Security company Symantec has moved its security operations centre (SOC) from a nuclear bunker just outside Winchester to its campus in Reading, which used to be the old Veritas office. John Brigden, senior European vice president for Symantec, said the bunker was secure, with its 12-foot thick walls, but had "questionable sanitation".
To enter the SOC, technicians go through a double door which Symantec refers to as a "man-trap". To go through the door, people must enter a password and use a fingerprint reader. Symantec said it had a rigorous hiring policy to mitigate insider threats.
The move was due to a lack of space in the old bunker. Symantec has increased the number of SOC technicians from "less than 20" last year to approximately 30 now, according to Art Wong, Symantec's senior vice president of managed security services. "Basically we just outgrew capacity," said Wong. The new SOC is big enough to accommodate the present technicians as well as future expansion, Wong said.
Symantec has four SOCs worldwide, taking information from 40,000 client sensors and millions of honeypot inboxes that are set up to capture spam. The security company has plans to increase the number of sensors, depending on the number of new managed-services customers, according to Wong.
Technicians in the SOC perform real-time analysis of security data and logs, although the process is mostly automated. Symantec's security platform allows it to mine security data and correlate vulnerability and attack data, the company says.