or claimed by someone from the appropriate department.  The meat of the answer is devised, then we crowdsource the language to make sure that we are directly addressing the issue and providing a straightforward answer.  Sometimes the best course of action is to direct the questioner to a tech note or a link, other times, we have to dig deeper into the question.  While it may be frustrating for the questioner, oftentimes, we do need to ask for more information.  Once we know enough about what the user is looking for, we work to give them the best information to solve their issue.

The most important thing for us, as a company is to be truly accessible.  Trolls will come into the AMA and drop clever quips, but sometimes there is a grain of truth in a jab.  When this happens, we have to admit it if there is a weakness.  It is far better to be truthful about something and move on to the next issue rather than try to spin something and ending up sounding like a politician.  We are doing events like AMAs and Google+ Hangouts in order to be straight with our users.  Symantec is made up of creative people who work hard to create solutions that solve problems.  If we weren’t working here, we’d be out there with you facing what you face.  We need to have these kinds of conversations with users who don’t go to VMworld or Vision so we can truly understand how you are using our products.  Just because we build Backup Exec to work a specific way doesn’t mean that a user won’t install it in a way that works differently.  What we learn from you in these events is important and goes into crafting the next version of Backup Exec.

So, with all of that being said, keep an eye out for us here as well as on other platforms like Twitter.  You can find me at @PackMatt73.  Other good sources to follow include @BE_Elias, @BackupExec& @SYMCPartners.  We are making every effort to meet you where you prefer to go.  Hit us up.  If we aren’t spending time in an area where there are a lot of you, let us know!  I love a good party.  Invite me to yours!

To put it mildly, the Altiris SMP 7.1 MP1's DS suite is not looking good. And if you have a working DS 6.x, do not migrate to DS 7.x!

Especially if you came from a previous DS 6.x back ground. The pxe now named SBS is flakier than the combo's at Long John Silvers, and the UI design is as simple as solving the Super Strings theory.

So the facts:

PXE works, but it does strange stuff at times and the only way to resume functions when a machine refused to function within PXE is to Stop all SBS services and clear out the Task Handler folder.

PC join domain, naming. Mother of all nightmares. How this could be such a complicated set of dance moves is shocking. This is an Enterprise product?

PC cant be re-named in WinPE, so the randomized name gets used as the PC name after the jobs at times. 

Here is to a good productive day on resolving the PC join domain after imaging issues. But it's future is bleak based on what we are seeing now.

A small compilation from the Symantec Portfolio including Data Sheets of several Symantec Security Products.

- Symantec™ Endpoint Protection 12.1.2 (10/12)
http://www.symantec.com/endpoint-protection/data-s...

- Symantec Endpoint Protection Small Business Edition 2013 (11/12)
http://www.symantec.com/endpoint-protection-small-...

- Symantec™ Protection Suite Enterprise Edition - Comprehensive, powerful endpoint, messaging, and Web protection, for less
money (06/11)
http://www.symantec.com/protection-suite-enterpris...

- Symantec™ Protection Suite Small Business  - Fastest, most effective security and recovery priced for small business (06/11)
http://www.symantec.com/protection-suite-small-bus...

- Symantec O3™ - A New Control Point for the Cloud (02/12)
http://www.symantec.com/symantec-o3/data-sheets-wh...

- Symantec™ Mobile Security - Advanced threat protection for mobile devices (07/12)
http://www.symantec.com/mobile-security/data-sheet...

- Symantec™ Endpoint Protection for Windows® XP Embedded 5.1 - Protection for Windows XP Embedded and Windows® Embedded for Point of Service (WEPOS) platforms (10/07)
http://www.symantec.com/endpoint-protection-for-wi...

- Symantec MessageLabs Email AntiSpam.cloud
http://www.symantec.com/email-security-cloud/data-...

- Symantec MessageLabs Instant Messaging Security.cloud
http://www.symantec.com/critical-system-protection...

- Symantec Protection Engine for Cloud Services
http://www.symantec.com/protection-engine-for-clou...

- Symantec Protection Engine for Network Attached Storage
http://www.symantec.com/protection-engine-network-...

- Symantec Critical System Protection
http://www.symantec.com/critical-system-protection...

- Symantec Critical System Protection Monitoring Edition
http://www.symantec.com/critical-system-protection...

