Unified Identity by Symantec
At Symantec we thrive protecting people's and organization's life. Symantec’s Job is “easy”:
“prevent bad guys to get in, and prevent good stuff to get out”
We believe Identity is one of the most precious things we have to secure, especially in digital life. Identity is becoming the center of almost all our activities (personal and professional, social, home automation, vehicle, healthcare, interaction with governments, …)
Identity is foundational and strategic to Symantec. I believe Symantec can play an even bigger role on Identity, leveraging its reputation and trust. Not many people is aware of the number of millions of identities we manage at Symantec. Billions of device identities, hundreds of millions of user identities. And more to come...
We need to excel in Identity since “Identity is the Ultimate boundary of protection and security” due to shifting paradigms: Cloud, Mobility & BYOD, BYOid, Internet of Things… are creating a perfect storm. Traditional approach is losing ground quite rapidly since traditional boundaries are vanishing… data is already out there!
As Nico Popp correctly identified, CIO/CISO's job is changing too. They will not own nor manage the Infrastructure anymore (AWS, Azure, RackSpace,…), they won’t own nor manage their applications anymore (SalesForce, Box, Office 365, …), they won’t own the endpoints either since Bring Your Own Device allowance is growing fast. So, …
What do companies have left to own and manage? Identity and Data. Nothing more, nothing less.
We believe Identity is key to identify who (user / device) is doing evil or wrong, and take immediate and laser focus actions, with “Intelligence” leveraging Identity, Risk Based Policies, our and DLP. That is true Information Protection.
Identity is an Enabler. Nothing makes sense without Identity. And it's key to our Telemetry initiative, because it requires Unified Identity to be able to correlate all different events related to a user, to a device or to an entity, providing Context and Content Awareness.
Additionally, the world is moving in a password-less direction. It is only natural that Symantec as the biggest security company leads this destiny. The “kill the password” idea is the basis to several Symantec products and even describes the core of the Identity group for the past years.
Executing on a Unified Identity, we get several benefits:
- Greater Security
- Greater Internal efficiency (reduced costs and productivity boost)
- Richer features and improved user experience
- Increased Intelligence and context awareness
- Shorter time to Detection and Remediation (Risk Based Security)
We believe Identity must be Standards-based. Solutions should be simple, scalable and based on approved standards. (SAML, OpenID Connect, OAuth, …), that enable consistent identification across platforms, environments and software vendors.
To help drive the long term goals, this synchronized Identity should evolve into more value added solution, such as maintaining an at-risk users analytics, or showcasing behavior anomalies of users altogether, leveraging and unifying identity telemetry generated by applications, to prevent a security hole before it can ever manifest.
The way we envision Identity is based on three main pillars or components:
- Authentication Services
- Identity Gateway
- Directory of Everything
Point of Arrival: One Center of Excellence. One Shared Identity Platform. Just Once.
