Press Release

LinkedIn Facebook Twitter RSS

Symantec Managed Security Services Completes SAS 70 Type II Audit

Only Global MSSP to Meet Requirements for Both SAS 70 Type II and BS7799 Certification

CUPERTINO, Calif. - Nov. 3, 2003 - Symantec Corp. (Nasdaq: SYMC), the world leader in Internet security, today announced it has obtained a Statement on Auditing Standards No. 70 (SAS 70) audit report for its Managed Security Services security operations center (SOC) in Virginia. This attestation validates that Symantec's control objectives and related control processes and procedures have passed rigorous, third-party testing to effectively provide comprehensive, round-the-clock security monitoring, management and response for enterprise customers. The objective of the SAS 70 review was to provide Symantec's Board and Symantec's Managed Security Services customers with an independent examination of the applicable internal controls placed into effect at Symantec's Alexandria SOC.

Symantec is the only global Managed Security Service Provider (MSSP) to meet the auditing requirements for SAS 70 Type II as well as the certification requirements of British Standard 7799 (BS7799), an equally prestigious international standard for establishing, implementing and documenting an effective information security management system.

Many companies, especially financial services organizations that are highly regulated, require credible proof that a managed security services provider has processes and controls in place to provide a consistent, stable and secure environment to safely monitor and manage customer data throughout the organization. Issued through guidance established by the American Institute of Certified Public Accountants, a SAS 70 Type II auditor's report provides assurances regarding specific control objectives that Symantec has designed to meet customer's unique needs.

"With completion of SAS 70 Type II audit, Symantec customers can be assured that our managed security services are consistent, safe and reliable. Companies seeking any outsourced services should expect third-party reviews be performed on their service provider's internal controls, and outsourced managed security services," said Grant Geyer, vice president, Symantec Global Managed Security Services. "We are extremely proud to pass this stringent requirement and pleased to be the only global Internet security company to possess both SAS 70 Type II attestation and BS7799 certification."

Symantec's SAS 70-audited state-of-the-art security operations center, located in Alexandria, Virginia, provides customers with comprehensive, round-the-clock security monitoring, management and response services. Symantec Managed Security Services delivers cost-effective services that minimize an organization's investments in technology and internal resources while effectively solving security problems.

Symantec Managed Security Services
Part of Symantec's Enterprise Security Services, Symantec Managed Security Services delivers industry leading security monitoring, management, and response to its clients. Its 24x7 real-time services enhance an organization's information security posture through continuous monitoring and management, expert analysis, and immediate response to potential security threats. From Symantec's Security Operations Centers (SOCs) around the world, Symantec Managed Security Services provides flexible, vendor-neutral offerings to meet a variety of business needs. Symantec Managed Security Services provides organizations with a real-time view of their enterprise security posture and the analysis and commentary needed to adjust defenses against emerging attacks, for optimal protection of mission-critical assets. For more information, please visit http://enterprisesecurity.symantec.com/SecurityServices/.

About Symantec
Symantec is the world leader in providing solutions to help individuals and enterprises assure the security, availability, and integrity of their information. Headquartered in Cupertino, Calif., Symantec has operations in more than 40 countries. More information is available at www.symantec.com.

NOTE TO EDITORS: : If you would like additional information on Symantec Corporation and its products, please view the Symantec Press Center at http://www.symantec.com/PressCenter/ on Symantec's Web site. All prices noted are in US dollars and are valid only in the United States.

Symantec, the Symantec logo, VERITAS, and the VERITAS logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the United States and certain other countries. Additional company and product names may be trademarks or registered trademarks of the individual companies and are respectfully acknowledged.