Press Release

LinkedIn Facebook Twitter RSS

Symantec Managed Security Services' Awarded BS7799 Certification

CUPERTINO, Calif. - June 11, 2002 ­ Symantec Corp. (Nasdaq: SYMC), the world leader in Internet security, today announced that its Managed Security Services’ security operations centers have been awarded certification under the British Standard (BS) 7799, a comprehensive specification that defines the requirements for establishing, implementing, and documenting an effective information security management system. BS7799 certification at the security operations centers assures Symantec customers and partners that their information and data are protected through controlled procedures, policies, and best practices.

Symantec’s BS7799-certified state-of-the-art security operations centers, located in San Antonio, Texas, and Southern England, provide Symantec clients with comprehensive, round-the-clock outsourced security management, monitoring, and response services through Symantec Managed Security Services analysts. Symantec Managed Security Services delivers cost-effective services that minimize an organization’s investments in technology and internal resources while effectively solving security problems.

“As one of the few organizations authorized to provide BS7799 certification, KPMG recognizes both the value and the difficulties of earning certification in today’s e-business environment, where security threats grow in number and complexity every day,” said James Keegan, head of certification services, KPMG. “KPMG is very pleased to have been able to award Symantec BS7799 certifications, which demonstrates that they have a sophisticated security infrastructure in place.”

Certification to BS7799, which typically takes between six and nine months, was a complex process. Symantec used proven policies, standards, procedures and records to implement and maintain a world-class information security management system that protects assets and manages risk in its security operations centers and ensures the integrity of information as it is shared internally and externally. Symantec completed BS7799 certification through an intensive security audit conducted by KPMG Certification Services, one of only seven organizations designated by the United Kingdom Accreditation Services (UKAS) as qualified to audit for compliance to the exhaustive standard. After certification, regularly scheduled reviews and audits are required to maintain compliance.

“We are very pleased to be awarded this rare certification. This certification provides powerful evidence of Symantec’s operational maturity and unrelenting commitment to safeguarding the confidentiality, integrity and availability of customer’s critical information,” said Craig Robinson, vice president of Symantec’s managed security services.

First published in 1995, BS7799 became so widely accepted in many countries as a code of practice for information security that it developed into an international standard, ISO17799, approximately six years later. However, while ISO17799 describes the model for information security management systems in the international arena, BS7799 certification remains the only proof that an organization actually complies with the exacting standard.

About Symantec
Symantec is the world leader in providing solutions to help individuals and enterprises assure the security, availability, and integrity of their information. Headquartered in Cupertino, Calif., Symantec has operations in more than 40 countries. More information is available at

NOTE TO EDITORS: : If you would like additional information on Symantec Corporation and its products, please view the Symantec Press Center at on Symantec's Web site. All prices noted are in US dollars and are valid only in the United States.

Symantec, the Symantec logo, VERITAS, and the VERITAS logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the United States and certain other countries. Additional company and product names may be trademarks or registered trademarks of the individual companies and are respectfully acknowledged.