Merrill Turns to Verisign for Network Security

With the threat of network intrusion attacks on the rise, financial
services powerhouse Merrill Lynch is turning to security software company Verisign to manage hundreds of its network security devices worldwide.

Financial terms of the outsourcing deal were not released.

Verisign , based in Mountain View, Calif., has made a
name for itself in the securing of digital commerce and the multi-year deal
with Merrill Lynch gives the company a major foothold in the lucrative
market for providing managed security services.

The decision by Merrill to outsource its managed security comes on the
heels of a general trend among major enterprises to embrace risk assessment
in a proactive setting instead of sitting back and reacting to intrusion by
attackers. Instead of in-house IT administrators managing and reacting to
attacks, the brokerage firm’s plan is to turn the reins over to Verisign and
take advantage of the sophisticated data coming from a managed security
services provider.

Verisign already has partnerships in place with companies like IBM , Microsoft and RSA Security that allow for the
monitoring of security threats on a wider scale.

For Merrill Lynch, the deal also helps to beef up its systems to deal
with the threat of identity theft of its customer data. “This agreement
continues that tradition and sets a new precedent for data protection in
financial services,” said David Bauer, chief information security and
privacy officer for Merrill Lynch.

He said the company chose Verisign for the managed security contract
because of its superior event correlation tools, service level agreements
and security engineers. Specifically, Verisign will provide monitoring,
network intelligence, and management services for Merrill’s IT
infrastructure worldwide.

“Managed security services help mitigate risk and optimize resources,”
Verisign CEO Stratton Sclavos said, boasting of the company’s ability to
identify network security trends with “unmatched accuracy and
timeliness.”

“This first alert capability is incredibly important to our customers
because it enables them to take proactive measures against potential
security threats,” Sclavos said, nothing that the Merrill Lynch pact will
serve as the “cornerstone” for Verisign’s Managed Security solutions
unit.

Verisign, which also runs the .COM and .NET domain name registries,
provides security tools for the majority of e-commerce transactions. Its
portfolio includes managed services for firewalls, intrusion detection,
virtual private networks (VPNs), and authentication.