Some members of the new team came from acquired companies; others had been Mr. Thompson’s colleagues at IBM. But in many cases, Symantec’s key executives were senior people, like Ms. Hamilton, the former Compaq executive, who were recruited from market leaders. “John went out and got high-priced talented leadership and positioned them throughout the company,” says Greg Myers, one of the two remaining members of the old team.
Mr. Thompson also changed the compensation system. As a typical young aggressive technology company, Axent had based a large percentage of its compensation on stock options, which were allocated according to rank and performance. Because Symantec’s shares had long underperformed those of other Silicon Valley companies, it had compensated employees with higher-than-typical salaries, and perks, like BMWs. One of the ways the company aligned internal processes with the new strategy was to shift to a more incentive-based compensation structure.
“As a method for attracting and retaining talent, the prior leadership had used salary and cash compensation a little above the norm,” Mr. Thompson says. “As such, they had more assured compensation rather than risk-based compensation, higher than I expected for a team in a high-tech arena. Option grants were not related to the performance of an individual; it was more socialistic where everybody gets the same. So we lowered the base rate, but accelerated the growth rate.” Now employees get far fewer options to start, but gain many more, and more rapidly, if they exceed performance expectations. Option grants are also more heavily weighted to senior management than was previously the case at Symantec.
Mr. Thompson, no fan of distributed management, was quick to address organizational issues. At a time when many companies are implementing a “centerless” corporation organizational model, which is based on minimizing overhead and hierarchy while pushing critical decision rights to the periphery, Symantec has pulled those responsibilities back to corporate headquarters. Mr. Thompson blames the old structure, in which regions and business units each determined their own policies, for much of the old company’s lack of focus.
Centralized decision making means Symantec now has fewer meetings, with fewer people attending. “We used to have this monthly meeting with all the executive staff; everybody would show up in Cupertino from all over the world,” Mr. Thompson says. “We’d talk about issues and then people would go away and do whatever they wanted to do.”
“Strategic decisions are corporate decisions, not regional,” Mr. Thompson says. “It was time for some of our regional leaders to accept that they were part of a team rather than feudal lords.”
Mr. Thompson is also a bit of a contrarian when it comes to product strategy. Although individual PC users (and corporations buying PCs for employees) have largely given up buying a word-processor program from WordPerfect, a spreadsheet from Lotus, and a database from Ashton-Tate in favor of Microsoft’s all-in-one Office suite, enterprise customers select business-process software mostly by clinging to a best-of-breed approach. That is, corporations often buy what they perceive is the best application in each category, and let their internal information technology staffs integrate them. For example, they continue to buy human resource management software from PeopleSoft Inc., or CRM software from Siebel Systems Inc. and ERP products from SAP AG, rather than buying Oracle’s E-Business Suite. Symantec itself buys business applications in this way.
Security software has been purchased the same way. According to the International Data Corporation (IDC), security software includes security management, access control, authentication, virus protection, encryption, intrusion detection, vulnerability assessment, and perimeter defense. Symantec provides virus protection, firewall and virtual private network, vulnerability management, intrusion detection, Internet content and e-mail filtering, remote management technologies, and managed security services.