With so much focus on security as all things cloud computing continue to rise, Symantec just rolled out a new cloud information protection platform and a roadmap for its services. Symantec also partnered with
.com on cloud security.
Dubbed O3 Cloud Identity and Access Control, Symantec's security software offers three layers of protection for the cloud: access control, information security and information management. Companies that deploy O3 get a single, secure access point to cloud apps and services.
According to a recent Symantec survey, 44 percent of CEOs said they were cautious about moving business-critical applications to the cloud, with 76 percent citing security as a main concern. O3 hopes to help CEOs and CIOs overcome those concerns with a security solution built to protect business-critical apps.
No Federation Protocols Needed
"Symantec O3 is a new security control point for the cloud that allows IT departments to embrace cloud services without relinquishing control by applying their own policies into the cloud information stream," explained Sergi Isasi, senior product manager at Symantec. "Symantec O3 will also increase convenience for end users by enabling employees to leverage the applications, services, Single Sign On and mobile devices they prefer across any Web application."
As Isasi mentioned, Symantec O3 Cloud Identity and Access Control offers Single Sign On across any Web application -- even the ones that don't support federation protocols. The security software taps into an enterprise's existing identity infrastructure for authentication while allowing context-based authorization, password management and federation services.
O3 Cloud Identity and Access Control also comes pre-integrated with Symantec Validation and ID Protection Service so large enterprises can use existing VPN credentials to strengthen access to any cloud application. Symantec may get some fast traction with its partnership with Symantec to deliver O3 for Salesforce, which is built on Force.com, Salesforce.com's social-enterprise platform.
When it hits the market, Symantec O3 for Salesforce will let Salesforce.com customers use their Salesforce identity to securely access all of their cloud services. O3 for Salesforce will also make possible two-factor authentication for Salesforce and other cloud applications.
The O3 Roadmap
"Security is consistently identified by enterprises as the top inhibitor to the adoption of cloud computing," said Neil MacDonald, vice president and fellow at Gartner. "Since we don't own or control the infrastructure that cloud-based services are delivered from, there is an increasing need to inject security policy such as identity mapping, encryption and access control between users and the cloud-based services they are consuming."
What's next for 03? Symantec announced plans to deliver cloud information security by leveraging Symantec's leading DLP and PGP encryption technologies to automatically detect, block and encrypt confidential information before it's stored or shared in the cloud. The third layer of Symantec O3 promises information management and compliance by aggregating all cloud-related security events, providing the foundation for comprehensive cloud audit, forensics and compliance.