SAN FRANCISCO, Feb. 25, 2004 — At a time when many of the technologies that make business-to-business collaboration and communication easier may also put businesses' sensitive information at greater risk of compromise, balancing strong information protection and security with flexible data-sharing practices is a more precarious tightrope act than ever.
It's a viewpoint shared by representatives of the Microsoft Security Business and Technology Unit (SBTU) and a number of the company's key software and services partners participating in RSA Conference 2004, the annual information security event taking place here this week. As threats to IT security and intellectual property rights grow more sophisticated, they say, so does the value and importance of strong partnerships in the security arena.
"Customers have told us that they need integrated solutions to address the challenges they face in keeping their networks and computers secure," says Jonathan Perera, senior director of product management for the Microsoft SBTU. "In addition to the investments we're making in technology innovation, it's important for Microsoft to support a broad-based IT security ecosystem to deliver more complete solutions for customers."
Today at the RSA Conference, more than 20 of these partners are announcing plans or unveiling new products, services and support offerings based around key Microsoft information protection and security technologies, such as Microsoft Windows Rights Management Services (RMS) and Microsoft Internet Security and Acceleration (ISA) Server. Microsoft Windows RMS is information protection technology that works with RMS-enabled applications, such as Microsoft Office 2003, to help safeguard digital information from unauthorized use. Through a combination of Windows Server 2003 features, developer tools, and industry security technologies -- including encryption, eXtensible rights Markup Language (XrML)-based certificates, and authentication --RMS enables an organization to enforce persistent rights-management policies that live with the information, no matter where it goes. Microsoft ISA Server provides such features as advanced application-layer firewall, virtual private network, and Web caching protection that help customers maximize existing IT investments by improving network security and performance.
In laying out key issues for Microsoft to address throughout its operations, Chief Executive Officer Steve Ballmer reminded company employees earlier this year that "we must do a better job from the start in understanding customer needs and delivering value based on those needs." Mike Nash, corporate vice president of the Microsoft SBTU, echoes Ballmer's thoughts in assessing the value that Microsoft's security partners contribute. "Partners play a significant role in adding value to customers for technologies such as Windows RMS and ISA Server," says Nash.
Information Protection-to-Go: Document-level Rights Management that Stays with the Data
Lexington, Mass.-based data security software provider Liquid Machines Inc. is launching new functionality within its information security management software platform that extends Microsoft Windows RMS protection beyond Office 2003 to other popular applications, such as Adobe Acrobat, AutoCAD, Documentum, SAP, PeopleSoft and Siebel CRM. "Our software can rapidly and efficiently enable the rest of a company's application infrastructure to be compatible with Windows RMS and Office 2003, right out of the box," says Jim Schoonmaker, the company's chief executive officer. Liquid Machines also provides added support for controlling, tracking and auditing electronic documents generated in these RMS-enabled applications throughout the life cycle of the information.
Schoonmaker says many companies today need to be able to seamlessly allow sensitive data or intellectual property to move beyond an organization's own network and bypass traditional network-based security protections -- whether it's carried in miniaturized storage devices that fit on a key ring, or over wireless pathways and instant messaging sessions. This means that information protection needs to be both portable and persistent. "The pressure to streamline communications with business partners and make their operations more transparent to regulators is driving businesses to send more and more sensitive information outside their walls, where it's harder to protect and control," he adds.
From their complementary technologies to their common vision of protecting data at the document level, Schoonmaker believes Liquid Machines and Microsoft can address many customers' demands in the rights management arena.
"We've been hearing the same thing from our customers and industry analysts as well: 'If Microsoft and Liquid Machines could figure out how to interoperate and support one another, we'd have the information protection solution that we all need,'" he says. "The combination of Microsoft's rights management platform, which works so effectively and is a standard that people can believe in, with Liquid Machines' ability to accelerate the transition to the Windows Rights Management Services technology, represents a fairly groundbreaking event."
Michael Atalla, business development manager in the Microsoft SBTU, agrees. "Liquid Machines' unique approach to rapidly deploying Rights Management Services protection throughout an enterprise is going to help solve a number of key information protection challenges that our customers face," he says. "As such, Liquid Machines is an invaluable partner for Microsoft in this market. The real heart of this relationship is that our technologies are simply better together."
Policy Enforcement as a Service Brings Enterprise Rights Management to Smaller Organizations
With its new line of content security applications that employ Windows RMS technology in a managed service, Herndon, Va.-based software provider GigaTrust is another industry partner that delivers a unique value to the companies' mutual customers, says Atalla. "As the first company to step forward with managed services around Windows RMS, GigaTrust is opening this technology to smaller organizations and work groups within larger organizations that need a rapid and cost-effective means of exchanging secure content," he says.
GigaTrust for Email and GigaTrust for Web Servers are products that provide a hosted environment in which customers can publish and exchange rights-protected information with external audiences without the need to install and manage Windows RMS technology on their own servers.
