Microsoft, Cisco, EMC Do Government Security


Three of the biggest names in high tech are buddying up to improve the
security of IT systems for government agencies.


Microsoft , Cisco Systems  and EMC  have created service configurations under the Secure Information Sharing Architecture (SISA), which is designed to protect and share sensitive government information.


The move is a response to the events of 9/11, Hurricane Katrina as well as
the raft of data breaches floating around government agencies and other
sectors in the last few years.


One of the biggest security breaches occurred when a laptop containing the
personal information of more than 26 million war veterans was stolen
from a Department of Veteran Affairs employee’s home last year.


SISA is designed so that only authorized personnel can access and
share information.


Eric Rosenkranz, industry manager for e-government at Microsoft, said one of
the drivers of SISA is that the government needs to communicate horizontally
across different agencies and jurisdictional boundaries much more
effectively.


“Protecting sensitive information and sharing information are two goals that
are in conflict,” Rosenkranz told
internetnews.com. “We believe that no single company, government
organization or even government can solve two opposing requirements on their
own.”


While traditional information protection technologies tend to wall off data
in separate islands, SISA allows government agencies to set up virtual
networks for authorized users to access sensitive files stored in different
computer systems.


For example, SISA systems could eventually allow public health officials to
monitor confidential data on diseases found in different government agencies
and private-sector databases.


Four service configurations have been created under the SISA banner,
Rosenkranz said.


The access protection service ensures that devices are healthy and situated
in a virtual network; the content protection service protects all documents
or files; and the data-protection service to protect data at rest in a
storage area network (SAN) .


The fourth service is called Watchdog, an intelligent auditing and intrusion-detection technology to scan for bad user behavior.


With regard to the technology, Microsoft is applying its identity
management, client and network operating software along with a collaboration
framework that helps keep content in the hands of authorized users.


Cisco provides network protection via secure network links and data-protection features for sharing sensitive information across the network.
EMC’s contribution includes its storage systems and information management
and security software.


Microsoft, Cisco and EMC may be leading the SISA charge, but they’re not
doing it alone.


The SISA Alliance also includes Liquid Machines and Titus Labs, which boosts
Microsoft’s digital rights management technology to improve content
protection in SISA, as well as Swan Island Networks, which enables
information sharing. Rosnekranz said he expects others will join the SISA
party over time.


SISA is managed by Addx Corp., which established the SISA Joint
Program Office to manage both the solution architecture and the systems
integrator certification process.

News Around the Web