Symantec Encryption vs PGP Encryption?

I have narrowed the list to two providers of encryption solutions -  Symantec or PGP.  Which is a more proven, stable, and reliable (yet fully functionally) product for a complete encryption solution?   This will be for a healthcare practice, where single-sign on is a needed component.

FYI - the company already uses some Symantec products (Backup Exec, Symantec Anti Virus, and Symantec System Recovery)

Thank you for any expert insight!
LVL 1
davisAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Rich RumbleSecurity SamuraiCommented:
You'd have a good "in" with symantec, we did not like their offering, and PGP was too expensive for our budgets, but they are in most circles, the market leader. We used PointSec from CheckPoint for our full disk encryption, it has proven to be a great tool over the past 2years, we have used their support maybe 5 times. We too have Symantec for backup and AV in some of our acquisitions, and once they worked with pointsec they too want on board. All of this is opinion, you really have to test and do proof of concepts and have them in your labs to get the feel for them. Each vendor is FIPS-140-2 certified among other accreditation's that should be applied to your testing criteria. Single-Sign-On can be a security risk itself if not coupled with a second factor (2-factor) authentication
http://www.sans.org/reading_room/whitepapers/authentication/secure-implementation-enterprise-single-sign-on-product-organization_1520
-rich
Jason WatkinsIT Project LeaderCommented:
I have only used the PGP products, which are expensive, but cheap when considering the costs of a compromise, or leak. I would make sure there is a way for the Enterprise to be able to recover lost or forgotten encryption keys before adopting any system.
bbaoIT ConsultantCommented:
> All of this is opinion, you really have to test and do proof of concepts and have them in your labs to get the feel for them
> Single-Sign-On can be a security risk itself if not coupled with a second factor (2-factor) authentication

strongly agree with richrumble about his points above, though according to your situation i would likely choose Symantec if i was you, for better integration and lower training cost.
Acronis True Image 2019 just released!

Create a reliable backup. Make sure you always have dependable copies of your data so you can restore your entire system or individual files.

McKnifeCommented:
Hi.
I have compared PGP wholdisk encryption with the pointsec product, I did not try symantec, however.
First: The price is comparable if you don't need the enterprise universal server which costs a lot but is usually to be considered optional but helpful in large environments. It is needed for example if you need to roll out the product, without it, installations will have to be done manually (which takes some time, maybe 3-10 minutes per pc based on your config).

The PGP SSO and Pointsecs SSO were used in my tests and PGP was more straight forward, although Pointsec was fine, too.
davisAuthor Commented:
We would be more 'in'-tegrated if using Symantec Endpoint Encryption.  The potential to centrally manage this service, along with other Symantec components, makes it very appealing.  Although, I am somewhat nervous about adopting this product solely based on this fact.  In my experience, other Symantec products, such as endpoint protection, were riddled with issues early on.  I would like to know if endpoint encryption does not have a poor reputation among the user community and is, in fact, a solid product. I understand  the Endpoint Encryption was originally an Altiris product.  Does anyone have any experience with or an understanding of the reliability/stability of Endpoint Encryption?  As well, can anyone speak to the reliability/stability of PGP?  Thanks for any insight!
Rich RumbleSecurity SamuraiCommented:
Now you might not have to differentiate PGP/Symantec... http://www.theregister.co.uk/2010/04/29/symantec_buys_pgp/
-rich
davisAuthor Commented:
Well, I guess that makes a decision between the two a little easier!  I wonder if it's worth getting 'into' Symantec encryption now, knowing that there are big changes ahead.  Would one would want to deploy a Symantec-based system next month if there was potential for a merger to create an entirely different product in a year?  There may be new technologies, new consoles, new client agents, etc.  What are your thoughts?  Thanks!
Rich RumbleSecurity SamuraiCommented:
It is an interesting twist, Symantec also bought GuardianEdge, another encryption house who specialize in full disk encryption. It could be Symantec is buying them to make a better product, or to even "embrace, extend and extinguish" the competition...  http://en.wikipedia.org/wiki/Embrace,_extend_and_extinguish
GuardianEdge also has offerings in the mobile market, so perhaps they are gunning for a best of breed product, with tie-ins to DLP and most certainly regulatory and federal requirements.
What I think in the end though, is that PGP is a better product than Symantec's, McAfee eff'd up when they let it languish and did nothing with it.
I like this quote: http://searchsecurity.techtarget.com/news/article/0,289142,sid14_gci1511112,00.html
"Up until a year ago, Symantec was a place where good software went to die," Selby said. "Symantec has aggressively turned that around but they're still fighting years and years of badly managed, badly integrated acquisitions."
I've used Symnatec's NAC and DLP products, I was more impressed by those two before being aquired by symantec, Sygate and Vontu respectively. I personally don't have much hope that they will fair better with encryption offerings initially. I've been wrong before (however seldom :)
-rich

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
davisAuthor Commented:
All extremely helpful information...  It appears there may not be a 'perfect' solution with the encryption products.  Good point about the tie-ins to DLP and compliance with federal and regulatory requirements - the healthcare market will surely be included, which is a must-have or this practice.  With that in mind - may be leaning toward Symantec.  As well, based on  your recommendation, I plan to lab test and do proof of concept, prior to rollout.  Many thanks -
bbaoIT ConsultantCommented:
> It appears there may not be a 'perfect' solution with the encryption products.

nothing is perfect, for everything. :-))

> I plan to lab test and do proof of concept, prior to rollout.

definitely it is the right approach.

good luck,
bbao
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
OS Security

From novice to tech pro — start learning today.