Innovation: Symantec’s Norton Security Team

in , , , , , , , ,

Prior to the release of Norton Internet Security 2009 in September of last year, and the subsequent release of the Norton 360 Suite, Symantec’s Norton products had such a reputation for bloat, resource hungriness, and being a general factor in system disorder, that most IT professionals had stopped recommending them for their consumer and SMB clients.

However, subsequent to the release of Symantec NIS2009, it has been a feel-good-fest about the Norton Internet Security products and Symantec.

A few questions had to be asked:

  • How did this happen?
  • What did Symantec do to bring this incredible change of mindshare?
  • How was Symantec able to restore the NIS brand in such a short period?

At the start of June 2009, I was invited to Symantec’s Culver City, California offices, and given the opportunity to speak, totally unfettered, with senior members of the consumer Norton Internet Security products.

I have come away from that meeting with a lot more respect for Symantec the company, and what they have been able to accomplish in turning things around.

Symantec’s Culver City, California Building
Located just east of the Culver City Mall, the Symantec offices here is located in a brand-new, LEED Gold-certified building.

This is a high security building. Everywhere in it demands that you authenticate yourself before access is granted. Or denied. Everywhere!

One in, we are led to a conference room, where introductions are made.

The Meetings with Symantec’s Norton Security Brain Trust
Including Sondra Magness, Symantec Public Relations Manager, who convened the event, Symantec attendees included:

  • Susan Tatro, Symantec Consumer Public Relations
  • Dave Cole - Sr. Director Product Management, Consumer Products
  • Bill Rosenkrantz - Director Product Management, Consumer Products
  • Jens Meggers - VP Engineering, Consumer Products
  • Kevin Haley - Director, Product Management, Security Response
  • Tim Lopez - Beta Test Coordinator/User Forum Manager
  • Tony Weiss - Senior Beta Test Coordinator/User Forum Manager

In all, a very senior level meeting.

We are then informed that the sessions for the day would include us asking anything we want.

“Yeah, right!” thought yours truly.

Why? My (jaded) experience had taught me that quite a few companies talk up a good game, but are unfortunately unable to back that up when it counts.

I would later find out that I was wrong in thinking Symantec was one of those companies.

Over the next several hours, we proceeded to be informed, and allowed to ask questions about not only the shipping product, but also the future product roadmap, and strategy.

While most of the answers are under a strict Non-Disclosure Agreement, or NDA, that I had agreed to, I can say here that not one of our questions went unanswered.

This is quite true: all our questions were answered!

The scope of the forthrightness of Symantec was unprecedented for me. Over the nearly two decades I have been in this business, and nearly three decades’ experience with computers, I have asked several questions of several highly placed sources in virtually all the ‘big’ companies over the years, and those very questions have been deflected if the correct answers differed from ‘the company line’.

Suffice it to say, I am impressed.

While the resultant effect of that NDA is that I have to be sufficiently obtuse in my answers here, I can say without equivocation that the questions I had put forth at the start of this post were answered, which I will share with you as best as I can.

Make sure the Perception ≠ the reality
I repeat: make sure the perception is NOT the reality!

In Internet Time, a misstep is quite often fatal.

For a product specifically created to provide border security for users’ web browsing and connectivity, the Symantec consumer security products, had gone off in several tangents, acquiring bloat – in the name of increased functionality, becoming resource hungry, and generally suffering from the sort of malaise that inflicts products where their focus has strayed from the original mission.

That is not good.

It is, however, reassuring to see that Symantec took this perception of the Norton family of security product’s slowly turning into a piece of excrement — in some people’s minds — becoming a reality very seriously, and better than that, acted swiftly.

In January of 2008 at the 2008 International Consumer Electronics Show, or CES 2008 in Las Vegas, I had the opportunity to dine with Rhonda Shantz of Symantec, where she proceeded to tell a very skeptical me that the next version of Norton Internet Security (v2009) would restore my faith in the product. Her money quote, “We have re-architected the product from the ground up.”

I disbelieved her. My mea culpa to that disbelief is here. http://bit.ly/17Qedg 

In January of this year, Symantec Public Relations Manager, Sondra Magness, invited me to a dinner, at CES 2009 in Las Vegas, where I had the opportunity to ask Rowan Trollope, Senior Vice President at Symantec, about the change in fortunes for NIS.

His simple answer: he told his staff what he wanted the NIS2009 product to be, and told them to make it so.

Pretty telling.