"Microsoft's Windows RMS platform allows us to embed this technology in our existing content security applications and provide a managed infrastructure that makes it simple and affordable for companies to enforce their own specific information-protection policies on inter-company communications," says Glen Gulyas, GigaTrust president and chief operating officer. "We aim to be the trust broker between businesses and raise their level of confidence in sharing valuable information outside the confines of their enterprise."
GigaTrust's ability to provide document-specific rights management protection as a hosted service would be difficult to even imagine without Windows RMS technology involved, says Gulyas.
"When it comes down to somebody in one company being able to communicate with a person in another company, neither side wants to quibble about what kind of software the other party might be running. For this to work, you need a standard like Windows RMS that has the potential to become very widely used," he says. "The base requirements for utilizing Windows RMS are pretty minimal and cover a huge number of organizations in the market, which I think will give companies added confidence in adopting this platform."
Gulyas says being part of the Microsoft partner ecosystem also opens many other doors for GigaTrust. "Nearly all of Microsoft's software business runs through the partner channel in some capacity, and Microsoft makes it very easy for partners to maximize customer sales opportunities at a low cost," he says. "For a small company like ours, that's priceless."
RMS 101: Training Offerings Teach Companies Best Practices for Information Protection
Helping organizations better understand how they can make Windows RMS comprehensively support their specific document policies and requirements is the central objective of a new four-day training program that Titus International Inc. will present for the first time March 31. Based in Ottowa, Canada, Titus is a Microsoft Gold Certified Partner for Security Solutions that specializes in consulting and training for security, identity and systems management technologies.
"We've been keenly interested in developing this hands-on 'boot camp' training course around Windows RMS because there's no other widely accepted technology in the market today that can do what this product does in terms of persistently protecting documents and e-mails across organizational boundaries," says Titus founder and President Tim Upton.
"Companies we've worked with over the years have traveled a rough road toward the promise of being able to effectively encrypt and protect documents," says Upton. "Windows RMS is fulfilling that promise and a whole lot more."
Titus instructors will combine lectures with hands-on exercises to help prepare course participants to install, configure and maintain Windows RMS in tandem with desktop applications such as Microsoft Office 2003. The instructors are all Titus professional implementation consultants, so attendees will learn from someone with real-world experience in deploying security for a Microsoft environment, says Upton. "This also makes our consultants better at their jobs, because they have to become well-versed at not only working with the technology but also making it understandable to business users."
As one of the earliest Microsoft infrastructure services partners, Titus has greatly benefited from the company's support over the past 10 years, he adds. "Microsoft builds great software, but then gives firms like Titus a broad spectrum of opportunities to provide added value for customers through systems integration and training."
Says Microsoft's Atalla, "The tremendous investment by Titus to create the first Windows RMS-specific training course reflects how indispensable our industry partners are in fulfilling the promise of secure and trustworthy computing for our customers."
Working to Provide Additional Defenses on ISA Server
Many third-party companies also are recognizing the value of Microsoft ISA Server 2004 and announcing their support of the product, which is currently in beta testing.
From Internet worm and virus attacks to barrages of spam e-mail, enterprise IT administrators face increasingly complex assaults on their systems that demand increasingly sophisticated defenses. Elizabeth Hernandez, product marketing manager for McAfee System Protections Group at Network Associates, says that customers require a broad array of protections through a single solution, rather than deploying disparate software for each type of threat.
That's the driving force behind McAfee SecurityShield for Microsoft ISA Server. Currently in beta testing and set for general release by Network Associates early this spring, McAfee SecurityShield for ISA Server delivers anti-virus protection, virus outbreak management, content scanning and the option to add anti-spam filtering tools. "It will provide multiple levels of protection for all access points to ISA Server, bolstering perimeter defenses," says Hernandez.
The upcoming Security Shield product is designed to run with Microsoft ISA Server 2004, which also is currently in beta testing, as well as Microsoft ISA Server 2000. The standard edition of ISA Server 2004 is scheduled for release in the middle of this year.
"The high priority that Microsoft places on security, and the company's commitment to supporting industry partners' innovations in security, make Microsoft an exceptional partner for us," says Hernandez. Since 95 percent of McAfee customers operate on Microsoft platforms, she adds, "it's in the best interests of both organizations to make our security tools as complementary as possible."
The broad features and design of McAfee Security Shield demonstrate that Network Associates and Microsoft share a focus on customers, says David Gardner, Microsoft business development manager in the Microsoft SBTU. "The new Security Shield technology will be a great addition to the third-party software available for ISA Server customers," he adds.
The sheer diversity of products and services that Microsoft partners have introduced in support of ISA Server and Windows RMS at this week's RSA Conference demonstrates the maturity of these technologies, says Perera.
"More and more Microsoft partners and customers are finding value in Windows RMS and ISA Server as foundations for building stronger, easily manageable protection around a growing array of data and applications," he says. "It also shows how sharply the overall technology industry remains focused on security as a crucial area of innovation, both now and in years to come."