TRENDS & TECHNOLOGIES that affect the way government does IT
- By Brad Grimes
- Jul 12, 2006
'Current policies and procedures don't eliminate employees as the weakest security link,' said Mike Smith, co-founder of Liquid Machines Inc.
of Waltham, Mass. Smith, a professor at Harvard University with a Ph.D. in electrical engineering, was talking to a group of agency and industry professionals last month at a time when that Veterans Affairs Department laptop was still MIA.
'But security technologies are often intrusive,' he continued. 'And they take a static, all-or-nothing approach. Firewalls, access control, content filters'they say you can have the data or not.'
What Smith and Liquid Machines advocate (and, not coincidentally, sell) is enterprise rights management software. Liquid Machines' ERM platform
, and products such as Adobe LiveCycle and Microsoft Rights Management Services regulate what users can do with a variety of data sources, from printing, to copying, to saving.
Liquid Machines has several products, but we checked out its Document Control
software. Document Control requires a client program and a policy server (it can be Liquid Machines' or Microsoft's). It puts a Policy Droplet on the PC that integrates with more than 65 applications (Office, Acrobat, Visio, etc.) and shows up as a tiny box in the corner of the screen. The box displays whatever security policy the enterprise has assigned to that document. The beauty is, the policy protection follows the data. If you copy and paste part of a secure Word document into a new Word document, the security policy is automatically applied to the new document. We also saw what happens if you copy into a nonsupported application. When doing a copy/paste into Notepad, we got an error message that read 'The data on the clipboard is protected.' Same thing happens when you do a 'Save As' or try to print a section of a document. We were impressed.
Also important is the software's ability to assign offline rights, so security travels with the document. After a defined amount of time, the user of some information would have to log back into the network and 'renew his offline lease,' as CTO Arny Epstein described it.
The policy server logs all unauthorized actions, and agencies will definitely want to master the software's fairly powerful tools for mass definition of policies (who wants to go through all their agency's files and assign policies?). For now, Liquid Machines software only works with Windows, but Epstein said they could do Linux and Mac versions (no word on whether they would). And Liquid Machines is exploring ways to support Adobe's ERM platform.For more IT trends and analysis, visit the GCN.com Tech Blog at www.gcn.com/blogs/tech.