ibm tivoli security solutions for the cloud - glengooding · ibm: the only security vendorin the...
Post on 04-Jun-2020
0 Views
Preview:
TRANSCRIPT
Business Unit Designation or other informationBusiness Unit Designation or other information
Everyday Security:Simple Solutions to Complex Security Problems
Sean Bergin
WW Sales Director Tivoli SecurityWW Sales Director, Tivoli Security
2Welcome to the smart planet… and a smarter infrastructure
Globalization and Globally Available
RResources
Access to streams ofBillions of mobile devices Access to streams of information in the Real Time
Billions of mobile devices accessing the Web
Dynamic Infrastructure
N F f C ll b ti
InfrastructureImprove Service:Reduce Cost: M Ri k
IBM Insight Forum 09®
Make change work for you
New Forms of Collaboration Manage Risk:
3Managing risks introduced by new opportunitiesopportunities
Emerging technologyVirtualization and cloud computing increase infrastructure complexity.
Web 2 0 and SOA style composite applications introduce new challenges with the
Data and information explosionData volumes are doubling every 18 months.*
Web 2.0 and SOA style composite applications introduce new challenges with the applications being a vulnerable point for breaches and attack.
Storage, security, and discovery around information context is becoming increasingly important.
Wireless worldMobile platforms are developing as new means of identification
Supply chainThe chain is only as strong as the weakest link… partners need to shoulder
Mobile platforms are developing as new means of identification.
Security technology is many years behind the security used to protect PCs.
y g ptheir fair share of the load for compliance and the responsibility for failure.
Clients expect privacyAn assumption or expectation now exists to integrate security into the infrastructure processes and applications to maintain privacyinfrastructure, processes and applications to maintain privacy.
Compliance fatigueOrganizations are trying to maintain a balance between investing in both the security and compliance postures
IBM Insight Forum 09®
Make change work for you
security and compliance postures.*Source: Pyramid Research, October 2007
4High-level cloud security concerns
Loss of Control Data SecurityLoss of ControlMany companies and governments are uncomfortable with the idea
of their information located on systems they do not control.
yMigrating workloads to a shared
network and compute infrastructure increases the potential for unauthorized
Providers must offer a high degree of security transparency to help
put customers at ease.Reliability
Hi h il bilit ill b k
exposure. Authentication and access technologies become
increasingly important.
High availability will be a key concern. IT departments will worry about aloss of service should outages
occur. Mission critical applications may not run in the cloud without
ComplianceComplying with SOX, HIPAA and other regulations may
hibit th f l d f
may not run in the cloud without strong availability guarantees. Security
ManagementProviders must supply easyprohibit the use of clouds for
some applications. Comprehensive auditing capabilities are essential.
Providers must supply easy, visual controls to manage
firewall and security settings for applications and runtime environments in the cloud.
IBM Insight Forum 09®
Make change work for you 4
5Not all risks are created equal
Frequency ofFrequency ofOccurrences
Per Year Virus
W
Data Corruption
Data Leakage
1,000
100frequent Worms
Disk Failure
System Availability FailuresApplication Outage
N t k P blLack of governance
10
1
1/10
Network Problem
Terrorism/Civil UnrestFailure to meet
Compliance Mandates
Failure to meet Industry standards
/ 0
1/100
1/1,000
infr
equent
Pandemic
Natural DisasterWorkplace inaccessibility
Regional Power Failures
1/10,000
1/100,000 $1 $10 $100 $1,000 $10k $100k $1M $10M $100M
i
Consequences (Single Occurrence Loss) in Dollars per Occurrence
PandemicBuilding Fire
IBM Insight Forum 09®
Make change work for you
Consequences (Single Occurrence Loss) in Dollars per Occurrencelow high
6How would you rate Security as a business priority?business priority?
Select the most appropriate answer
1. Our primary business focus is Control: access to data, applications & environments
2. Our business focus extends to Visibility: monitoring incidents and events
3. Our focus extends to include Compliance: audit and prove performanceperformance
4. Security Management is a key business directive and is given e treme foc s from both an IT and an o erall b sinessextreme focus from both an IT and an overall business perspective
IBM Insight Forum 09®
Make change work for you
7Not all risk is created equally, neither are all security solutionsare all security solutions…
Find a balance between effective securityFind a balance between effective security and cost
The axiom… never spend $100 dollars on a fence to protect a $10 horse
Cost
Complexityessure
a fence to protect a $10 horseStudies show the Pareto Principle (the 80-20 rule) applies to IT security*
87% of breaches were consideredEffectiveness
Complexity
Pr
87% of breaches were considered avoidable through reasonable controls
Small set of security controls provide a disproportionately high amount of coverage
Agility
disproportionately high amount of coverageCritical controls address risk at every layer of the enterpriseO i ti th t it t l
Time
Organizations that use security controls have significantly higher performance* *Sources: W.H. Baker, C.D. Hylender, J.A.
