Security & Conflict of interest

While many of us excitedly followed the news about Microsoft taking over LinkedIn for some $26.2 bn deal.
 
The other acquisition which got security folks attention was Symantec bought Blue Coat in U$ 4.6 bn deal.
 
Before I point why this deal is interesting from security point of view, let me highlight what these companies do from security standpoint of view.
 
Both companies are  involved in cyber security services however both have their own niche , specialised areas of coverage. That’s also the reason the merger is exciting and beneficial.
 
Symantec is known to provides certificate related services , so that the communication between the Client (user) and Server is secure and protected.
 
Blue Coat on the other hand provide advanced web security solutions for global enterprises and governments. Protect enterprises and their users from cyber threats – whether they are on the network, on the web, in the cloud or mobile.
 
So what’s the interesting part here:
 
Many security practitioners believe that this acquisition provides Symantec a privilege of end to end visibility over the entire systems chain. One guy even went ahead to comment that many Government organisation may line up to their office to obtain espionage services.
 
To provide an analogy –if you have a multi storey office – Symantec provides the initial security check services to enter the building and you carry their visitor pass all the time. People who see you inside the building with pass trust that you are okay to be there, but as a visitor there is considerable space/rooms which are off-limit to vistor. To enter these areas you need a separate set of privileges which are managed by different security vendor. However through the above Corporate merger now we find that quite number of clients would face higher skewed vendor risk, as post acquisition Symantec may end up providing security services all the way from entering the building to the bullion vault.
 
Enterprises take security services and there is a considerable level of trust as an intangible component of it. However by having multiple layer of security, supported by different vendors, enterprise lower over-reliance on trust factor. But post this  acquisition many mature customers may have to  rethink about conflict of interest here, which also depends on the secret and sensitivity of the information being secured.
 
Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s