ABOUT SYMANTEC

Press Release

LinkedIn Facebook Twitter RSS

Symantec Secures Florida's State Government Agencies

Enterprise Security Manager Ensures Compliance with Security Policies, HIPAA Regulations

CUPERTINO, Calif. - April 01, 2003 - Symantec Corp. (Nasdaq: SYMC), the world leader in Internet security, today announced it is assisting authorities in the State of Florida to secure the state’s cyber infrastructures by identifying network vulnerabilities and monitoring agencies’ security policy compliance.

Under terms of a statewide contract agreement, Florida is working toward the deployment of Symantec NetRecon and Symantec Enterprise Security Manager (ESM) to protect a network of more than 142,300 workstations and mobile devices supporting more than 30 agencies, to continuously scan for network vulnerabilities and ensure full compliance with internal security policies.

Florida’s additional purchase of Symantec’s ESM for HIPAA application module allows state health authorities to automate and centralize security policy management and security assessments pertaining to health care information using Symantec Enterprise Security Manager. These proactive measures increase protection of patient data against unauthorized access, as required by the Health Insurance Portability and Accountability Act of 1996 (HIPAA). The primary objectives of HIPAA are to improve the efficiency and effectiveness of the health care system, help providers access patients’ health care information, standardize the way information is handled and ensure that patient health information remains strictly confidential.

“Our partnership with Symantec improves our ability to spot potential security weaknesses quickly and monitor the overall status of our networks to ensure absolute compliance with our internal security policies,” said Kimberly Bahrami, chief information officer for the State of Florida. “Given our large network environment supporting agencies across the state, holding systems to policy is crucial for preventing weaknesses that could result in compromised systems during a network attack.”

Florida’s state IT administrators are utilizing Symantec NetRecon to monitor the networks of all state agencies, such as those responsible for public health, law enforcement and transportation, for potential vulnerabilities in software and hardware or configuration and administration weaknesses that constitute security risks. Additionally, Symantec ESM collects data from across Florida’s networks and presents a single reference for ongoing assessments of the network’s compliance with Florida’s defined security policies.

“Maintaining uniform security policies and rapidly identifying system vulnerabilities so action can be taken are two of the greatest security challenges facing both public and private sector enterprises,” said Glenn Taylor, director, state and local government and academic programs, Symantec. “Florida’s IT authorities typify a successful approach to managing risk in these areas by adopting technologies that continually measure against a policy baseline and automatically probe for internal security weaknesses.”

Symantec NetRecon provides network vulnerability assessment with progressive scanning technology. Its unique root-cause analysis engine illustrates the exact sequence of steps taken to uncover vulnerabilities. NetRecon displays vulnerability data as it scans, then provides the appropriate reports so administrators do not have to search through volumes of data. Reports can be tailored to technical or executive audiences and frequent security updates via Symantec LiveUpdate provide the latest vulnerability signatures and alerts.

Symantec ESM, an industry-leading policy compliance and vulnerability assessment solution, automates the discovery of security vulnerabilities and deviations of security policies in critical applications and servers across the enterprise from a single location. It allows IT administrators to create a pre-defined security baseline for every system on the network and measure performance against that baseline. Symantec ESM for HIPAA is a policy module that seamlessly integrates into Symantec ESM. Based on the HIPAA security standard 142.308, Symantec ESM for HIPAA provides pre-configured HIPAA-based security policies, allowing organizations to audit their environment for HIPAA security standard compliance. The HIPAA policies are designed specifically to protect the confidentiality, integrity and availability of data.

About Symantec
Symantec is the world leader in providing solutions to help individuals and enterprises assure the security, availability, and integrity of their information. Headquartered in Cupertino, Calif., Symantec has operations in more than 40 countries. More information is available at www.symantec.com.

NOTE TO EDITORS: : If you would like additional information on Symantec Corporation and its products, please view the Symantec Press Center at http://www.symantec.com/PressCenter/ on Symantec's Web site. All prices noted are in US dollars and are valid only in the United States.

Symantec, the Symantec logo, VERITAS, and the VERITAS logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the United States and certain other countries. Additional company and product names may be trademarks or registered trademarks of the individual companies and are respectfully acknowledged.

@Symantec