Valentine, 2008 Data Breach Investigations Report, Verizon Business, June 2008ITPI: IT Process Institute, EMA December 2008
IBM Insight Forum 09®
Make change work for you
2008
8IBM provides the business answers you need in uncertain timeswith solutions for all IT domains
Improving service managingImproving service managing
with solutions for all IT domains
Improving service, managing risk and reducing cost of
Security without compromise
Improving service, managing risk and reducing cost of
Security without compromise
IBM Insight Forum 09®
Make change work for you
9How would you rate Security as an IT priority?
Select the most appropriate answer
1. Our Security focus is primarily on Identity & Access Management
2. Our Security focus extends into Application Security
3. Our Security focus extends into securing information without negatively impacting service quality
4. We have an extensive Security program incorporated into our IT and business governance
IBM Insight Forum 09®
Make change work for you
10IBM: The only security vendor in the market withend-to-end coverage of the security foundation
Critical Security Processes
end to end coverage of the security foundation
IBM Solutions
Manage Identities, Access and Entitlement: Process for assuring access to enterprise resources has been given to the right people, at the right time, for the right purpose
Protect Data and Information: Capability that allows for granular protection of unstructured & structured data data leak prevention and acceptable use policy monitoringunstructured & structured data, data leak prevention and acceptable use policy monitoring
Implement GRC Information and Event Management: Log management capabilities designed to automate the process of auditing, monitoring and reporting on security and compliance posture across the enterprise
Assure Software and System Integrity: Process for assuring efficiency and integrity of the software development & release lifecycle.
Address Threats and Vulnerabilities: Process and capabilities designed to protect enterprise infrastructure from new and emerging threats
g y p y
Manage Assets: Process for maintaining visibility and control over service and operational assets, and their impact on the business
Manage Change and Configuration: Process for assuring routine, emergency and
Manage Problems and Incidents: Managed security operations center (SOC) or in-house Service Desk solutions designed to assure incidents are escalated and addressed in a timely manner Forensics teams ready to respond to an emergency
out-of-band changes are made efficiently, and in such a manner as to prevent operational outages
IBM Insight Forum 09®
Make change work for you
addressed in a timely manner. Forensics teams ready to respond to an emergency
11New Tivoli Security Solutions solve real customer challenges
Id tit d Provide efficient andIdentity and Access A
Provide efficient and compliant access for right people to right resources at right Assurance gtime
Data and Protect integrity and Data and Application Security
confidentiality of business data and transactions from b t di k
Leading Energy Utility
Security browser to disk
Security Secure and audit critical businessy
Management for z/OS
critical business services with your most trusted and resilient platform
IBM Insight Forum 09®
Make change work for you
resilient platform
12
Issues Select IBM Security OfferingsIssues Select IBM Security Offerings
Audit Readiness Workshops and Assessments: Security Health check, Security Workshop, Security Risk Assessment, Compliance Assessments
Increasing number of industry and regulatory requirements
Reputational and financial risks of non-compliance
Risk & Compliance Management
Controls Effectiveness Assessments: Penetration Testing, Regulation-specific Assessments
Controls and Governance Services: IBM ISS Governance Services for compliance and regulatory services, Information Security
compliance
Cost of preparing for audits and assessments
Difficulty determining and documenting effectiveness of controls
Internal policy violationsManagement
“How can I improve my security and
li i k
egu ato y se v ces, o at o Secu tyFramework
Compliance Management and Reporting: Tivoli Compliance Insight Manager, Tivoli zSecure Audit, IBM Compliance Warehouse, IBM Records Manager
Internal policy violations
Audit findings
compliance risk posture? How do I
prepare for security audits without a
significant effort and also address any
Demonstrable policy enforcement aligned to regulations, standards, laws, agreements
Decreases reputational risk and penalties and fines for non-compliance
Enables cost effective audit and assessment preparation by automating reporting and d i ff
Values
yfindings or
deficiencies?”
documentation efforts
Provides visibility into controls effectiveness and policy violations, reducing risk of internal and external threats
Improves security posture to reduce audit findings
IBM Insight Forum 09®
Make change work for you
13Which best describes your current Identity & Access Management capability?Management capability?
Select the most appropriate answer
1. Users sign on to individual applications, minimal infrastructure exists for security monitoring and auditing.
2. Multiple user registries and access control policies are defined in multiple places.
3. A consistent practice and a consistent infrastructure for access control are implemented. Provisioning of account information is policy-based and consistently applied.policy based and consistently applied.
