Symantec integrates BindView for compliance push
Almost a year after completing its acquisition of BindView, Symantec has launched the Control Compliance Suite, which is a set of software tools designed to help companies adhere to regulations such as Sarbanes-Oxley.
BindView developed software for automating policy and compliance management, vulnerability and configuration management and directory and access management. Firms have come under increasing pressure to adopt such technologies in order to meet the increasing demands of financial reporting regulations.
David Sykes, vice president of Symantec Asia Pacific, told ZDNet Australia on Wednesday that although Control Compliance Suite 8.2 was based on the BindView product, its capabilities have now been extended to create a more useful set of tools.
"This is very much a new product. It comes off the policy manager product that was being developed by BindView and Symantec has taken that development and stepped it up to a new level," said Sykes.
Sykes explained that the product has an unusual version number for an initial launch (8.2) because Symantec adopted the BindView naming convention.
Jitesh Chanchani, senior product manager at Symantec, who was previously a BindView executive, pointed out that although the product is not a "SOX in a box" solution, there is a need for large companies to automate certain processes to make adherence to compliance regulations easier, cheaper and more efficient.
"The key thing here is we wanted to drive automation into the audit process so these are the key drivers for us as we design our solutions," said Chanchani.
According to Chanchani, companies with frequent audits are more likely to be compliant -- but that comes at a financial cost.
"We found that the companies that are the most successful in their IT audit are the ones that are auditing more than others. They are auditing several times a year so they have a constant handle on how they are doing in terms of compliance.
"Obviously that is coming at a huge cost because as it turns out they are spending three times more," he said.
Symantec's senior technical director, Tim Hartman, said that one of the major improvements in Symantec's compliance-related offering -- following the BindView purchase -- is an agent-less monitoring and policy enforcement solution.
"An agent-based tool can sample more stuff because it sits on the server but the problem is that if someone adds a new server without the agent then you can't scan it because you can't see it.
"With the BindView solution you see everything that you own," he said.