Symantec Readies Cloud Security App For Salesforce.com

In keeping with its promise to expand its reach to the cloud, Symantec executives said the company plans to launch a new application designed to help secure Salesforce.com environments.

Symantec will release Symantec Security Assessment for Salesforce, an application designed to provide greater visibility into customers' IT infrastructure to include cloud applications such as Salesforce. The application, which integrates with Symantec Control Compliance Suite, gives users a holistic picture of thet risk and compliance environment for the cloud as well as on-premise platforms.

The partnership with Salesforce.com, announced at its Vision Conference Tuesday, also gives Symantec access to the Salesforce.com partner ecosystem, which enables the company to build applications using Force.com technologies, distribute to new customers and market to existing customer via the AppExchange.

Meanwhile, the new application seems to be one of the first steps in the company's stated strategy to expand security into the cloud.

Francis DeSouza, Symantec senior vice president of the enterprise security group, said that customers are adopting cloud infrastructure because of its agility but at the same time are on the hook by regulatory compliance agencies for the security of their customers' data, even if its stored by a third party.

"Very often it’s a third party that gets breached but you're still fully liable," Desouza said, during a cloud panel at Vision Conference 2011. "It's not enough for us to have just as much security as we have today. We need better security and better governance than we had today. That's what our relationship with Salesforce is about -- let's put together a governance framework in security technologies."

And at least one Symantec channel partner said that Symantec's new application for Salesforce was a step in the right direction for protecting cloud data, ultimately providing a layer of security that gives customers added peace of mind while breaking down some of the barriers to adopting public cloud infrastructure.

"Salesforce has presented a monolith that's been workable for a lot of companies, whereas other cloud companies have struggled in some areas, especially in areas of providing their customers comfort in the areas of security and compliance," said Jonathan Dambrot, CEO of Warren, N.J.-based Prevalent Networks. "And now Salesforce is a platform that has started to take off, they are using it in ways that they haven't intended, and now they're looking to get coverage as they continue to build applications that are important and move those applications into the cloud."

Dambrot said that he didn't think the security application served as "window dressing" for Symantec's purported expansion into cloud security or would instill a false sense of security for customers putting their data in the cloud.

"Depending on how much integration is there, I don't think it is window dressing. People are actually very interested in the security and compliance part of where their information sits," he said. "I don't claim to know everything about what (Symantec) is doing, but being able to provide insight into the things that happen in Salesforce.com environment is hugely important to those customers -- at least the customers that I work with.

"I think people will start looking at where this has gone and is going, and it's interesting and important and relevant to the conversation," he added.

The application is slated to be available on AppExchange, a marketplace for business cloud apps, for beta testing and deployment by mid 2011.