4. Identity and access management are tied to the employee life cycle in the organization Automated policy-basedcycle in the organization. Automated policy based administration of users' accounts streamlines administration across the organization.
IBM Insight Forum 09®
Make change work for you
14
PEOPLE AND IDENTITY
Issues Select IBM Security Offerings
Identity Lifecycle Management: Tivoli Identity and Access Management solution, Tivoli Security Management for z/OS
Understanding the identity risk gap
Cost of administering users and identities in-h
Manage Identities and
Access
solution
High-Assurance Digital Identities: Trusted Identity Initiative
Identity Audit: Tivoli Compliance Insight Manager, Tivoli zSecure Audit
house
Privileged user activity unmonitored
Dormant IDs or shared identities being used to inappropriately access resources
F ili ditAccess
“How can my
Identity Services: Identity & Access Design and Implementation Services, ISS Managed Identity Services, Identity Risk and Investigation Solution (IRIS) and other GBS Security services
Values
Failing an audit
How can my business benefit
from management of digital identity?”
Reduces the cost, increases efficiency and enables audit-ability of managing flow of users entering, using, and leaving the organization
Decreases risk of internal fraud, data leak, or operational outage
Supports globalization of operationsSupports globalization of operations
Enables shift from traditional brick & mortar sales to delivery of on-line services to customers and partners across the globe
Improves end-user experience with Web-based business applications by enabling such activities such as single sign-on
IBM Insight Forum 09®
Make change work for you
15DATA AND INFORMATION
Data Loss Prevention: ISS Data Security and DataData stored on removable media that can be
Issues Select IBM Security Offerings
Data Loss Prevention ISS Data Security and Data Loss Prevention solution
Protecting Data at Rest or In Transit: Tivoli Application and Data Security solution, WebSphere MQ Extended Security Edition, WebSphere DataPower Appliances
SIEM: Ti li C li I i ht M ISS
lost/stolen
Data stored in the clear is easily accessible
Inconsistent data policies
Unstructured and/or unencrypted data
L l l d hi l f h SIEM: Tivoli Compliance Insight Manager, ISS SiteProtector
Data Encryption: Tivoli Key Lifecycle Manager, encrypted tape and disk drives
Data Classification: InfoSphere Information Analyzer Cognos Enterprise Content
Legal, regulatory and ethical exposure for the organization
Costs of data breaches, notification, brand value
Failing an audit
Protect Dataand
Information
“How can I reduce the Analyzer, Cognos, Enterprise Content Management, Discovery and Classification, , IBM Records Manager
Unstructured Data Security: Tivoli Access Manager
Data Confidentiality: Optim Data Privacy solution, L P f M il S i
cost and pain associated with
tracking and controlling who touched what data when? How do I assure
that my data is
Reduces the cost increases ability to meet audit and compliance mandates
Lotus Protector for Mail Security
Security Services: ISS Professional and Managed Security Services, Security Event and Log Management Services
that my data is available to the
business, today and tomorrow?” Values
Reduces the cost, increases ability to meet audit and compliance mandates
Provides a cost-effective way to meet legal discovery, hold and retention requirements
Assures data is available to the right people, at the right time
Assures data is not deliberately or inadvertently taken, leaked, or damaged
Decreases number and complexity of controls integrated within the enterprise
IBM Insight Forum 09®
Make change work for you
p g p
16
APPLICATION AND PROCESS
Issues Select IBM Security Offerings
Application Security: Rational AppScan, Rational AppScan Malware Scanning, IBM Web Application Module WebSphere D t P A li
Web applications #1 target of hackers seeking to exploit vulnerabilities
Increasing number of attacks via XML scripting DataPower Appliances
Application Controls: Tivoli Access Manager
Messaging Security: Lotus Domino Messaging, WebSphere MQ File Transfer Edition, IBM ISS Mail Security solutions
Increasing number of attacks via XML scripting and virus insertion
Applications are deployed with vulnerabilities
Poor security configs expose clients to business loss
PCI regulatory requirements mandate application
Secure Web Applications
Security for SOA: WebSphere DataPower, Tivoli Security Policy Manager, Tivoli Federated Identity Manager, WebSphere Services Registry & Repository
Application Security Services: ISSApplication Security Risk Assessment S i ISS M d S i S i
PCI regulatory requirements mandate application security
80% of development costs spent on identifying and fixing defects
Real and/or private data exposed to anyone with access to development and test environments, “How can my business
Reduce risk of outage, defacement or data theft associated with web applications
Assess and monitor enterprise-wide security policy compliance
