Press Release

LinkedIn Facebook Twitter RSS

Symantec Managed Security Services Completes Second Annual SAS 70 Type II Examination

Report Assures Customers Consistent, Stable And Secure MSS Operations

CUPERTINO, Calif. - March 28, 2005 - Symantec Corp. (NASDAQ: SYMC), the global leader in information security, today announced it has obtained its second annual Statement of Auditing Standard No. 70 (SAS 70) examination report for its Managed Security Services security operations center (SOC) in Alexandria, VA. This report helps to validate the controls within Symantec's comprehensive, round-the-clock security monitoring, management and response SOC for its enterprise customers. The objective of the SAS 70 review was to provide Symantec's Board and Symantec's Managed Security Services customers with an independent examination of the applicable internal controls placed into effect in Symantec's global network of SOCs administered in Alexandria, VA.

"Companies looking to outsource the management of their critical infrastructure should require third-party reviews to be performed on their service provider's internal controls," said Grant Geyer, vice president, Symantec Managed Security Services. "Symantec customers can be assured that with the completion of our second annual SAS 70 Type II audit, our managed security services continues to be consistent, safe and reliable."

Many companies, especially financial services and other highly regulated organizations, require credible proof that a managed security services provider (MSSP) has processes and controls in place to provide a consistent, stable and secure environment to safely monitor and manage customer data throughout the organization. Issued through guidance established by the American Institute of Certified Public Accountants, the SAS 70 Type II auditor's report provides assurances regarding specific control objectives that Symantec has designed to meet customers' unique needs.

"A third-party review of a partner's security controls is becoming increasingly necessary in today's marketplace," said Paul Proctor, vice president with META Group. "Obtaining SAS 70 Type II certification creates an immediate trust between partners and demonstrates compliance with the standard of due care for security and risk controls."

Symantec is the only global MSSP to meet the auditing requirements for SAS 70 Type II as well as the certification requirements of British Standard 7799 (BS7799), an equally prestigious international standard for establishing, implementing and documenting an effective information security management system. Symantec Managed Security Services leverages global intelligence to offer fast and accurate analysis of security data to protect customers against emerging threats and reduce overall security risk. Its 24x7 real-time services enhance an organization's information security posture through continuous monitoring and management, expert analysis, and immediate response to potential security threats.

Symantec Global Services and Support
Symantec Global Services and Support provides security services, technical support, and information security content for enterprises and consumer users. With a trusted team of security researchers, analysts, and engineers worldwide, Symantec offers customers the most comprehensive security expertise needed to help plan for the future and respond to today's evolving security challenges. Symantec's Global Services and Support provides customers with the knowledge and range of options to build an effective security program that suits their needs.

About Symantec
Symantec is the world leader in providing solutions to help individuals and enterprises assure the security, availability, and integrity of their information. Headquartered in Cupertino, Calif., Symantec has operations in more than 40 countries. More information is available at

NOTE TO EDITORS: If you would like additional information on Symantec Corporation and its products, please view the Symantec Press Center at on Symantec's Web site. All prices noted are in US dollars and are valid only in the United States.

Symantec, the Symantec logo, VERITAS, and the VERITAS logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the United States and certain other countries. Additional company and product names may be trademarks or registered trademarks of the individual companies and are respectfully acknowledged.