Symantec Managed Security Services Completes Second Annual SAS 70 Type

    Business Editors/Technology Writers

    CUPERTINO, Calif.--(BUSINESS WIRE)--March 28, 2005--Symantec Corp. (Nasdaq:SYMC), the global leader in information security, today announced it has obtained its second annual Statement of Auditing Standard No. 70 (SAS 70) examination report for its Managed Security Services security operations center (SOC) in Alexandria, VA. This report helps to validate the controls within Symantec's comprehensive, round-the-clock security monitoring, management and response SOC for its enterprise customers. The objective of the SAS 70 review was to provide Symantec's Board and Symantec's Managed Security Services customers with an independent examination of the applicable internal controls placed into effect in Symantec's global network of SOCs administered in Alexandria, VA.
    "Companies looking to outsource the management of their critical infrastructure should require third-party reviews to be performed on their service provider's internal controls," said Grant Geyer, vice president, Symantec Managed Security Services. "Symantec customers can be assured that with the completion of our second annual SAS 70 Type II audit, our managed security services continues to be consistent, safe and reliable."
    Many companies, especially financial services and other highly regulated organizations, require credible proof that a managed security services provider (MSSP) has processes and controls in place to provide a consistent, stable and secure environment to safely monitor and manage customer data throughout the organization. Issued through guidance established by the American Institute of Certified Public Accountants, the SAS 70 Type II auditor's report provides assurances regarding specific control objectives that Symantec has designed to meet customers' unique needs.
    "A third-party review of a partner's security controls is becoming increasingly necessary in today's marketplace," said Paul Proctor, vice president with META Group. "Obtaining SAS 70 Type II certification creates an immediate trust between partners and demonstrates compliance with the standard of due care for security and risk controls."
    Symantec is the only global MSSP to meet the auditing requirements for SAS 70 Type II as well as the certification requirements of British Standard 7799 (BS7799), an equally prestigious international standard for establishing, implementing and documenting an effective information security management system. Symantec Managed Security Services leverages global intelligence to offer fast and accurate analysis of security data to protect customers against emerging threats and reduce overall security risk. Its 24x7 real-time services enhance an organization's information security posture through continuous monitoring and management, expert analysis, and immediate response to potential security threats.

    Symantec Global Services and Support

    Symantec Global Services and Support provides security services, technical support, and information security content for enterprises and consumer users. With a trusted team of security researchers, analysts, and engineers worldwide, Symantec offers customers the most comprehensive security expertise needed to help plan for the future and respond to today's evolving security challenges. Symantec's Global Services and Support provides customers with the knowledge and range of options to build an effective security program that suits their needs.

    About Symantec

    Symantec is the global leader in information security providing a broad range of software, appliances and services designed to help individuals, small and mid-sized businesses, and large enterprises secure and manage their IT infrastructure. Symantec's Norton brand of products is the worldwide leader in consumer security and problem-solving solutions. Headquartered in Cupertino, Calif., Symantec has operations in more than 35 countries. More information is available at http://www.symantec.com.

    NOTE TO EDITORS: If you would like additional information on Symantec Corporation and its products, please view the Symantec Press Center at http://www.symantec.com/PressCenter/ on Symantec's Web site. All prices noted are in US dollars and are valid only in the United States.
    Symantec and the Symantec logo are trademarks or registered trademarks, in the United States and certain other countries, of Symantec Corporation. Additional company and product names may be trademarks or registered trademarks of the individual companies and are respectfully acknowledged.

--30--MC/sf*

CONTACT: Symantec Corporation Yunsun Wee, 310-449-7009 ywee@symantec.com or Connect Public Relations Sherri Walkenhorst, 801-373-7888 sherriw@connectpr.com

KEYWORD: CALIFORNIA VIRGINIA INDUSTRY KEYWORD: HARDWARE SOFTWARE NETWORKING INTERNET E-COMMERCE PRODUCT SOURCE: Symantec Corporation

Copyright Business Wire 2005