Making security easy

The more the federal government relies on information technology to run internal operations and deal with citizens, the hotter the issue of network security becomes.

"Federal agencies continue to get hit by hackers. There's no [chief information officer] in town who's not worried, concerned and constantly figuring out how to protect his systems," said Joe Leo, cor.porate vice president of Science Applications International Corp. and former CIO of the Agriculture Department.

Enter Sigaba Corp., a San Mateo, Calif.-based start-up that has two important ingredients to make its presence felt in the federal IT market: a simple and powerful e-mail-based security product and investors who have a track record of picking winners in the federal IT arena.

SigabaSecure, the company's software, encrypts and decrypts e-mail messages automatically, without the need for user registration or access to a public-key infrastructure.

While the General Services Administration is overseeing the development of federal PKI efforts to enable secure electronic transactions, Congress has expressed concern about deploying a PKI system throughout the government because it is expensive and cumbersome to use, according to sources. To send or receive e-mail securely in a PKI system, a user has to have one unique mathematical key to "sign" messages and another key to encode or decode the message itself. These keys reside on the user's hard drive, meaning the user can't send secure e-mail from another computer.

Sigaba's system, on the other hand, works with any widely used e-mail program and on any computer with an Internet connection. It is interoperable with a PKI system, but requires no key. "We decided that whatever we designed had to be brain-dead easy," said Jahan Moreh, Sigaba's chief security architect and a former researcher at AT&T Bell Laboratories. "People who use e-mail regularly aren't techno-weenies. They don't want to struggle with their messages."

Sigaba authenticates both senders and receivers of its encrypted e-mail by requiring that they have valid passwords to their e-mail accounts. The system also allows senders to control when the key to encrypted mail is released and how long the key is available. In addition, "with Sigaba's system you don't need the scale you need with PKI, so you can use Sigaba with a much smaller user base and it's still economical," said an IT expert who asked not to be identified.

At just 2 years old, Sigaba might have about the same chance of gaining recognition in the crowded federal IT market as most other security companies.

But the company has more going for it: It boasts a high-profile roster of executives and investors. Chief executive officer and chairman Robert Cook founded several successful high-tech ventures, including WebMethods Inc., a maker of systems integration software. And major investors include Dan Young, former CEO of Federal Data Corp., a systems integrator and software solutions provider purchased last year by Northrop Grumman Corp.; John Toups, former president and CEO of IT and engineering consulting firm Planning Research Corp., now a subsidiary of Litton Industries Inc.; Sudhakar Shenoy, former CEO and president of Information Management Consultants Inc.; and Tom Hewitt, founder of federal market consulting firm Federal Sources Inc.

"I believe the winner in e-mail security will be the first person who comes up with a solution that's affordable, easy to install and manage, interoperable and easy to use. If you don't have those points, people will defeat the system," Hewitt said.

Featured

  • Defense
    Ryan D. McCarthy being sworn in as Army Secretary Oct. 10, 2019. (Photo credit: Sgt. Dana Clarke/U.S. Army)

    Army wants to spend nearly $1B on cloud, data by 2025

    Army Secretary Ryan McCarthy said lack of funding or a potential delay in the JEDI cloud bid "strikes to the heart of our concern."

  • Congress
    Rep. Jim Langevin (D-R.I.) at the Hack the Capitol conference Sept. 20, 2018

    Jim Langevin's view from the Hill

    As chairman of of the Intelligence and Emerging Threats and Capabilities subcommittee of the House Armed Services Committe and a member of the House Homeland Security Committee, Rhode Island Democrat Jim Langevin is one of the most influential voices on cybersecurity in Congress.

Stay Connected

FCW INSIDER

Sign up for our newsletter.

I agree to this site's Privacy Policy.