CA Brings Physical Security Principles To Networks
The announcement kicked off RSA Conference 2003 in San Francisco, one of the industry's foremost trade shows for the latest in security solutions. CA -- along with smart card maker Gemplus, access control reader developer HID and integrated security solutions provider Software House (a division of Tyco Fire & Security) -- launched Open Security Exchange, a collaborative group devoted to integrating open standards and best practices solutions from physical and network technologies.
"Security hasn't been dealt with the way things like network management have over the past 10 years," says Russell Artzt, executive vice president and co-founder of CA. "IT organizations know security needs to be managed much better, and this is about presenting a unified view of security management."
The initiative has provided its initial specs for physical and cybersecurity management convergence on the organization's Web site. These include guidelines for common administration, authentication and point of security management. "This program is taking very critical security issues to a new level at a lower cost," says Gemplus CEO Alex Mandl.
By developing a unified concept of security for an organization's premises and networks, the group hopes to use the well-established physical security guidelines to improve the nascent but growing network security concerns.
"This gives integrated security systems an unprecedented amount of control over the protection of a company's areas and people," says Don Lyman, vice president for Tyco Safety Products.
Open Security Exchange is working with organizations such as the Secret Service to address the problems of hackers, cyberterrorists and disgruntled employees in a more proactive way than before.
"I don't believe that law enforcement is equipped with the necessary financial and manpower resources. We aren't able to arrest our way out of this; we need a preventive IT solution," says Robert Rodriguez, special agent for the Secret Service Electronic Crimes Task Force.
In the second announcement, CA said it will partner with Pinkerton Consulting and Investigations, leveraging the 150-year-old company's security expertise to address such concerns as insider attacks, unlawful use of corporate assets and theft of intellectual property. "We're trying to work with clients to minimize risk by moving toward a proactive solution rather than continuing with episodic responses to events," says Pinkerton president Nazzareno Paciotti.
CA's Artzt says the company already has signed up Cisco and Check Point as partners and will continue to enlist more. In pushing this open standards plan, CA is trying to get quicker results than other standards initiatives that have been around for a while.
"Other security efforts in the government have been more talked about than done," says HIP president and CEO Joseph Grillo. "This program shows how open standards can be convenient and work, and help move that talk into action."