Symantec Information Foundation 2007 is the new, integrated information security and archiving suite that provides a common framework for consistently enforcing content control policies across the enterprise, from e-mail gateway security to archiving.  With Symantec Information Foundation, IT professionals can help proactively prevent the risk of data loss and policy violations, while rapidly and cost-effectively responding to electronic discovery (E-Discovery) requests.

Symantec Information Foundation offers the following differentiating capabilities:

Consistent content controls with automatic classification and policy enforcement for effective risk management - As information flows across the network gateway, internal servers, and enterprise archive, Symantec Information Foundation consistently captures, scans, and classifies content based on risk and business value.

Integrated incident management and remediation for ensuring risk management compliance - As policy violations such as confidential information loss, customer data disclosure, and regulatory compliance breaches are detected, incidents are automatically created and escalated for review and action.

Centralized archiving, audit, and discovery - Data flagged as suspicious or violating policy can be proactively retained as evidence for future discovery and investigation.

Symantec Information Foundation is targeted to help organizations protect themselves against risks across the wide range of e-mail, instant messaging, Web communications, file sharing, and other information systems within the enterprise.

What are the key features and benefits of the IF 2007 suite?

Symantec Information Foundation includes the following market-leading technologies: Symantec Enterprise Vault, Symantec Enterprise Vault Discovery Accelerator, Symantec Enterprise Vault Compliance Accelerator, Symantec Mail Security 8300 Series, Symantec IM Manager, Symantec Information Foundation Mail Security for Exchange, Symantec Mail Security for Domino, and Symantec Web Security for Microsoft Internet Security and Acceleration Server (ISA).

Built on Symantec's antivirus, anti-spam, content filtering, archiving, retention, E-Discovery, and policy management technologies, Symantec Information Foundation provides integrated protection for information contained in enterprise e- mail, instant messaging, Web communications, portals, file sharing, and other enterprise information systems. 

In addition, Symantec Information Foundation simplifies administration by consolidating a single platform from a single vendor, which enables IT organizations to reduce their ongoing management and maintenance costs while effectively managing risk through a common policy framework. 

The Symantec Information Foundation Mail Security 6.0 for Exchange which is currently a beta version is said to be a key component in the Symantec Information Foundation suite. How does it fit into the whole IF 2007 suite and strategy?

Symantec Information Foundation Mail Security 6.0 for Exchange is a key component of the Information Foundation Suite. With Microsoft Exchange 2007 enjoying a major market share with most enterprises, securing Microsoft Exchange is crucial for us.

All systems that are used to exchange and store information within an organization are vulnerable to an increasing range of security, compliance and legal risks. The Symantec Information Foundation Mail Security software aims to reduce risks to information flowing internally as well as in and out of the enterprise via Microsoft Exchange servers, including Microsoft Exchange 2007.

The name ‘Information Foundation' is very interesting - is there a back-story to it?

Symantec's security 2.0 story consists of three main components for protecting an organization. The bottom layer is Security Foundation, which protects the systems and the applications of the enterprise. The middle layer is Information Foundation positioned around Information Risk Management, which protects the information and content within an organization. The top layer is Security Management, which provides the auditing and reporting for an organization's environment to ensure IT Policy Compliance.

How does IF 2007 fit in with Symantec's business strategy in the Asia Pacific region in 2007?

Over the past year we have seen tremendous interest by the market and our customers in adopting and utilizing our products and solutions for managing their messaging systems.

Messaging management too has changed and evolved into a broader category of Information Risk Management (IRM). While optimizing and reducing the cost of ownership associated with enterprise messaging systems is still very important, we are now embracing IRM as an opportunity to help our customers protect themselves from the increasing number of risks associated with information systems within their organizations, including information from email, IM, web, portals, file systems, and other sources, all from a single vendor.

In the Asia Pacific, what kind of channel model does the IF 2007 use? How does this new suite fit in with Symantec's overall channel strategy for 2007 (for e.g. does it call for any changes/modifications in the channel plan)?

Symantec is a channel-centric company and we've enabled a broad network of local and regional partners that cater to enterprises, SMBs, and consumers.

We recently launched a new worldwide partner program and partner portal, PartnerNet. Symantec has committed a five-fold increase in its partner-focused technology infrastructure investment. These additional investments are designed to expand the capabilities of our PartnerNet online portal, to support our growing base of more than 60,000 partners around the world.  PartnerNet is available in 12 Languages 24x7x365. Additionally, partners can access tools and resources specific to Partner type, level and country

What do you think IF 2007 means for Symantec's channel partners in the region?

We've strengthened our relationships with our partners through the Symantec Sales Expert training program. New training modules and assessments are available to partners on a quarterly basis via PartnerNet, offering added market credibility and recognition to help our partners realize more revenue opportunities. This program will provide them with the resources to deliver value, meet their customer's needs, and to expand their portfolio of market leading solutions.

Symantec's channels strategy delivers branded security and availability solutions that are designed specifically to meet the needs of this channel and offer targeted products, cost-effective packaging, market-sensitive pricing, and training and support required for partner success.

With the launch of this new product suite, is Symantec looking for new partners in the region?
If yes, which types, where and why?

Symantec values all of our partners as an important part of our business. As part of our Global Partner Program, we have on-going programs to enable our partners' world wide and Symantec will remain committed to invest in its partner community. Our goal is to grow our channel business and continue to earn the loyalty of partners who share our vision.

In your opinion, what is the biggest source/cause of data leakage and data security issues in enterprises?