- Symantec Messaging Gateway powered by Brightmail
http://www.symantec.com/messaging-gateway/data-she...

- Symantec Messaging Gateway Small Business Edition powered by Brightmail
http://www.symantec.com/messaging-gateway-small-bu...

The Ghost Solution Suite 2.5.1 support matrix for Windows 8 is now published on the Symantec support site.

Please access the following URL for details:
http://www.symantec.com/docs/DOC6337

Symantec Managed Services for NetBackup and Enterprise Vault provide comprehensive 24x7 monitoring, management and support for your customer’s environment under strict SLAs. You can provide total customer solutions by leveraging these managed services and upselling to your NetBackup and Enterprise Vault customers.

With managed services in your account, Symantec handles all the aspects of day-to-day operational management, so you're free from managing customer support issues. Symantec Managed Services is proven to improve customer satisfaction through increased operational efficiencies and faster realization of Symantec investments. And a happy customer means more business for you.

Symantec Managed Services for NetBackup and Enterprise Vault is now a part the Opportunity Registration program in North America. Attend this webcast to learn more about how these managed services can help you drive more business and keep your customers happy.

Symantec Managed Services–NetBackup and Enterprise Vault
Friday, February 8
2:00 p.m.–3:00 p.m. EST

Register today.

 SORT functionality is now available as a mobile application on the Apple App Store!

The SORT mobile app supports five key features from the SORT website:

• SPVU Calculator (includes Server Tier mapping)
• Error Code Lookup
• Patch Lookup
• Installation and Upgrade Checklist (Storage Foundation and NetBackup)
• News and Alerts (Storage Foundation and NetBackup)

Go to http://sort.symantec.com/mobile to get more information and to download the app to your iPhone or iPad.

Be sure to mention the availability of this app to your coworkers!

Channel Partners are always looking for new ways to differentiate their business so that they can offer the highest value to their customer base by providing best-in-class security solutions. Alignment with the right channel vendor(s) is crucial for partners to stay ahead of the market and evolve their businesses over time to solve business challenges.

Enter Symantec.  Symantec Website Security Solutions delivers industry-leading SSL, a world-class partner program, and compelling enablement that empowers partners with a more efficient time to market offering a profitable robust portfolio providing a right-sized solution for every client’s website security need and market level in today's dynamic threat landscape.

Today, Symantec announced Website Security Partner Program enhancements that will empower partners with the highest value in enablement and sales opportunities:

• Website Security Specialization (see Specialization Tab) – Differentiating partners’ business and positioning through training, API integration, and focus on Symantec branded solutions. When partners secure Specialist Partner status, they will be showcased a preferred partners with unique expertise.
• Website Security Training and Accreditation– Partners can gain a competitive edge, close more business, and enable smoother solution deployments with Symantec Website Security Accreditation.
• Road to Profitability Quick Start Program– Platform for new and current partners to access for important resources and tools for partner success in ramping their website security and SSL sales.

To get more information on the enhanced Website Security Partner Program, download the brochure on the Road to Profitability in the Welcome Module.

Lastly, we are broadening our website security solutions portfolio with the new GeoTrust Enterprise Security Center. This subscription-based solution that will provide partners with new selling opportunities and deliver multi-certificate management in the enterprise to end customers.

Symantec is relentless is providing our valued partners strong programs and compelling new business opportunities to support partner success. Check back for more tools and information on the Road to Profitability. Email additional questions to channel-partners@symantec.com.

Channel Partners are always looking for new ways to differentiate their business so that they can offer the highest value to their customer base by providing best-in-class security solutions. Alignment with the right channel vendor(s) is crucial for partners to stay ahead of the market and evolve their businesses over time to solve business challenges.

Enter Symantec.  Symantec Website Security Solutions delivers industry-leading SSL, a world-class partner program, and compelling enablement that empowers partners with a more efficient time to market offering a profitable robust portfolio providing a right-sized solution for every client’s website security need and market level in today's dynamic threat landscape.

