CA forms unified security industry group

Anticipating a convergence between the markets of physical security and network security, Computer Associates International Inc., Islandia, N.Y., has started an industry group to foster interoperability between the solutions used in the two fields, the company announced this week. "This is good news" for government agencies, said Carol Kelly, vice president of government strategies for the IT industry research firm Meta Group Inc., Stamford, Conn. As agencies such as the Department of Homeland Security start to look for more security, "no one has really come forth to offer to link physical security with IT security," she said. Integrator BAE Systems Plc, Farnborough, U.K., has indicated that it will find uses for such links in its defense work. It has signed on to the group, called the Open Security Exchange, as a contributing member. "The Open Security Exchange delivers the industry's first practical guidelines for the complex systems integration required for truly holistic organizational security management," said Richard Schieffelin, BAE vice president for its U.S. National Systems Group.Security solutions that work together will allow security managers to get an integrated view of what is going on under their purviews, said John Sabo, business manager for Computer Associates' federal office. An agency can build a system that would not allow an employee's account to be logged into from an office computer unless that employee had signed into the building first. Although the solutions offered by many physical access solution providers run on commercial computer equipment, they are not designed to interoperate with the network security equipment that identifies users online, Sabo said. The group's goal is to build a framework that would allow vendors to build interfaces that allow interoperability, he said. The initial draft of the technical specifications is available at: http://www.opensecurityexchange.com/downloads/tech_spec.htm.Founding members of the Open Security Exchange are Computer Associates; smart card solution provider Gemplus International SA, Senningerberg, Luxembourg; access control reader provider HID Corp., Irvine, Calif.; and integrated physical security management system provider Software House Inc., a division of Tyco Fire and Security Services, Boca Raton, Fla.In addition to the industry group, Computer Associates also announced it has formed a partnership with security services firm Pinkerton Consulting and Investigations Inc., Charlotte, N.C., to broaden marketing coverage of the unified security space for both companies. Kelly said the Meta Group has studied the size of the combined market for physical and IT security. She said in the coming years, agencies would see more security officers elevated to executive levels. Privacy concerns around homeland security or the guidelines involving the Health Insurance Portability and Accountability Act may result in lawsuits, forcing more executive-level accountability of security issues, Kelly said.