A new secure-collaboration tool might help plug a common source of sensitive information leaks: the unintentional release of data through an organization's documents. The software allows users to mark text for internal use only, automatically editing files shared with outside parties who do not have the proper clearance levels.
Information sharing is a vital part of modern business and government operations. But when draft memoranda and position papers are passed among departments and other agencies there is a possibility that internal communications and policies might be inadvertently revealed, either in the text itself or in comments or tracking changes.
The Secure Information Broker Appliance (SIBA) allows users to control what information they want to release when working on shared documents with other departments or organizations. Developed by BAE Systems and released in March, the software can edit documents in a granular manner by highlighting selected symbols, words, paragraphs, and sentences and marking them for external or internal use.
[License plates sometimes reveal security surprises. Read License Plate Recognition Technology Branches Out.]
Dissemination security remains an important consideration in military and intelligence organizations, where documents might be issued to personnel with varying access levels. "We have to live in this collaborative world, but we need to put some controls on how we share this information," says Peder Jungck, chief technology officer with BAE's Intelligence and Security business.
SIBA allows analysts at different intelligence agencies to share documents, but they can mark certain passages and comment trails for sharing only with individuals above a certain clearance level. BAE claims that any changes or comments made through the collaboration process are automatically included and updated in the document.
A major challenge facing government and commercial firms is securing sensitive documents and intellectual property, Jungck says. Although the Defense Department and the government are good at managing classified mission data, he notes that more can be done with less secure documents such as whitepapers and memoranda. According to BAE, most security leaks occur through these documents and their comment trails. "What you're seeing [with many leaks] is a Microsoft Word document that shouldn't have gotten out," Jungck says.
The tool works with major word processing and office software such as Microsoft Word and PowerPoint. SIBA also works with information-sharing platforms such as SharePoint by handing off information between different versions and presenting the redacted version to customers or outsiders, while collecting any additional comments/information an organization wishes to share in a collaborative setting. Future releases of SIBA will see additional coverage of information-sharing platforms such as hosted event and public cloud-based versions, possibly as a service, he says.
Jungck claims that SIBA is designed for intuitive use, overlaying and interoperating with commercial software. The application is built around BAE's STOP 7 secure operating system and the XTS Guard architecture, which is designed to provide secure information sharing. Developed to meet DOD security standards, both software sets are used by the military and intelligence communities. The DOD uses BAE's XTS Guard to protect information sharing in military cloud environments, BAE officials say.
Join us at GTEC, Canada's government technology event. More than 6,000 participants attend GTEC – Government Technology Exhibition And Conference each year to exchange ideas and advance the business of information and communications technology (ICT) in government. Don't miss thought-provoking keynotes, workshops, panels, seminars, and roundtable discussions on a comprehensive selection of ICT topics presented by leading public sector and industry experts. Register for GTEC with marketing code MPIWKGTEC and save $100 on entire event and conference passes or for a free expo pass. It happens Oct. 27 to 30 in Ottawa.Henry Kenyon is a contributing writer to InformationWeek Government. He has covered Government IT and Defense markets since 1999 for a variety of publications including Government Computer News, Federal Computer Week, AFCEA's Signal Magazine and AOL Government. View Full Bio