Data leakage is increasingly becoming a key concern for companies, involving the discovery of stolen information and unauthorized removal of organization's data that could result in multi-million dollars loss. Weak security systems and the absence of standard operating procedure policies also contribute to data leakage, making it easier for the criminals to access a company's confidential data for financial gain.

In a recently released the Symantec IT Risk Management Report*,  58 percent of respondents expect a major data loss caused by events such as data center outage, corruption of data, or breach of security systems, at least once every five years. For example, in the case of Singapore, the nation is increasingly becoming reliant on Infocomm technology. We cannot be complacent and believe we are safe because there is no doubt that the rising number of cyber attacks threatens our Infocomm environment. Inaction is not an option, organizations need to act decisively and swiftly through a concerted and collaborative effort to boost defences and prepare ourselves to counter those threats.

* The recently released Symantec IT Risk Management Report aimed at helping executives and IT operational personnel understand the critical elements involved in an effective IT risk management strategy, is based on input from quantitative and qualitative survey research collected from more than 500 respondents from IT managers to top IT executives in organizations with worldwide operations (including APJ), in a wide representation of industry segments.

What are the current risks associated with the information system (from the gateway to the archive)? Do you think businesses in Asia understand these risks (of data loss and policy variations) and are equipped to deal with them?

Most organizations have basic security at the gateway but these are often not comprehensive enough to address data leakage/information risk management. Data security solutions are important, but they do not address the risks involved. With 75% of a typical company's intellectual property contained in email, having content control will prevent good and sensitive information from being sent outside of the organization accidentally or with ill intent, thus managing the risk involved.

Having said that, if an organisation keeps all electronic communication for the last 6 years without proper processes in place, it will cost an organization a lot of time, money and resources to discover the relevant information should they be involved in litigation. With 80% of all organisations today accepting email as written confirmation of transactions and 75% of all Fortune 500 company litigation involving the discovery of email communication, it may not be acceptable in courts if the time required to discover the information far exceeds the allocated time for discovery.

Archiving via proper technology such as Enterprise Vault Journaling with Discovery Acceleratory of all electronic communication will enable the discovery of such sensitive information when required.   This will also allow proper cases to be established included reviewing emails with audit trails.  An external auditor can also be given permission to review the information.

Initially Asia was lagging behind North America and Europe in terms of deploying such technology but they're catching up as regulations such as JSOX are currently in place. Corporate litigation and transacting with businesses globally are beginning to help Asian companies better understand the risks involved. We are beginning to see an upsurge of requirements from Asian company's for such technologies to be in place.

What are the current trends and challenges in data and information management? How can these challenges be overcome? Can these best practices be applied to businesses of all sizes?

Email today is still a primary communications tool for companies and government agencies around the world. However, businesses are extending beyond email to embrace real-time communications tools like Instant Messaging (IM), Peer-to-Peer (P2P), Voice over IP (VoIP), SharePoint, blogs and wikis to improve collaboration and reduce decision-making time.

An average employee may receive approximately 50 emails in a given day. When multiplied by 50,000 employees in the company, that's 2.5 million emails coming into the organization's network every day, and 912.5 million every year.  And many companies - such as financial institutions - are required to retain emails for 20 years or more.  With the addition of Instant Messaging (IM) and VoIP, information protection and management becomes even more imperative.

The main challenges faced are:

Cost - Hardware and software costs keep dropping, but the operational costs to manage IT have continued to increase.  At the same time, the volume of data is exploding.  IT departments have to secure information, ensure its availability, and optimize its performance-with less money, fewer people, and fewer resources.

Complexity - Today's operating environments are made of multiple operating systems, architectures, platforms, and applications.  This heterogeneous environment ensures more complexity, not less.

Compliance - Compliance wields considerable influence on IT investment decisions.  Organizations cannot avoid bumping up against some new rule or regulation and its information-related requirements-whether it's record retention, discovery and retrieval, auditable processes, or security breach disclosure.

Some best practices all businesses should adopt include:

• Employ defense-in-depth strategies, which emphasize multiple, overlapping, and mutually supportive defensive systems to guard against single-point failures in any specific technology or protection method. This should include the deployment of regularly updated antivirus, firewalls, intrusion detection, and intrusion protection systems on client systems.
• Turn off and remove services that are not needed.
• If malicious code or some other threat exploits one or more network services, disable or block access to those services until a patch is applied.
• Always keep patch levels up-to-date, especially on computers that host public services and are accessible through the firewall, such as HTTP, FTP, mail, and DNS services.
• Consider implementing network compliance solutions that will help keep infected mobile users out of the network (and clean them up before entering).
• Enforce an effective password policy.
• Configure mail servers to block or remove email that contains file attachments that are commonly used to spread viruses, such as .VBS, .BAT, .EXE, .PIF, and .SCR files.
• Isolate infected computers quickly to prevent the risk of further infection within the organization. Perform a forensic analysis and restore the computers using trusted media.
• Train employees to not open attachments unless they are expected and come from a known and trusted source, and to not execute software that is downloaded from the Internet unless it has been scanned for viruses.
• Ensure that emergency response procedures are in place. This includes having a backup-and-restore solution in place in order to restore lost or compromised data in the event of successful attack or catastrophic data loss.
• Educate management on security budgeting needs.
• Test security to ensure that adequate controls are in place.
• Both spyware and adware can be automatically installed on computers along with file-sharing programs, free downloads, and freeware and shareware versions of software, or by clicking on links and/or attachments in email messages, or via instant messaging clients. Ensure that only applications approved by the organization are deployed on the desktop. ◊

By Shanti Anne Morais