Here are the things he didn’t do:

    • He didn’t bury his head in the sand, ostrich-like, resting on the twin laurels of market-share dominance, and units sold;
    • He didn’t ask for ginny’d up figures to justify those numbers;
    • He didn’t ask his minions to go out into the streets of Venice (California) to pick up $20 a day ‘focus group’ members who would say anything for that same $20.

He took the telemetry coming in, added the growing crescendo of customer angst, and decided that on that course, the Norton brand was on the path to reputational suicide, a one-way trip in this Internet Age.

He made a decision, and charged his staff with producing. In the process not only saving, but also resuscitating the Norton brand.

For which I am sure Peter Norton is pleased.n360_mainui_l

Innovation is alive and well at Symantec
Regular readers of this blog know my position on innovation: without it, YOU WILL FAIL. Always.

Well, as with companies such as Samsung, Microsoft, and GE, Symantec understands this. Furthermore, unlike those companies (except Samsung, which has a self-imposed shelf date), Symantec’s security products have a marketplace-determined end-of-life date: the last day of each year.

As a result, Symantec is on the proverbial treadmill. Mix in the nefarious miscreants trying to undermine our collective computing experience, and you would start to understand the scale of the burden they shoulder.

In this morass, however, Symantec is steadfast about innovation. They are not standing still.

From product development, to future goals and strategies, I saw moves designed to keep the customer, in this case the end user, in control.

While we all know the little things that make NIS2009 a joy to use, from the swift install, to the little memory footprint, to the little CPU usage meter in NIS2009 that shows both system CPU usage and NIS2009 usage, the product tries to balance speed with usefulness and user control. And succeeds.

This though, is not some strange fluke. It is actually engineered for.

Symantec takes the (social) community seriously
By now, all of us, especially me, have had it up to our necks with those silly companies that spout nonsense about Web 2.0 without actually taking the time to borrow a clue.

Symantec, on the other hand, already harnesses the social community to great success.

Symantec’s MVPs are not company employees, but a series of dedicated users providing Symantec’s customers with support and being interlocutors in an invaluable feedback loop.

With it, the wonks at Symantec, I assume, are able to make real time analyses of incoming data, and use it to fine-tune their strategies, or products.

Furthermore, there are three principal labs worldwide, providing round-the-clock protection. Pretty impressive.

Symantec listens
When a company reaches middle age, it tends to have as managers, yum-yums who are just resting-and-vesting.

Due to that, any news that is seen as rocking the stock option/restricted stock vesting process is swiftly but silently shot down. In addition, narrowly and adroitly screened focus groups would be brought in to bolster the plans of that rester-and-vester. That is obviously not the case here.

It is a testament to the success of the company that the managers do listen.

We were walked through the incident capture, documentation, and resolution stages. It is a rigorous, detailed process where documentation is key. The end result is a product that is the beneficiary of the Community in its detection speed, and efficacy.

That is what listening to the community brings to the table.

For lesser products, especially those without an active community, the ability to identify, and intercept trending threats is greatly diminished. In fact, I would hazard a guess that most of those also-rans use the information coming out of Symantec to initialize their intercept protocols.

Pushing the envelope is part of the daily job
I cannot divulge this part of the day without incurring the wrath of Symantec’s Legal Department, and becoming the recipient of several snottograms.

However, I can tell you that the directions the Norton team at Symantec is pushing the consumer product is unprecedented, novel, and will lead to quicker identification and interdiction of threats, faster scanning and performance, and lower system utilization.

Believe that!

Conclusions
In computing, one is very easily jaded, and the resultant cynicism is hard to avoid.

However, it is the efforts of a few companies such as Symantec that, for want of a better phrase, ‘keep hope alive’.

Not only did I come away from that visit more enthused about Symantec, but I was pleased that the trust I, and by proxy, Logikworx, had placed in the Norton product.

Furthermore, I have developed such a confidence in their products, that I have asked my staff to include Symantec’s small business and enterprise products in our current tests of a replacement for CA’s business product. That test is now a bakeoff between Symantec, and Microsoft’s ForeFront products. It will be interesting to see how that turns out.

That said, what will drive the next wave of antivirus/antimalware products will be innovation. Both evolutionary and revolutionary innovation. While there would still be ‘Eureka’ moments by the odd inventor, by and large, innovation must be planned for.

The companies that innovate will rule the earth.

Symantec will be one of them.

Follow me on Twitter
This article previously appeared in the July 2009 issue of The Interlocutor.