OpenSecurity: The Open Source Solution for Increasing Your Organisation's IT-Security

Protection of personal and sensitive data finally came to the centre of attention when numerous internal and secret documents attesting the extent of surveillance practices by the United States National Security Agency (NSA) as well as the rest of the worldwide data espionage community were published. OpenSecurity offers its stakeholders not only a tool to impede data transfer, but at the same time builds a barrier for employees, which prevents them from sharing data deliberately and protects them from sharing data unintentionally and unknowingly (e.g. by means of malware infected USB-sticks, malware, insecure internet usage, or loss or theft of insecure media).

OpenSecurity points out that not all personal data and its interconnections should be freely accessible. Sensitive data as well as inferences from that data related to individuals and their preferences, characteristics, etc. must be safeguarded.

Both the results of the survey and the interviews, which have been conducted with IT-experts from the Linz City Administration and the Austrian Federal Ministry of Internal Affairs in the context of OpenSecurity, suggest distinctly that security aspects of IT-infrastructure in the public sector have gained momentum during the last years. We can assume that the situation is very similar in other public authorities and agencies – provided that those are of a similar size. In addition to the federal agencies (e.g. ministries, courts) and the state institutions (e.g. federal governments, regional courts, and state police departments), the regional administrative authorities and magistrates of bigger cities can be considered as potential prospects as well. Moreover OpenSecurity can be employed in public institutions like universities, museums or libraries. OpenSecurity can be adapted to the needs of larger NGOs/NPOs or commercial enterprises as well.

The software solution has the potential to expand to at least the German-speaking market. To introduce OpenSecurity to the international market the consortium plans to pursue the project on an EU level. The aim is to create a unified EU-standard for the public area as well as for offices and authorities.

Some features of OpenSecurity, which have an impact on the development of its potential, relate to its Open Source based approach.

• Market situation: OpenSecurity is a valuable alternative to other currently available IT-security solutions, e.g. safe-browsing solutions like Bitbox (Sirrix), SurfCanister (Quick Heal Technologies), or Sandboxie (Sandboxie Holdings).
• Implementation: OpenSecurity makes an unobtrusive integration into existing infrastructures possible. Smooth transfer and migration of single use cases on a large scale is possible during on-going operations. The administrative effort for migrating to OpenSecurity, or for a first installation of the Open Source solution is not more laborious than the change to a similar proprietary product.
• Economical benefits: The software is available Open Source and can be downloaded for free from the website. The public sector can profit from savings mainly related to no licensing fees and low costs for further development. OpenSecurity can be fully integrated with existing IT-structures independently from the operating system, and can be adapted to existing usability and accustomed workflows. This means that for training only low or no costs can be expected.