VA gets dose of Web security

The Veterans Affairs Department has tapped Merlin International Inc. to bolster its Internet security.

Denver-based Merlin will implement and maintain a Web-based security system to reduce risks associated with handling of VA information under a one-year, $2 million contract, Eryka Jackson, a company spokeswoman, said.

Merlin will partner with Watchfire Inc., Waltham, Mass., to deliver a solution to let VA officials monitor and report on the security of specific Web-based applications in real time. The centralized security solution will handle security scanning, user-access controls, remediation and compliance reporting. The solution also will feature executive dashboards for high-level views of the security solution's effectiveness.

Merlin, an IT solutions and services company, will manage the training and maintenance that will be done as part of the implementation. Watchfire, a software security firm, will provide its AppScan Web-based security solution.

The two companies also announced a partnership agreement that will allow Merlin to sell the security solution through its General Services Administration and Federal Supply Services Schedules, the company said.

A VA employee went against department regulations and took home a notebook PC in May, which subsequently was stolen.

More than 26 million veterans in May feared their personal information had been jeopardized in May when a VA employee went against department regulations and took home a notebook PC. The notebook, which subsequently was stolen, contained Social Security numbers and birthdays for more than 26 million veterans. It was recovered later, and the data was determined not to have been accessed, according to a VA statement.

Ethan Butterfield is a staff writer for Government Computer News' sister publication, Washington Technology.


  • Records management: Look beyond the NARA mandates

    Records management is about to get harder

    New collaboration technologies ramped up in the wake of the pandemic have introduced some new challenges.

  • puzzled employee (fizkes/

    Phish Scale: Weighing the threat from email scammers

    The National Institute of Standards and Technology’s Phish Scale quantifies characteristics of phishing emails that are likely to trick users.

Stay Connected

Sign up for our newsletter.

I agree to this site's Privacy Policy.