Cyber security powerhouse Symantec Corp. plans to release a new product within the next 12 months that it believes will deliver the necessary identity management and information protections that many federal agencies are looking for before they make the leap to cloud computing, a senior Symantec official said.
Many federal enterprises, particularly those in the defense, intelligence and homeland security arenas, have been slow to move to cloud-based services because of the security concerns that arise from moving an organization’s servers, software and data into a shared cloud environment. But with its new O3 (a.k.a. Ozone) product, which will combine identity management with policy controls, information inspection and encryption, Symantec officials believe they have the answer that the government has been looking for.
“We see O3 as a new identity and information-centric security layer for the cloud,” said Rob Koeten, Senior Technical Director at Symantec and the chief architect behind Symantec’s O3 concept, which is detailed in an Breaking Gov video.
There are two basic components to Symantec O3 that will provide assurance and security for any user to use any device to access any software service or Web application.
The first of these components is called the Intelligence Center, which acts as the central control point for policy administration. The second component is the O3 Gateway, which enables IT departments to assign a single identity to each employee, determines what information those employees are authorized to access and inspects data moving into and out of the cloud for the purpose of either blocking its transmission or encrypting it.
“So instead of integrating all of these stacks, the IT department in essence builds their own catalog of services and then associates policies with those services,” said Koeten.
A major component of the O3 Gateway is data loss prevention (DLP) technology that Symantec acquired in 2007 when it purchased DLP software developer Vontu. The O3 Gateway will inspect the data accessed by a user to determine if it contains sensitive or propriety information, and then determine based on the policies in place if it should block the data from going to specific software services, such as a Gmail account, or encrypt the data before transmission.
Combining these Gateway controls and policy enforcement with identity management is a critical step in securing a cloud-based enterprise.
The reason for this, according to Koeten, is that the drive toward cloud computing is being fueled by the consumerization of IT – tech savvy users who want to use their own mobile devices and software services to get their jobs done faster and more efficiently – and the push by enterprises to reap the cost savings and manpower benefits of virtualization.
“It’s all about flexibility and efficiency, said Joe Pasqua , Vice President of Research at Symantec Research Labs. “But one of the fundamental things about O3 is that we’re trying to move to a model where you can be flexible and efficient and secure.”