Merrill Turns to Verisign for Network Security

With the threat of network intrusion attacks on the rise, financial services powerhouse Merrill Lynch is turning to security software company Verisign to manage hundreds of its network security devices worldwide.

Financial terms of the outsourcing deal were not released.

Verisign, based in Mountain View, Calif., has made a name for itself in providing security measures for digital commerce. The multi-year deal with Merrill Lynch gives the company a major foothold in the lucrative market for providing managed security services.

The decision by Merrill to outsource its security management comes amid a general trend among major enterprises to embrace risk assessment proactively rather than sitting back and reacting to intrusion by attackers. Instead of in-house IT administrators managing and reacting to attacks, the brokerage firm’s plan is to turn the reins over to Verisign and take advantage of the sophisticated data coming from a managed security services provider.

Verisign already has partnerships in place with companies like IBM , Microsoft and RSA Security that allow for the monitoring of security threats on a wider scale.

For Merrill Lynch, the deal also helps to beef up its systems to deal with the threat of identity theft of its customer data. “This agreement continues that tradition and sets a new precedent for data protection in financial services,” said David Bauer, chief information security and privacy officer for Merrill Lynch.

He said the company chose Verisign for the managed security contract because of its superior event correlation tools, service level agreements and security engineers. Specifically, Verisign will provide monitoring, network intelligence, and management services for Merrill’s IT infrastructure worldwide.

“Managed security services help mitigate risk and optimize resources,” Verisign CEO Stratton Sclavos said, boasting of the company’s ability to identify network security trends with “unmatched accuracy and timeliness.”

“This first alert capability is incredibly important to our customers because it enables them to take proactive measures against potential security threats,” Sclavos said, nothing that the Merrill Lynch pact will serve as the “cornerstone” for Verisign’s Managed Security solutions unit.

Verisign, which also runs the .COM and .NET domain name registries, provides security tools for the majority of e-commerce transactions. Its portfolio includes managed services for firewalls, intrusion detection, virtual private networks (VPNs), and authentication.