Betting on the next wave of cyber-security

August 26, 2011
FedCyber Wire, Solution Providers
No Comment

via DoD Buzz

Dubbed “O3,” or “ozone,” — because it’s a protective layer, get it? — Symantec wants to sell the feds new software that will link users’ identities with the stuff they’re permitted to access, but independent of specific hardware or applications. So if you work for DoD, let’s say, but you hate your government laptop and its email client, O3 would know the Hotmail identity you use instead and permit you to handle your messages and documents. Unlike a Virtual Private Network, which requires special software on your local machine to connect with a host, you’d use a web client to sign into O3, which would then let you access email, shared files or other stuff online from anywhere. Having a single account for every user — no matter how many third-party accounts they use for email, file sharing, databases or whatever — will make it much easier to keep networks secure, company officials say. And when an employee quits, it’s just a matter of eliminating their single ID, rather than having to try to trace back through the various services and logins they may have been using to do their job.

“Identity management is a big issue,” said Jennifer Nowell, director of Symantec’s government solutions group. Government IT types are constantly complaining about their lack of control in this area, which can lead to cyber-bugs getting into official networks and sensitive information getting out.

The company is still working on its O3 concept, with the goal of rolling it out at some point over the next year, said Rob Koeten, “ozone’s” chief architect. So are the feds interested? Nowell and other company officials said they believe it’ll scratch a security itch that defense and other government customers can’t resist, given that it’ll make it safer to begin using more cloud services. Government agencies and corporations already are a patchwork of semi-official cloud arrangements, Koeten said, as HR departments or sales teams do their own deals to use online services, sometimes without clearing them with their own IT departments.

Full article here.