Symantec Acquires PGP, GuardianEdge


Symantec is plunging into the encryption and key management space after it signed a deal agreeing to acquire e-mail and data encryption companies PGP and GuardianEdge Technologies.

Under the terms of the agreement, Symantec will purchase PGP for approximately $300 million in cash, and GuardianEdge for about $70 million in cash. The deal is expected to close some time during June quarter, however agreements are subject to variable closing conditions, such as regulatory approvals.

The move further solidifies Symantec as a competitive player in the data protection space, and could position the company as a market leader in the encryption arena. Specifically, the acquisition gives Symantec access to an array of data protection and encryption technologies including full disk, removable media, e-mail, file, folder and smartphone, in addition to its existing endpoint security, data loss prevention, and gateway security offerings.

Symantec executives reinforced that both acquisitions gave the company the ability to offer a comprehensive encryption and DLP solution for protecting data in the cloud, and on the endpoint, network and storage systems.

"As information becomes increasingly mobile, it's essential to take an information-centric approach to security," said Francis DeSouza, Symantec senior vice president of the enterprise security group, in a statement. "With these acquisitions, we can further protect information by using encryption in an intelligent and policy-driven way to give the right users access to the right information, enabling the trust that individuals and organizations need to operate confidently in an information-driven world."

Executives say that the duel acquisitions provide up-sell and cross-sell opportunities both for Symantec's sales team and for its channel partners. PGP's customer base runs the gamut from enterprise, to mid-tier and SMB. GuardianEdge, which is already an existing Symantec technology partner, has a vertical niche in the government sector.

Once the acquisitions are finalized, both PGP and Guardian Edge will become part of the Symantec Enterprise Security Group, headed by DeSouza.

Also following the close of both transactions, Symantec plans to take key features and functionalities from each of the companies' offerings and standardize them on the PGP key management platform in an effort to create a uniform centralized policy and key management capabilities across the entirety of its encryption product line.

Symantec also has designs to integrate the PGP key management platform into the Symantec Protection Center, which provides customers access to information and reports on threat, security and operational dashboards. Integrating the PGP key management platform is also aimed at simplifying and easing the management of endpoint security, DLP and gateway security products, which are also incorporated into the Symantec Protection Center.

Executives and security experts say that encryption is becoming a business-critical technology as the security environment increasingly becomes more information-centric and federal and state regulations, such as the HITECH Data Protection Act and state encryption laws, become more stringent.

Jon Oltsik, principal analyst for the Enterprise Strategy Group, said in a statement that the addition of PGP and GuardianEdge will give Symantec a geographically-dispersed install base, a PKI SaaS offering, a strong government presence and a wide range of encryption coverage that spans the mobile and mainframe spaces, among other things.

However, Symantec isn't the only security giant to take a stab at PGP. McAfee, then known as Network Associates, also acquired the struggling encryption company in 2001, but sold off the assets of the PGP product line in 2002
to an independent firm after PGP founder Phil Zimmerman left. The company later became the PGP Corporation.