Symantec CEO says no Vista for me
By Joris Evers, CNET News.com,
February 19, 2007
zdnetindia.com

Excerpt:

You've said that managing user identities is one of the most pressing challenges that face enterprises today. You've said that identity management is in an area where Symantec might acquire a company. Where are you at when it comes to that?

Thompson: Identity management has to be parsed based upon whose identity you are trying to protect. At the corporate level, there is no shortage of solutions that corporations have tried to deploy for years to solve this identity management problem, so I just don't think that's an area where Symantec should expend its resources.

However, on the consumer side, I think there is more that Symantec can do with its broad consumer client footprint that would allow us to deliver an identity management solution that would give consumers confidence in their online experience. So we'll concentrate there.

It seems that your position on identity management has changed.

Thompson: Yes, a year or so ago we were really studying the opportunity, and we looked long and hard at what our entry point would be. And we looked at a number of technologies that we had in our own portfolio or things that we could acquire, and when we kind of stepped away from it and did the customer validation side, what customers said was, look, we already have something, we haven't fully deployed it, we haven't deployed it because the management of the key infrastructure around identities is so complex, and so we don't need help there at all.

Yet when you go and you ask consumers: "What are you worried about?" They're worried about phishing, identity theft, online fraud, all things that are undermining their confidence in doing more and more online. So we think there's a place where we can make a difference.

At the Demo conference recently you showed off an early version of a product called Norton Identity Manager. What is the purpose of that product?

Thompson: The Norton Identity Client is focused on the idea of helping a consumer have, let's say, single-use credit card numbers where they can go to an online site, facilitate a transaction, but not have to worry about having their credentials visible to the world at large. It's a one-time use phenomenon. Or being able to validate a site as being a legitimate site, knowing that the bank or the e-tailer that I'm interacting with is who I thought I was interacting with.

When I read some of the description of Norton Identity Manager it also made me think of Microsoft Passport. You suggest people use their Norton accounts to pay for online shopping, for example. Passport failed. Is Norton Identity Manager different?

Thompson: Well, there may be some techniques and technologies that are similar, but I think there are two fundamental things that are different. One, it's a different moment in time. When Microsoft attempted Passport the market wasn't quite ready for that. People didn't perceive that there was a problem that needed to be solved by Microsoft. Two, and perhaps more important, they didn't trust the company that wanted to offer the solution. So technology without trust is going to flounder, and that's what essentially happened with Passport.