Three of the biggest names in high tech are buddying up to improve the security of IT systems for government agencies.
Microsoft, EMC and Cisco Systems are partnering to facilitate the sharing and protection of sensitive government information.
The move is a response to the events of 9/11, Hurricane Katrina as well as the raft of data breaches floating around government agencies and other sectors in the last few years.
The Secure Information Sharing Architecture (SISA) Alliance, which also includes Liquid Machines, Swan Island Networks and Titus Labs, aims to develop IT architectures that permit only authorized personnel access to specific information while easing the management of shared, protected information across trusted communities.
The (SISA) technology would allow government agencies to better communicate while protecting content from being lost or stolen, the companies said.
“While government is attempting to break down the barriers between organizations to enable information-sharing, it is also struggling with numerous high-profile data loss incidents,” said Steve Cooper, former chief information officer for the U.S. Department of Homeland Security.
“Breaking down barriers between government and partner organizations will require better confidence in the ability to keep information in the hands of only the appropriate users,” he added.
One of the biggest security breaches occurred when a laptop containing the personal information of more than 26 million war veterans was stolen from a Department of Veteran Affairs employee’s home last year.
SISA is designed so that only authorized personnel can access and share information.
The alliance’s offerings focus on combining existing applications, information infrastructure and networking technologies to help protect customers’ IT investments.
Whereas in the past Cisco, EMC and Microsoft had each been viewing the needs of government customers through the lens of their own products, the growing need for simultaneous protection and sharing prompted them "to come together and look at this in a holistic way.
Eric Rosenkranz, industry manager for e-government at Microsoft, said one of the drivers of SISA is that the government needs to communicate horizontally across different agencies and jurisdictional boundaries much more effectively.
“Protecting sensitive information and sharing information are two goals that are in conflict,” Rosenkranz stated. “We believe that no single company, government organization or even government can solve two opposing requirements on their own.”
One hypothetical application of the architecture, for example, would allow public health officials to monitor confidential data on pandemics found in different government agencies and private sector databases, giving them the ability to coordinate response efforts with both government and private sector partners.
Four service configurations have been created under the SISA banner, Rosenkranz said.
The access protection service ensures that devices are healthy and situated in a virtual network; the content protection service protects all documents or files; and the data-protection service to protect data at rest in a storage area network (SAN).
The fourth service is called Watchdog, an intelligent auditing and intrusion-detection technology to scan for bad user behavior.
Each partner is contributing capabilities according to its’ own strengths.
Cisco provides network protection, security-enhanced virtualized network links, and data protection; EMC’s networked storage systems, information management and security software provide a flexible information infrastructure; and Microsoft provides identity management, client and network operating systems, and a collaboration framework that helps keep content in the hands of authorized users.
Meanwhile, Liquid Machines is contributing content-protection capabilities that extend the Microsoft digital rights management technology; Swan Island Networks designs and operates sensitive information-sharing systems; and Titus Labs offers information labeling and classification.
“The architecture itself is a set of optimized configuration settings to get our products to work together to accomplish the simultaneous goals of protection and sharing,” Rosenkranz added. “We believe that we can help take products that have already been deployed and use them together in new ways.”
Delivery will be via systems integrators trained through a three-tier certification program, so that SISA customers can select from a range of delivery providers.
ISA is managed by Addx Corp., which established the SISA Joint Program Office to manage both the solution architecture and the systems integrator certification process.
By providing a consistent architecture across groups, the SISA Alliance will save time and money and make it easier to share information, she explained.
Also significant is the way the alliance was formed, said Judith Carr, vice president for public sector governance and sourcing at IDC.
“Industry giants who do not normally partner have come together to create this,” she said. “That is remarkable in itself.”