Symantec reviews security

Symantec’s managed security services (MSS) set-up has been verified by a third party in a bid to build trust among clients.

  • E-Mail
By  Simon Duddy Published  March 28, 2005

Symantec announced it has obtained its second annual Statement of Auditing Standard No. 70 (SAS 70) examination report for its managed security services (MSS) security operations center (SOC) in Alexandria, VA. This report is designed to validate Symantec’s 24x7x365 security monitoring, management and response service for its enterprise customers. The objective of the SAS 70 review is to provide Symantec's Board and Symantec's MSS customers with an independent examination of the applicable internal controls placed into effect in Symantec's global network of SOCs administered in Alexandria, VA. “Companies looking to outsource the management of their critical infrastructure should require third-party reviews to be performed on their service provider's internal controls,” says Grant Geyer, vice president, Symantec Managed Security Services. “Symantec customers can be assured that with the completion of our second annual SAS 70 Type II audit, our managed security services continues to be consistent, safe and reliable,” he concludes. Many companies, especially financial services, require credible proof that a MSS provider has processes and controls in place to provide a consistent, stable and secure environment to safely monitor and manage customer data throughout the organisation. Issued through guidance established by the American Institute of Certified Public Accountants, the SAS 70 Type II auditor's report provides assurances regarding specific control objectives that Symantec has designed to meet customers’ unique needs. “A third-party review of a partner's security controls is becoming increasingly necessary in today's marketplace,” says Paul Proctor, vice president with META Group. “Obtaining SAS 70 Type II certification creates an immediate trust between partners and demonstrates compliance with the standard of due care for security and risk controls,” he adds. Symantec says it is the only global MSS provider to meet the auditing requirements for SAS 70 Type II as well as the certification requirements of British Standard 7799 (BS7799), an equally prestigious international standard for establishing, implementing and documenting an effective information security management system.

Add a Comment

Your display name This field is mandatory

Your e-mail address This field is mandatory (Your e-mail address won't be published)

Security code