April 15, 2003, 10:20 AM — Computer Associates International Inc. (CA) threw its hat into the ring of companies and industry organizations that are advocating security open standards and best practices on Monday.
In a press conference at the RSA Conference in San Francisco, the Islandia, New York, company unveiled the Open Security Exchange, a collaborative group advocating best practices and vendor-neutral specifications for integrating physical and IT security policies for enterprises.
Calling security "a major problem" for companies that involves both physical and network access, Russell Artzt, vice president of the eTrust Security Brand at CA, said that it was important for organizations to be able to understand security management.
The Open Security Exchange (OSE) will be an open forum for facilitating collaboration across industries and provide customers with a unified view of security management best practices, according to Artzt.
Joining Artzt on stage at RSA were representatives of five companies from the public and private security communities that are joining CA as founding members of the OSE, including Pinkerton Consulting & Investigations, part of Securitas AB, Tyco International Ltd., ASSA ABLOY AB, secure card maker Gemplus International SA and a special agent in the Electronic Crimes Task Force at the U.S. Secret Service.
Each representative spoke briefly to the assembled crowd about what their company brings to the new organization.
Don Lyman, vice president of Tyco Safety Products, said that his company had an API (application programming interface) that could tie access control systems to digital video, fire or burglary systems, as well as human resources and time-and-attendance software systems.
Lyman envisioned systems based on OSE standards that could limit not just which employees but how many and which groupings of users could occupy a server room at once.
Adding weight to the initiatives of the new group, CA made two additional announcements tied to OSE standards:
CA will be offering a security management command center that brings together security policies from different IT and physical security systems, according to Artzt.
In addition, the company formed an alliance with Pinkerton to tie Pinkerton's corporate security services to CA's eTrust enterprise security management technology, he said.
CA's eTrust 20/20 product will adhere to the OSE standards and use Pinkerton-developed security policies that can help administrators identify security threats in complex network environments, CA said in a statement.
The new standards will be freely available to the public, including CA's competition, from a new Web site set up for the OSE, according to Artzt.