Symantec, the software and security company best known for its Norton internet security and antivirus software, released its Corporate Social Responsibility (CSR) report on Monday.
For the uninitiated, CSR reports put a company’s social and environmental objectives, not just their profit and revenue outlook, on the record. They are meant to encourage all businesses, no matter their size, to act in a people and planet friendly manner. In Europe, companies are required to report on such issues but not so in the U.S. Symantec began CSR reporting voluntarily in 2008.
The company’s latest environmental goals include: reduction of CO2 emissions company-wide by 15% by the end of fiscal year 2012, using 2008 as a baseline; and meeting LEED certification for existing, and new buildings, especially data centers. LEED certifications were developed by the U.S. Green Building Council (USGBC).
With all these plans, is Symantec now a green technology company? Nah. It does offer an enterprise product, Altiris, that Symantec claims will “reduce energy and costs” for organizations that use it to manage their client PCs. Still, Symantec’s products focus on keeping people, systems and information safe, and their data safely stored. The company isn’t shifting its focus to solving the world’s energy and climate problems, just because it is doing more with its CSR report and policies.
Symantec didn’t do such a good job of growing without polluting in the past year, it admits in its fiscal year 2010 Performance Summary highlights:
“[A] global four percent increase in CO2 pounds per square foot… The key factor in this fiscal year Scope 2 greenhouse gas (GHG) increase is the expansion of our enterprise data center resulting from a change in our business strategy to include hosted and storage services.”
A partner and creative director at Methodologie in Seattle, Dale Hart, has been helping companies design annual and CSR reports in print and online for two decades. He checked out the latest from Symantec and offered praise and pointers. (Symantec was a Methodologie client about a decade ago, but has no current affiliation with the agency.)
First the good…
“Symantec has a button on their home page that leads to their CSR report. That’s great visibility. They also published testimonials from the president and chief executive, and from the chief of marketing about the company’s CSR report and related policies. That is something you don’t typically see from large, Fortune 500 type companies. Executive buy-in lets stakeholders know there’s discussion about sustainability issues from the top down. It indicates authenticity,” Hart said.
He also lauded Symantec for having an advisory board for environmental and social guidance, comprised of leaders from non-government (NGOs) and labor relations organizations, as well as ethical businesses.
Symantec reported against standards established by the Global Reporting Index, or GRI. The GRI helps companies figure out what content to include in a CSR report, what’s meaningful and measurable, and how they can make this information easily understandable to stakeholders in their business. It’s kind of a more worldly version of a 10-K, and Hart believes it is among the best ways to standardize CSR reporting.
Symantec’s director of corporate responsibility, Cecily Joseph, also discussed the merits of the GRI with TriplePundit this week.
Still, there was also something lacking in the company’s report, Hart said. He would like to see more U.S. tech firms, including Symantec, reveal more and more consistently about the way they deal with mercury and other toxins in the hardware and software they buy, use and produce. He’d also like tech businesses (and others) to disclose what they are doing with outsourcing partners, and in developing countries.
“Whether or not a company owns manufacturing facilities outside of the U.S., and especially if they do not own them, how do they enforce worker safety, fair labor and environmental best practices there? That should be more readily apparent,” said Hart.