Today, Symantec announced Website Security Partner Program enhancements that will empower partners with the highest value in enablement and sales opportunities:

• Website Security Specialization (see Specialization Tab) – Differentiating partners’ business and positioning through training, API integration, and focus on Symantec branded solutions. When partners secure Specialist Partner status, they will be showcased a preferred partners with unique expertise.
• Website Security Training and Accreditation– Partners can gain a competitive edge, close more business, and enable smoother solution deployments with Symantec Website Security Accreditation.
• Road to Profitability Quick Start Program– Platform for new and current partners to access for important resources and tools for partner success in ramping their website security and SSL sales.

To get more information on the enhanced Website Security Partner Program, download the brochure on the Road to Profitability in the Welcome Module.

Lastly, we are broadening our website security solutions portfolio with the new GeoTrust Enterprise Security Center. This subscription-based solution that will provide partners with new selling opportunities and deliver multi-certificate management in the enterprise to end customers.

Symantec is relentless is providing our valued partners strong programs and compelling new business opportunities to support partner success. Check back for more tools and information on the Road to Profitability.  Email additional questions to channel-partners@symantec.com.

Thanks to everyone who attended today’s webcast based on a popular Connect article called "How to Set Up a Backend Failover Solution" for Workspace Streaming.

Special thanks to Ganesh Balasubramanian for his great presentation!

Play or download the Webcast recording here:
https://symantec.webex.com/symantec/lsr.php?AT=pb&SP=EC&rID=57527887&rKey=a62a428db9f21011

Slides from today's Webcast are attached to this blog post.

Links you may find useful:

Download Trialware for SWV or SWS

• http://www.symantec.com/workspace-virtualization/trialware
• http://www.symantec.com/workspace-streaming/trialware
   

Interested in participating in the SWV/SWS 7.5 Beta? Apply here:

• https://symbeta.symantec.com/callout/?callid=DADBB48E770140B1ADE4A3DDE0356A67

To download or listen to previous webcasts, go here:
https://www-secure.symantec.com/connect/articles/symantec-endpoint-virtualization-groups-favorite-webcasts-and-podcasts

fren·e·my [fren-uh-mee] noun. Someone who is both friend and enemy, a relationship that is both mutually beneficial or dependent while being competitive, fraught with risk.

When it comes to taking your intellectual property (IP), employees are the less obvious player but they can be frenemy #1. In many cases, these trusted employees are moving, sharing and exposing sensitive data in order to do their daily jobs. In other instances, they are deliberately taking confidential information to use at their next employer. It’s not that these employees are inherently malicious – often they just don’t know it is wrong to do so.

According to a new Symantec survey examining employee behavior and attitudes around IP theft, this is happening more than we’d like to think. Half of employees admit to taking corporate data when they leave a job, and 40 percent say they plan to use the data in their new job. This means valuable intelligence is falling into the hands of competitors. Ultimately, this puts everyone at risk – the employee who takes the IP, the organization that invested in it and the new employer who unwittingly receives it. Everyone can be held accountable, and no one wins.

What’s startling is the sheer number of employees who don’t think taking corporate data is wrong. Sixty-two percent of employees think it’s acceptable to transfer corporate data to their personal computers, tablets, smartphones and cloud file-sharing apps. And once the data is there, it stays there – most employees never delete it.

Employees don’t think twice about taking corporate data because they don’t see the harm – 56 percent don’t think it’s a crime to use trade secrets taken from a previous employer. Underlying this belief is a lack of understanding who owns the IP. The survey shows that employees attribute ownership of IP to the person who created it.

Companies are failing to train people in what belongs to the employee and what belongs to the company, and they are not creating an environment that promotes employees’ responsibility and accountability in safeguarding business information. Additionally, they are not educating employees that using a former employers’ confidential data puts the current employer at risk.

What can businesses do to reduce the risk of insider IP theft? Symantec has created three key recommendations based on the survey results:

• Employee education: Organizations need to let their employees know that taking confidential information is wrong. IP theft awareness should be integral to security awareness training.
• Enforce non-disclosure agreements (NDAs): Include stronger, more specific language in employment agreements and ensure exit interviews include conversations focused around employees’ continued responsibility to protect confidential information and return all company information and property (wherever it is stored). Make sure employees are aware that policy violations will be enforced and that theft of company information will have negative consequences to them and their future employer.
• Monitoring technology: Implement data loss prevention software that monitors inappropriate access and use of IP and automatically notifies managers and employees in real time when sensitive information is inappropriately sent, copied, or otherwise exposed, which increases security awareness and deters theft.

