Apr 08 2008

Day 1 of RSA

Published by at 6:43 am under General

Day One of RSA has come and gone, and with it the first wave of vendor presentations and parties. This was just a warm up for things to come, but it was a day well spent. I stayed out much later than I should have, though I wasn’t drinking much and won’t be paying for it today.

Michael Santarcangelo organized a small event with the folks at Symantec to provide feedback for them on several product lines they’re working on. For the most part they seemed honestly interested in hearing what we had to say, though that varied from person to person. And it’s a good thing, because the group around the table had a lot to say, with me near the front of the pack in being vocal.

For the next version of Norton, speed is the only thing they’re concentrating on. How long does it take to install, how much does it add to boot up, how long does it take to uninstall? There are all questions Symantec is asking themselves, because the hit to performance AV causes has apparently been one of the biggest complaints they’ve received from their customers. There’s a bit of concern that by concentrating on speed rather than new features customers won’t see a need to purchase Norton, which may be true, but I think corporate customers will be drawn by an AV product that interferes with their users as little as possible.

The product that definitely caused the most discussion is a family protection suite, tentatively called “Family Safety” that hasn’t even beta yet. What I found interesting in this product wasn’t the technology itself, but rather the philosophy that went into it’s design. Rather than just blocking kids and alerting Mom and Dad, it’s designed to tell kids exactly why they’re being blocked and make sure they know what rules they’ve broken. It’s adjustable to accommodate the kids as they grow older, it has different profiles for each kid and reporting capabilities for parents.

The one word that kept coming up again and again was ‘conversation’; Symantec views blocking and monitoring as a parenting function, not a function of technology. They’re trying to create software that makes sure everyone involved knows what’s being blocked and why, and facilitate the conversation between the adults and children. Rather than being a dictatorship making arbitrary rulings, Symantec is trying to explain why certain sites are blocked and how they fit into the house rules. There’s a lot that still needs to be hammered out in this model and it takes more interaction from parents, but I believe they’ve got a very good start on a program that helps parents and their children communicate rather than just blocking web sites and leaving it at that. I’m looking forward to the beta of this project.

The final session was on Vontu, and I have to say this was my least favorite session. As I stated yesterday I view Data Loss (or Leak) Prevention as a need that has to be pushed and managed from the business side of the house, not the security side. Kevin Rowney, the founder of Vontu, tried hard to express DLP as a risk based security issue, but I’m still not convinced that the security arena has matured to the point this is a valid argument. Most corporate security people aren’t to the point where they can successfully argue for technologies from a risk standpoint and most business people aren’t ready to listen to security practitioners provide input on business decisions. The only way I can see any DLP product being sold into a business is if the impetus comes from the top levels of the company and entrusted to security, as opposed to being a initiative sponsored by IT and security. There is definitely a security aspect to DLP, but we’re years away from the the sort of risk based approach needed to push DLP in the enterprise from the security department. And DLP isn’t cheap, placing it out of reach of all but the biggest companies, like the Fortune 1000.

The showroom floor opened with a bang last night and the reception made it very sure that most of the security folks would be scarfing on the free food where they could be approached by vendors rather than spending their per diem in the restaurants around the Moscone center. Every year there seems to be more vendors. A quick walk through last night with George Starcher, the former host of the In the Trenches podcast, didn’t reveal any big surprises, other than a fair number of companies I haven’t seen or heard of before. The next couple of days will reveal a lot about who’s there and what the big new technologies are, as well as getting me roped in to any number of vendor presentations. Should be interesting if not necessarily fun.

[Slashdot] [Digg] [Reddit] [del.icio.us] [Facebook] [Technorati] [Google] [StumbleUpon]

2 responses so far

2 Responses to “Day 1 of RSA”

  1. Raffion 08 Apr 2008 at 7:54 am

    You know my views on this. The conversation is the critical part and the tool should only help that conversation.

    Unfortunately, I think unless they have a mode that says “parent for me” I think most parents will go to a product that will do the decision making for the parent.

    Conceptually it’s an interesting direction.

  2. […] ran into Martin McKeay the on Monday and he pulled me into a round table with Symantec at the point they were covering Data Loss Protection.  If was a fun time and thanks again to […]

%d bloggers like this: