2012.04.18 - ibm managed security services - smartcloud services

© 2012 IBM Corporation

Managed Security ServicesSelling Enterprise Security Services From the Cloud

© 2012 IBM Corporation2

Data tops concerns relative to cloud computing…

Protection of intellectual property and data

Ability to enforce regulatory or contractual obligations

Unauthorized use of data

Confidentiality of data

Availability of data

Integrity of data

Ability to test or audit a provider’s environment

Other

30%20%14%11% 9% 8% 6% 2%

Source: Deloitte Enterprise@Risk: Privacy and Data Protection Survey


Security Services Market Dynamics

Market dynamics – Due to the nature of numerous security technologies invented for resolving a variety of security issues, security market is very fragmented, crowded with a large number of vendors providing specific solutions. New technologies are evolving rapidly, and M&A has been incredibly active in the past few years. However, there are very few “full scale” security solution providers that can globally provide customers in different sizes and industries with a comprehensive portfolio of security solutions that combines security technologies, and consulting, implementation, and managed services.

IBM has:

• Solution comprehensiveness: IBM has a unique position in the market as an true end-to-end security provider – we address virtually any dimension of customers’ security challenges.

•Leading technologies: All IBM’s security solutions are built based on unparalleled security technologies invented by IBM research (including x-Force) & development or market leading product vendors (

•Global delivery: IBM has thousands of consultants, specialist, and delivery experts and global security operation centers to deliver professional, managed, and cloud security services to customers in almost every country in the world

IBM Global Technology Services

WW Security Services market is a $31.5B opportunity in 2011, growing at a CAGR of 10.8% throughout 2015

ProfessionalServices

Consulting Service $9.66B

Education $3.02B

Managed Services $4.51B

Implementation Service $14.29B

Major actors:

MSS – IBM, Dell SecureWorks, Symantec, Verizon, AT&T, HP, Wipro

Cloud Services – IBM, HP, McAfee, Verizon,Symantec, SecureWorks

Consulting services (PSS) – IBM, Deloitte, PwC,E&Y, Accentuate, KPMG, Verizon


Capability: The IBM Security FrameworkDelivering intelligence, integration and expertise across domains

Intelligence ● Integration ● ExpertiseIntelligence ● Integration ● Expertise

IBM Security

End-to-end coverage across domains

6K+ security engineers and consultants

Award-winning X-Force research

Analyst recognized leadership

Continued commitment to investment

Trusted Advisor to Global companies

End-to-end coverage across domains

6K+ security engineers and consultants

Award-winning X-Force research

Analyst recognized leadership

Continued commitment to investment

Trusted Advisor to Global companies

© 2012 IBM Corporation5Security & Privacy Leadership

Helping clients begin their journey to the cloud with relevant security expertise

Subscription service, Cloud-based, monitoring & management Security Services that help reduce costs & complexity, improve sec. posture, and meet regulatory compliance

Security Event and Log Management Vulnerability Management Services Hosted Application Security Hosted Mobile Device Management Managed Email / Web Security X-Force Threat Analysis Service

IBM Managed Security Services approaches the problem two ways:

Security for the Cloud Security from the Cloud

Cloud Security Strategy Roadmap

Application Security Assessment

Penetration Testing

Identity and Access Management

Cloud Security Assessment


Security FROM the Cloud: Hosted Application Security Management (HASM)

Service Overview:

Helps customers identify and remediate web application vulnerabilities on Internet facing servers without the need to purchase, install, and configure separate servers and software packages. The solution tests for common Web application vulnerabilities including Cross-Site Scripting, Buffer Overflow, and Web 2.0 exposure scans.

Service Quick Facts:

Service Type: Cloud / Managed

Average Project: $100K-750K

Key Offering Capabilities:

Full AppScan Enterprise access: The solution delivers the power of enterprise class application assessment capability directly to the organization via a cloud based delivery model.

Skilled experts to assist in analyzing scan results: Dedicated one on one time with security experts is included in the service to assist with interpretation of scan results and applicable remediation strategies

Suggested fixes and remediation steps provided: Scan results are accompanied by detailed fix suggestions that guide developers to solutions and best practices.

24x7 support and on-demand access: The HASM platform and associated support are available from IBM experts 24x7.

Service Value Proposition / Benefits:

Reduces risk with an unmatched time to value

Allows for vulnerabilities to be identified and remediated without in-depth expertise

Application Security Analysts consult with clients to help build a prioritized remediation strategy.

Business Challenges:

Web apps represent the fastest growing threat vector

70% of companies view web 2.0 as a top security concern

Web vulnerabilities are easily remotely exploited

Web app scanning is required by regs such as PCI.

Application Security

Management


Situations that drive the need to HASM

• Is the organization subject to federal or state legislative regulations or industry compliance stands? (PCI / HIPAA / SOX / GLBA)

• If so, then you need to assess the application to provide validation that it is within compliance standards and regulations.

• The Hosted Application Security Services conducts application assessments that help to provide required information for compliance regulations.

• Is web site used to collect any customer information?

• Is it used to send or receive sensitive information – including corporate IP, employee data, customer or partner information?

• Is it accessed by hundreds, thousands (or even millions) of users?


Security FROM the Cloud: Hosted Mobile Device Security Management (MDS)

Service Overview:

Designed to provide expert monitoring and management of policy enforced mobile connectivity to corporate and enterprise-wide assets. Incorporates design and deployment capabilities along with managed services to accelerate time to value and drive established security measures to mobile endpoints.


Service Type: Cloud / Managed

Average Project Size: Varies


Backed by IBM’s industry leading MSS: Managed and monitored by IBM, one of the largest Managed Security Service Providers in the world.

Broad mobile platform support: Offers support for leading mobile operating systems allowing for broad applicability of policy and technology.

Turn-key implementation: Comprehensive deployment strategies designed to simplify the rollout and reduce the burden on security / IT teams

Secure, policy based connectivity: When used in conjunction with the Juniper SA gateway, secure, policy based enforcement can be applied across mobile devices accessing corporate resources.

Deep security technology: Introduced enterprise class security to mobile endpoints: FW, AV, AS, etc.


Gain control over data stored on mobile endpoints

Helps organizations reduce the impact of lost devices

Supports the consumerization of mobile rollouts while retaining a responsible and secure approach to data management


Attainment of mobile security skills can be challenging

Most mobile deployments combine corporate and employee owned assets w/ varying security controls

More data lives on smartphones than ever before

Mobile Device

Security Mgt.


Situations that drive the need for MDS

• What security policies does your company have for corporate desktops and laptops?• Are your employees' mobile devices compliant with relevant security policies?• Do you allow your workforce to access corporate data from their personal mobile devices?• Do you want to embrace mobile technology to provide flexibility to your employees? • Are you aware of the potentially disastrous risks and threats that can affect mobile

devices?• Do you lack the in-house expertise and technology needed to ensure secure mobile

access to corporate data?

• Today’s mobile device should be viewed as any other endpoint device in the organization having an overall endpoint security strategy is key.

• There are differences between desktops/laptops and mobile devices. • The risk of breaches for mobile devices is the same or even greater due to the proliferation of

smartphones.


Security FROM the Cloud: Security Event and Log Management (SELM)

Service Overview:

The Security Event and Log Management Service enables compilation of the event and log files from network applications, operating systems, and security technologies into one seamless platform. The SELM offering allows for automated analysis of IPS data as well as robust query and research capabilities against a variety of different log types.


Service Type: Cloud / SaaS

Average Project Size: Varies


Two tiers of service: SELM is available in Standard and Select service levels allowing for varying degrees of analysis and analytics to be applied to data types

Integrated workflow and analysis capabilities: With SELM’s integrated workflow and analysis capabilities, security issues can be investigated, escalated, and recorded using IBM’s web based tools

Custom log parser and correlation engine: Easily use regular expressions to add support for custom log sources and correlation rules

Forensically sound storage and archival: SELM employs best practice processes for storage

Seamless blending of MSS and non-MSS data: SELM blends managed and unmanaged logs and events into a common data set


Improve time to value by leveraging an on-demand cloud based platform

Shorten investigations for suspicious/malicious activity

Centralize key data and reduce storage burdens

Challenges:

Information and event management solutions can be costly and overly complex depending on needs

Data often spans geographies and obtaining a consolidated view can be difficult and costly

Many solutions struggle with real-time analysis

Security Event and

Log Mgt.

© 2012 IBM CorporationIBM ConfidentialIBM Confidential

Situations that drive the need for SELM

• How are you managing, monitoring and archiving both log and event data across your enterprise?

• Does your company have a formal log management and monitoring process that supports analysis, escalation, and investigation?

• Do you consolidate log data from disparate geographies and systems or is this data spread among many separate locations?

• In the event of a security incident, can you effectively query and analyze logs from hundreds or thousands of systems in minutes?

• Could your security team use additional time and budget to address security issues?

• Do you have the tools in place for centralizing data, storing long term (up to 7 years), and an automated form of analysis?

• What tools are being used for existing efforts, are those tools integrated off the shelf vs. cobbled together?

• What would be the implications of a distributed data deployment if you attempted to quickly respond to a global security incident?

• How would you check all of your systems for suspicious activity if you knew of an attackers IP or a compromised account?


Security FROM the Cloud: Hosted Vulnerability Management Service (VMS)

Service Overview:

Offers network based vulnerability assessment from the cloud via the VSOC web portal. Scans can be configured and scheduled via the web, with scanning performed from the cloud or via IBM managed scanners at the customer premise. Results are and archived in the cloud, and accompanied by reporting, workflow, and remediation capabilities.


Service Type: Cloud / SaaS

Average Deal Size: $75K-300K


Vulnerability management: Agent-less scanning from both inside and outside the firewall

Remediation guidance and workflow: Fix vulnerabilities quickly and easily with the information provided in remediation reports

Intelligent scanning: Delivers accurate scanning results in less time with a system that follows an assessment similar to that used by ethical hackers.

PCI compliance assistance: IBM can serve as an Approved Scanning Vendor (ASV) in support of PCI compliance initiatives

Web and dbase vulnerability detection: Identifies basic web and database vulnerabilities to satisfy compliance requirements


Streamlined SaaS delivery model saves clients money and improves time to value.

Assists with compliance efforts for multiple regulations, including PCI

Reduces risk and improves security posture.


Vulnerabilities allow easy access to systems

Proper assessment and remediation is required for compliance initiatives

Today’s solutions can be difficult to use and manage

Security Event and

Log Mgt.

Vulnerability Mgt.

Service


Situations that drive the need for VMS

• How are you managing software vulnerabilities (Network, database, and application) in your IT environment today?

• Does your company have a formal vulnerability management program that supports frequent scanning, prioritization, and remediation efforts?

• Does your current scanning solution support Network, application and database vulnerabilities?• Have you considered the cost savings that could be realized by leveraging scanning from the

cloud vs. maintaining your own solution in-house?• Could your security team use additional time and budget to address big picture issues in your

environment?

• What is the importance of a vulnerability management program with repeatable process, documentation, reporting, and validation?

• What tools are being used for your existing efforts, are those tools integrated off the shelf vs. cobbled together.


‘Cloud security service’ value

The value proposition for cloud security has become widely understood, creating projects within many enterprises.

Services FROM the cloud:

Online access to key security tools that enable clients to efficiently perform key security functions

Reduced up-front capital investment and deployment

Lower overall security management costs

Quicker time to deploy and time to value vs. on-premise

Reduced on-premise skill requirements

Ability to standardize capabilities on one platform

Ability to rapidly consume software improvements


IBM Managed Security Services helps answer critical security questions

Firewalls Intrusion detection Routers/switches Servers Emails URLs

Answering customers’ critical questions:

Am I being targeted?Where else has this IP been?

What’s the attack vector?Is the attack approach custom or common?Is the attack against a vulnerable system?

Is there a block or prevention rule?Can you shut down that port?

Is this website malicious?Is that an email virus?

Virtual SOC Portal 9 security operations centers13+ billion events per day


IBM’s global security expertise extends to cloud and is trusted by some of the world’s most demanding companies!

15B-plus events managed per day

1,000-plus security patents

133 monitored countries (MSS)

9Security operations centers

Security Operations Centers

Security Research Centers

Security Solution Development CentersSecurity Solution Development Centers

Institute for Advanced Security Branches

9 Security research centers

11 Security development labs

400Security operations analysts

520 Field security specialists

941Professional services security

consultants

3,300 Strategic outsourcing security

delivery resources


IBM Security Services – Cloud Security Resources

Offering Details:

Hosted Application Security Management

Hosted Vulnerability Management

Hosted Mobile Device Security Management

Hosted Security Event and Log Management

Web Pages:

IBM Cloud Security Web page

Tools:

MSS Total Cost of Ownership

Papers:

Cloud Security Guidance

Strategies for Assessing Cloud Security

Leveraging Security from the Cloud

IBM POV: Security and Cloud Computing


Retrouvez une sélection d’offres Cloud IBM pour les Partenaires sur :

http://ibmcloudcatalog.blogspot.com


2012.04.18 - ibm managed security services - smartcloud services

Technology

proposition benefits

average project size

service quick facts

key offering capabilities

cloud saas

cloud managed

mobile devices

log management