As for safeguarding valuable IP, companies cannot focus their defenses solely on external attackers and malicious insiders who plan to sell stolen IP for monetary gain. The everyday employee can be just as damaging to an organization. The lesson from this survey is clear: keep your enemies close and your frenemies closer.

For more information, we invite you to read the complete report What’s Yours Is Mine: How Employees are Putting Your Intellectual Property at Risk, available for download at: http://bit.ly/XFjYwQ.

Fixed a few things yesterday if you are keeping up with this still. The PXE/WinPE loading issue is working for now. but our cases with Symantec is stacking up.

There are 5 open cases which all seemed to be shuffled around from technician to technicians. When I get time I will be calling the duty manager to escalate them to the DS team as they are almost all DS related.

So the new issues:

Some machines does not always boot in to WinPE. They just wont do it even with a SBS rebuild and only on some jobs. Unfortunately this happened to one of my image machines. It imaged fine on Child Server 1's Site server 1. But will not boot in to PXE on Child server 2's Site server 2.

When an image is captured. Which means we had to force the machine to shutdown after the Syprep. They delete the image capture job and apply a Image capture task. Well now the Image Deploy job will not allow us to populate the Serial # after selecting the image. Look at the red arrows in the picture.

The NS side is smooth. Managed software is working perfect, Patch and inventory is awesome and easy. But the DS is causing more work stoppages than the Hostess teamsters.

Next time, hopefully we can move forward to build our environment with less issues.

User Facing: Desktop

• Added the ability for users to attach files to private messages.
• Added the ability for users to adjust their private message notification settings in their user profile.
• Made two changes to the behavior of "featured" items in forums. 1) Forums are now limited to a maximum of 5 featured items. 2) Featured lists can now be hidden by the user.
• Fixed an issue with the tabbed interface on Community overview pages, blog overview pages, and user profile pages.
• Fixed an issue with Twitter feeds not displaying on their associated blogs.
• Modified the Company Information form on user profiles to require a choice -- instead of accepting the default.
• Fixed an issue with Akamai caches not being automatically flushed after a post was updated.
• Fixed an issue with RSS feeds designed to pull user content into PartnerNet. The feed was failing when the user did not have a valid Connect account.

User Facing: Mobile

• Made modifications to the Mobile theme based on feedback from Symantec's design/branding team.

Admin Facing

• Added code that Community Managers can use to export Idea submissions to a .csv file that can be opened in the spreadsheet tool of their choice for easier vetting and presenting to management.

Sometimes, serendipity happens.

Here at Website Security Solutions, we're constantly striving to educate people on how important SSL Certificates are to the Internet. The Norton Secured Seal represents trust on the internet; a sure mark that the website where it is displayed represents a site that can be trusted to conduct business transactions.  We try to educate consumers about how to shop safely, and conduct their business online with a minimum of risk; because it's a world full of internet predators out there trying to steal people's money, their data, and their very identity.

Consumer education is one of the most important things we can do in the Security industry. We have to teach people what to look for, how to surf safely, and how to protect themselves. And all the focus group results we show will always appear just a little biased to people who don't understand surveys and data, because they'll always believe that since Symantec paid for them to be done, the results skewed our way. So when an independent organization working with a third party survey gets results that favor us, then post it to the internet, all we can do is dance for joy. And I'm dancing today, because Google and the Baymard Institute have done just that: http://baymard.com/blog/site-seal-trust.

Now this doesn't mean our work is done. According to this survey, almost half of the people didn't know enough to make a decision about which mark was the most trustworthy, and that means that our job to get customers educated is incomplete. More people should know what it means to see a trust mark on a website, and know what they're looking at when they click on it. More people should know that the green bar or tab in their browser means they're on a site that's been through some intensive validation as an organization, and that they are who they say they are. And we're going to keep working on that.

With that said, having an external site point out that the Norton Secured Seal *is* the most recognized trust mark on the internet for e-commerce is a big deal. And I hope it's reassuring to all the businesses that choose to buy from Symantec. It means that at least half of their customers understand and appreciate the security of choosing HTTPS, and that they chose Symantec: The first commercial Certificate Authority, and the most recognized name in website safety.