RealTime IT News

Microsoft, Cisco, EMC Do Government Security

Three of the biggest names in high tech are buddying up to improve the security of IT systems for government agencies.

Microsoft , Cisco Systems  and EMC  have created service configurations under the Secure Information Sharing Architecture (SISA), which is designed to protect and share sensitive government information.

The move is a response to the events of 9/11, Hurricane Katrina as well as the raft of data breaches floating around government agencies and other sectors in the last few years.

One of the biggest security breaches occurred when a laptop containing the personal information of more than 26 million war veterans was stolen from a Department of Veteran Affairs employee's home last year.

SISA is designed so that only authorized personnel can access and share information.

Eric Rosenkranz, industry manager for e-government at Microsoft, said one of the drivers of SISA is that the government needs to communicate horizontally across different agencies and jurisdictional boundaries much more effectively.

"Protecting sensitive information and sharing information are two goals that are in conflict," Rosenkranz told internetnews.com. "We believe that no single company, government organization or even government can solve two opposing requirements on their own."

While traditional information protection technologies tend to wall off data in separate islands, SISA allows government agencies to set up virtual networks for authorized users to access sensitive files stored in different computer systems.

For example, SISA systems could eventually allow public health officials to monitor confidential data on diseases found in different government agencies and private-sector databases.

Four service configurations have been created under the SISA banner, Rosenkranz said.

The access protection service ensures that devices are healthy and situated in a virtual network; the content protection service protects all documents or files; and the data-protection service to protect data at rest in a storage area network (SAN) .

The fourth service is called Watchdog, an intelligent auditing and intrusion-detection technology to scan for bad user behavior.

With regard to the technology, Microsoft is applying its identity management, client and network operating software along with a collaboration framework that helps keep content in the hands of authorized users.

Cisco provides network protection via secure network links and data-protection features for sharing sensitive information across the network. EMC's contribution includes its storage systems and information management and security software.

Microsoft, Cisco and EMC may be leading the SISA charge, but they're not doing it alone.

The SISA Alliance also includes Liquid Machines and Titus Labs, which boosts Microsoft's digital rights management technology to improve content protection in SISA, as well as Swan Island Networks, which enables information sharing. Rosnekranz said he expects others will join the SISA party over time.

SISA is managed by Addx Corp., which established the SISA Joint Program Office to manage both the solution architecture and the systems integrator certification process.