When you think about all the money that is spent on securing our IT systems, you can’t help but wonder if there is a better way.
The reason that most security issues exist is because the operating systems and processors they run on were not built from the ground up to address security concerns. The end result has been a host of security solutions that not only have to be paid for when acquired, but also actively managed.
One company that thinks it has come up with a substantially better approach to security is Integrity Global Security, which makes a secure EAL6+ operating system that was originally designed for embedded systems. Thanks to the advent of hypervisors used in virtual machine software, the Integrity operating system can run Windows applications that are isolated from the underlying hardware.
This approach has not gone unnoticed by companies such as Dell, which recently agreed to resell the Integrity operating system to government agencies that do a lot of work with classified information.
But if the Integrity operating system, which makes use of a lightweight kernel to create what the company calls a Secure Separation Architecture, can be used for classified systems, why not apply it more broadly? Michael Liacko, executive vice president for Integrity Global Security, is hoping that’s exactly what will happen, especially with virtualization on desktops running more powerful processors than ever.
The challenge, says Liacko, is getting everybody to understand what’s possible in securing the client, versus thinking about security as a set of products and services you buy to compensate for the fact that the rest of the IT infrastructure is so fundamentally insecure.