Defence, government and corporate data security specialist Berkeley IT has launched itself headlong into the workplace collaboration market for sensitive agencies.
The veteran local tech security provider has started pitching its Enterprise Security Services Platform (ESSP) as a milspec solution to add “unprecedented levels of information and access security to the collaborative functionality of [Microsoft’s] SharePoint” application.
The push comes as government agencies necessarily look to fine-tune their systems in the wake of insider scandals and compromises like the notorious Bradley Manning incident.
Berkeley IT bills the new product’s core value proposition as tackling two key issues faced by information security managers: “insider leaks and managing data classification and enforcement.”
It’s main point of difference is established local working knowledge of Australia’s defence and government security requirements, although it remains predictably taciturn about specific recent deployments. (Although the video has some clues.)
“ESSP simplifies an organisation’s SharePoint site so that documents are grouped based on their functional purpose rather than their level of sensitivity, making the implementation of complex access rights management processes much easier,” Berkeley says.
Some of the features it’s pushing include the elimination of “Lone Zones”, automatic notifications upon access or attempted access of access assigned data and in-built expiry of individual permissions.
“As recent high profile data breaches such as the insider trading rorts based on ABS data or Bradley Manning’s sharing of official US secrets have shown, the biggest threat to data sovereignty is often from rogue individuals from within the organisation who have authorised access,” Berkeley’s General Manager, Business Development, Scott Marshall said.
It also features a lockout for nosy IT administrators through self-administered access rights management.
In terms of compliance and certification, Berkeley says ESSP provides “out-of-the-box compliance with the Australian Government Security Classification System (AGSCS) but it can also be easily customised to achieve alignment with alternative information governance frameworks.”