CA Unveils Open Security Exchange

Called the Open Security Exchange, the initiative aims to integrate physical and IT security management, Russell Artzt, executive vice president for CA's eTrust Security brand, said here at the RSA Conference. The effort will provide a comprehensive, single view of enterprise security management, he said.

"Security hasn't been dealt with in the same way as network systems management. Security needs to be managed much better," Artzt said. "This really addresses a very critical area," he added.

CA announced the standards effort with other founding members of the Open Security Exchange: Gemplus, a provider of smart cards; HID, a maker of access-control readers and cards; and Tyco Fire & Security's Software House, a provider of physical security management systems. In addition, CA unveiled a partnership with Pinkerton Consulting and Investigations to collaborate on solutions that provide both IT and physical security.

Artzt described Open Security Exchange as an "open forum for providing collaboration" across industries, software and hardware vendors, and systems integrators. The group expects additional vendors to join the effort over the next few months and will continue to add to its best practices, he said.

"This group is taking very critical security issues to a new level," said Alex Mandl, CEO of Gemplus.

CA's previously announced Security Command Center, which provides centralized security management, and its eTrust 20/20 solution, which allows companies to integrate physical and IT security, both adhere to the best practices and specification of the Open Security Exchange, Artzt said.

The Open Security Exchange group's initial specifications are available at http://opensecurityexchange.com. The specs focus on common administration of users and their privileges plus common strong authentication for access to buildings and IT systems.