The Open Group has released preliminary criteria for a global security standard to reduce the risk of tainted or counterfeit technology products entering the supply chain.
The Open Trusted Technology Provider Standard (O-TTPS) will provide an open standard for organisational best practices that will aim to enhance the global supply chain and assure the integrity of commercial off-the-shelf ICT products worldwide. This is geared towards global providers and acquirers of commercial off-the-shelf information and communication technology products.
The two risks being addressed in the initial criteria are tainted and counterfeit products. Version 1.0 of the standard is expected to be published in late 2012, and an accreditation programme is planned to help provide assurance that trusted technology providers conform to it.
The O-TTPS has been shaped by the likes of Boeing, Booz Allen Hamilton, CA Technologies, Cisco, EMC, HP, IBM, Juniper Networks, Lockheed Martin, Microsoft, NASA, Oracle and the US Department of Defense/CIO.
David Lounsbury, chief technology officer at The Open Group, said: “With the increasing threats posed by cyber attacks worldwide, technology buyers at large enterprises and government agencies across the globe need assurance that the products they source come from trusted technology suppliers and providers who have met set criteria for securing their supply chains.”
Steve Lipner, partner director of program management at Microsoft Trustworthy Computing, said: “Security within the product lifecycle is a critical issue facing global companies today. In developing standards that provide guidance for industry and government to secure products globally, Microsoft and The Open Group Trusted Technology Forum are working together to help protect both end-users and product integrity worldwide.”