Symantec to snap up Vontu?

Deal could mean one less independent vendor in the data-leak prevention market

Rumors are swirling that Symantec may acquire start-up Vontu in a deal that hardly would come as a surprise, as large security giants scramble to add data-leak prevention technology to their product portfolios.

While officials at Symantec and Vontu decline to comment, such an acquisition would be the latest in a handful of examples of large security companies buying data-leak prevention players in the past twelve months. For example, EMC’s RSA group in August announced plans to acquire Tablus for an undisclosed amount, while Cisco earlier this year acquired IronPort (which offers data-leak prevention features in its e-mail security appliance) for $830 million. Late last year, Websense bought Port Authority Technologies for $90 million, and McAfee bought Onigma for $20 million.

Disappearing DLP vendors

With Cisco, McAfee and EMC’s RSA already in the game, Symantec needs an answer for customers asking how they can protect themselves from insider threats.

Such acquisitions are reducing the ranks of independent data-leak-prevention players to very few, but are generally good news for the customers of such smaller companies. Becoming part of a larger company means their products probably will have a longer life than if the start-ups tried to go it alone, one analyst says.

“If Symantec buys Vontu, I think it’s good news; the products do work very well together at the gateway,” says Nick Selby, senior analyst and director of The 451 Group’s enterprise security practice. “While Symantec tends to be where good technology goes to die, it’s a very easy upsell for Symantec. And it’s good for other vendors in the space because it pulls their main competitor off the line.”

Such an acquisition also would bode well for customers looking to have data-loss-protection features integrated with other security products, which is where this market is heading anyway, Selby adds. “For existing Vontu customers, they would go from buying from a vendor to whom anti-data leakage was everything, to it being an important piece of something much bigger,” which is how the products should be viewed anyway, he says.

One customer of Vontu competitor Reconnex says he’s not concerned with his vendor’s ability to make it as an independent company, but worries what would happen to Reconnex products if the vendor were to be acquired. “We’ve had these situations where some of our vendors were bought and the service and product went downhill, so we left them,” says the customer, a security professional with a large technology manufacturer who asked not to be named.

The flurry of acquisitions of data-leak-prevention vendors by large security companies in the past year validates the need for these products, says one Reconnex executive. “Symantec or any large vendor first looks at the market and makes decisions based on their ability to deliver a home-grown solution vs. the time to market,” says Faizel Lakhani, Reconnex’s vice president of marketing. “Data-leak-prevention products are sophisticated [and] have taken vendors years to develop, and companies like Symantec can see the immediate value of acquisition vs. waiting to build it.”

Data-leak prevention is still a relatively young market, and one that not coincidentally gained steam a couple years ago, just as state laws were passed forcing companies to make public any data breach that potentially could put customers or employees at risk for identity theft. Because enterprises already had spent considerable time and money protecting their perimeters but found they were still vulnerable to threats, they looked inward.

At the same time, data-leak-prevention products were emerging that promised to protect enterprises from intentional or unintentional data leaks by discovering a company’s sensitive data and labeling it as such, setting policies regarding who could and could not access it, and monitoring – and eventually blocking -- employee actions.

Yet observers, including The 451 Group’s Selby, believe these capabilities should be integrated with other products -- namely, communication-security offerings that already have some basic data-leak-protection functions, for example, scanning outbound e-mail, instant messaging and Web traffic and flagging messages that contain information thought to be sensitive, such as Social Security or credit card numbers.

Adding the finely tuned content-inspection and policy-enforcement capabilities of some data-leak-prevention tools to these communication products would reduce the number of security products operating at an organization’s gateway, and offer universal management and policy enforcement to simplify administration.

According to the CEO of one of the few independent e-mail security vendors, the idea of fusing e-mail security and data-leak prevention is resonating with customers. “The continuing consolidation of the e-mail security and data-loss prevention markets has been advantageous to our business . . . [which] in the past year has been accelerating even more rapidly than in the past,” says Gary Steele, CEO of Proofpoint. He attributes this growth in part to his company’s innovation and focus, and in part to new business from alienated customers of competitors that have been acquired.

Learn more about this topic

WebSense to offer security inside and out

10/05/07

How well do you know your network?

10/18/06

Data-leakage prevention tools catch errors, not theft

09/11/07

Join the Network World communities on Facebook and LinkedIn to comment on topics that are top of mind.

Copyright © 2007 IDG Communications, Inc.

IT Salary Survey: The results are in