Symantec Will Centralize Encryption with Acquisitions
Symantec said Thursday it will pay $370 million in cash to acquire encryption technology providers PGP and GuardianEdge Technologies, with the deals expected to close during the company's June quarter. Symantec sees its acquisition of standards-based encryption capabilities from the two firms as a natural extension of its strategy for securing and managing information on any device — across both the enterprise and consumer segments as well as in the cloud, said Symantec CEO Enrique Salem.
"With PGP and GuardianEdge's encryption solutions for full-disk, removable media, e-mail, file, folder and smartphones, Symantec will have the broadest set of integrated data-protection capabilities," Salem said. "We will be able to address the encryption needs of all customer segments from the largest enterprises and governments to small businesses and individuals."
Together, PGP and GuardianEdge are expected to significantly expand the addressable security market that Symantec can serve, Salem told investors during a Thursday conference call. "State and national governments are enacting more stringent mandates, driving the need to encrypt sensitive information and protect an individual's privacy," Salem said. "Also, the increased costs and frequency of data breaches are driving the adoption of encryption as companies strive to mitigate risk and protect their critical information from cybercriminals."
Symantec said PGP's key management platform and product portfolio of hard disk, file, folder, e-mail and mobile and removable media encryption will be integrated into the Symantec Protection Center to further enhance the management of endpoint security, data loss prevention and gateway security products. "PGP has more than 110,000 enterprise customers and more than one million SMB and individual customers worldwide," Salem said.
Forrester Research Vice President Jonathan Penn said the PGP acquisition was quite a surprise, and a pleasant one since PGP offers unique value to Symantec.
"They will have to support PGP encryption in e-mail and on the desktop, given the technology's established and loyal customer base," Penn said. "But with PGP, they're also likely looking at extending that encryption platform beyond e-mail, files and SharePoint" into "other places where Symantec plays: Databases, backup, archiving and storage management." And there are "some interesting possibilities in offering encryption to consumers as well," he added.
A Transformational Component
The addition of PGP's key management is the transformational component that can provide Symantec with a competitive advantage, noted IDC Research Vice President Charles Kolodgy. "They can build a full enterprise key management system that will tie together GuardianEdge FDE, PGP file/folder and e-mail encryption, and NetBackup encryption," he said.
Kolodgy noted that 52 percent of the respondents to an IDC survey said in 2007 that their organizations would be more inclined to deploy multiple encryption solutions if all components could be managed.
"The use of central, manageable key management has been what many people are looking for because they do not like all of the different encryption key silos," Kolodgy said. Furthermore, PGP's earlier purchase of TC TrustCenter and ChosenSecurity provides Symantec "with the tools required to provide a platform for managing trusted identities used for encryption, authentication and secure collaboration," Kolodgy added.
The GuardianEdge acquisition is expected to strengthen Symantec's efforts to serve U.S. government agencies — especially those which are seeking to conduct business with fewer vendors. Symantec had "an established partnership" with GuardianEdge, and has "followed up on its modus operandi here of partnering before acquiring," Penn said.
"GuardianEdge brings a set of encryption applications that are desktop oriented," Penn added. Symantec's plan for GuardianEdge "would likely be deeper integration into Symantec Endpoint Protection" (SEP) and "I'm sure Symantec will take a good look at PGP's endpoint solution and migrate functionality" to SEP "as well," he said.
This article is brought to you by Alinas Guide.