Technorati
Digg
Delicious
Reddit
StumbleUpon
Yahoo
Twitter
Facebook
Newsvine
Protecting Customers’ Privacy
Protecting our customers' privacy remains a top priority. That's why we have a comprehensive and transparent privacy policy in place, so that customers can choose what information to share with Symantec and how that information is used. For more, read our complete privacy policy, and learn about all of our Consumer Protection efforts.
In 2008, we updated the Symantec Privacy Policies; our revisions are based on Generally Accepted Privacy Principles (GAPP), which are founded on significant international privacy laws. We are also in the process of updating our publicly distributed privacy notices for the purposes of improved compliance and better communication. We are also developing new internal standards and business practices to support these new policies.
Finally, we are improving our operations to better protect our customers’ privacy. All projects, supplier reviews, mergers and acquisitions, and product development cycles now include privacy risk assessments. Furthermore, we have initiated projects to further introduce privacy safeguards into the management of information and enhance Symantec’s capacity to respond to increasing expectations of both consumers and government agencies.
Privacy Training
Symantec launched mandatory privacy awareness training for all employees in the first quarter of FY08. Mandatory training materials have been translated and are now available in six languages. In addition, webinars on privacy-related topics are presented to specific departments within Symantec on an ongoing basis. To date, webinar topics have included privacy and social media, privacy by design, privacy in contracting, and privacy for human resources and payroll, among others.
Privacy Governance and Oversight
Spam Protection
Email spamming from third parties is a growing problem on the Internet. Spam campaigns can include misinformation about Symantec and our products. We take our customers' privacy very seriously and want to provide you with the tools and information to protect yourself against suspicious spam, as well as pirated software or credit card fraud.
Visit Symantec's Anti-Piracy Web site for useful information, including tips for recognizing spam and how to report it to Symantec and other authorities.
Software Assurance
We work tirelessly to assure that all Symantec software functions in its intended manner. Our extensive software assurance mechanisms are designed to prevent exploitable vulnerabilities; inspire confidence that software, when executed, functions as intended; and ensure software processes and products conform to requirements, standards, and procedures.
Symantec takes numerous steps to assure that our products are safe and secure.
- Product development is governed by the Product Lifecycle, which assures that appropriate steps are taken for all products—from specification to development and manufacturing.
- Each product development group has its own quality assurance team to test and validate that the product functions as intended.
- The Chief Information Security Officer and Information Security Department assure the security of our networks and the computer systems used to develop products. This oversight ensures that only authorized personnel have access to Symantec’s resources, which helps prevent product tampering.
- The Human Resources Department conducts background checks for all job applicants to assure the reputation of Symantec’s personnel.
- The Physical Security Department assures that all facilities are protected from encroachment. Source code repositories and development labs are under a Restricted Access Area Management plan, which prescribes even higher levels of security for these sensitive areas.
- The Crypto Review Board oversees the use of cryptographic algorithms and keys for all Symantec products to assure that customer data is safe and secure when in transmission, memory, or storage.
- The Open Source Review Board assures that the use of all open source components within Symantec’s products is both secure and compliant with all appropriate laws and licenses.
- The Product Security Department performs static code analysis and dynamic penetration testing to assure that vulnerabilities in Symantec products are identified and corrected as quickly as possible. This department also provides training to all of Symantec’s product development personnel in techniques for designing and programming secure, defect-free products.
Business Continuity and Disaster Recovery
Symantec’s Business Continuity/Disaster Recovery (BC/DR) Program is a key component of our business model. A comprehensive set of BC/DR Plans are in place to ensure our people, procedures, processes, and infrastructure are protected in the event of a disruption to normal operations. Our primary focus is to limit the impact on the company's financial position and reputation, while maintaining our ability to deliver services to our customers. This is accomplished through a geographically flexible model where several locations provide coverage and backup for primary locations to enable continuity and immediate response to our customers’ critical support requirements.
Symantec has tested its continuity capability for manufacturing and vendor fulfillment, technical support services, security responses and managed security services in the event that facilities, business processes or their technology support, or staff, at global region locations are unavailable. We have built-in redundancy and backups so that we can continue to seamlessly maintain the services and products used by clients.
