The Banking Industry Technology Secretariat has firmed up plans for its security laboratory, setting an opening date of July 28 in Reston, Va.
The lab, a joint undertaking with major technology companies, has been an often-stated priority of the organization known as BITS. A division of the Financial Services Roundtable, BITS advises top executives on technological and payment-infrastructure issues, and has been devoting much of its time of late to the hot buttons of security and privacy.
To be operated by Global Integrity Corp., a prominent security consulting firm, the Reston facility is designed to focus the efforts of technology companies in meeting standards set and maintained by the financial services industry.
Plans call for the lab to award seals of approval on such products and programs as computer operating systems and servers, browser software, personal computer applications such as home banking, anti-virus systems, firewalls, and enterprise security packages.
"The financial services industry takes security issues very seriously," said Financial Services Roundtable chairman Robert W. Gillespie, who is chairman and chief executive officer of KeyCorp in Cleveland. "Traditionally, security is the key to consumer confidence. The new BITS Financial Services Security Lab is a bold and important step to ensure comprehensive security in banking systems."
Edward E. Crutchfield, the chairman and CEO of First Union Corp. and chairman of BITS, said the lab "will help to sustain public confidence in the financial services industry's ability to prevent and respond to security-related incidents in electronic banking."
The lab is being established at what may be the beginning of a boom in the data security business, fueled by concerns about the safety of Internet transactions.
BITS sees security as a way for banks to extend their historical roles as "trusted agents," and in the process bring some order to the confusing array of security products and claims made by their vendors. BITS' lab will also join in a trend toward subjecting vendor offerings to rigorous third- party evaluations, in this case leading to a "BITS-Tested Mark." It is similar to the SETCo mark on software that complies with the MasterCard- Visa Secure Electronic Transaction protocol.
The SET process is managed by Tenth Mountain Systems Inc., which, like Global Integrity Corp., is a subsidiary of Science Applications International Corp. of San Diego.
William M. Randle, executive vice president of Huntington Bancshares in Columbus, Ohio, and a member of the advisory group serving the bank chairmen and CEOs on the BITS board, said the BITS security mark may carry clout and credibility well beyond the banking sector.
"The government has been relying more and more on off-the-shelf security" for its official purposes, Mr. Randle said. "We can get to a point where (a security standard that is) good enough for the banks is good enough for the government."
"This is what BITS is and should be about in creating value," he said, "not just for the industry, but for all of e-commerce."
Mr. Randle and First Union senior vice president Peter Browne are co- chairmen of the BITS security and risk assessment steering committee, which spearheaded the project.