Services , ISS Managed Security Servicesincluding contractors and outsourcersbenefit from management of
application security?” Values
Assess and monitor enterprise wide security policy compliance
Improve compliance with industry standards and regulatory requirements (e.g., PCI, GLBA, HIPAA, FISMA…)
Improve ability to integrate business critical applications securely
Automated testing and governance throughout the development lifecycle, reducing long-term security costs
IBM Insight Forum 09®
Make change work for you
security costs
17NETWORK, SERVER AND END POINT
Mass commercialization and automation of
NETWORK, SERVER AND END POINT
Th t Miti ti : ISS N t k I t i
Issues Select IBM Security Offerings
Mass commercialization and automation of threats
Parasitic, stealthier, more damaging attacks
Poor understanding of risks in new technologies and applications, including virtualization and cloud
Threat Mitigation: ISS Network Intrusion Prevention, WebSphere DataPower Appliances, ISS Server Intrusion Detection and Prevention products powered by X-Force®, ISS Endpoint Security Control, Network Mail Security, Vulnerability Management and Scanning
Weak application controls
Lack of skills to monitor and manage security inputs
Compounding cost of managing an ever increasing array of security technologies
Manage Infrastructure
Security
SIEM: Tivoli Compliance Insight Manager
Security Governance: Regulatory assessments and remediation solutions, Security architecture and policy development
Incident Response: Incident Management and increasing array of security technologies
Undetected breaches due to privilege access misuse and downtime from incidents
Inability to establish forensic evidence or demonstrate compliance
Systems Storage
Virtual Network
Emergency Response services
Virtualization: Proventia Virtualized Network Security
Security Services: Security Intelligence and Advisory Services, Managed Intrusion Prevention
d D t ti M d fi ll i
Reduces cost of ongoing management of security operations
Improves operational availability and assures performance against SLA, backed by industry’s only guaranteed SLA for managed protection services
“How does my business benefit from
infrastructure security protection?”
and Detection, Managed firewall services, Security Event and Log Management ServicesValues
Increases productivity by decreasing risk of virus, worm and malcode infestation
Decreases volume of incoming spam
Drill down on specific violations to quickly address resolution
Readily show status against major regulations
IBM Insight Forum 09®
Make change work for you
18IBM professional security services
Proven integrated lifecycle methodology that delivers ongoing security solutions
Phase 5: Education Phase 1: Assessment
IBM ISS P d t C Th t Miti ti
ongoing security solutions
Ph 4: M t
IBM ISS Product Courses
– On-site & off-site classes
Threat Mitigation
Governance Risk and Compliance
Data Security
Identity & AccessPhase 4: Management and Support
Phase 2: DesignStaff Augmentation
Emergency Response
Physical Security
Application Security
Phase 3: Deployment
ServicePolicy Development
Incident Response Planning
Standards and Procedures Development
Phase 3 DeploymentImplementation Planning
Implementation and Optimization
Migration Services
IBM Insight Forum 09®
Make change work for you
19Analysts Recognize IBM Security LeadershipF t L d hiG d hi Forrester Leadership
Managed Security Services Wave (October 2007)Risk Consulting Services Wave (June 2007)
IDC Market Share Leadership
Gartner LeadershipSecurity Information & Event Management Magic Quadrant (May 2009)Web Access Management Magic Quadrant (November 2008) #1 Identity & Access Management (2008)
#1 Identity Management Provider (2007)#1 Security & Vulnerability Management Software Worldwide (2007)#1 V l bilit A t S ft W ld id
(November 2008)User Provisioning Magic Quadrant (August 2008)Master Data Management for Customer Data Magic Quadrant (July 2008)Managed & Professional Network Service #1 Vulnerability Assessment Software Worldwide
(2007)#1 Application Vulnerability Assessment Software Worldwide (2007)
Frost & Sullivan Leadership
Managed & Professional Network Service Providers, North America Magic Quadrant (May 2008)Business Intelligence and Performance Management Services, North America Magic Quadrant (May 2008) Frost & Sullivan Leadership
Managed Security Services (2008, 2009)North American Network Security Infrastructure Protection Company of the Year (2008, 2009)North American Video Surveillance Software
Quadrant (May 2008)Managed Security Service Providers, APAC Marketscope – Strong Positive (May 2008)Managed Security Service Providers, Europe Marketscope - Strong Positive (May 2008)
Developer Company of the Year (2008, 2009)#1 Vulnerability Assessment Provider (2006, 2007, 2008)IDS/IPS Market Leader (2007)
a e scope S o g os e ( ay 008)FilesX – Cool Vendors in Data Protection (March 2008)Network Intrusion Prevention System Appliances Magic Quadrant (February 2008)
Global Application Security Product Line Strategy Award (2008)
Managed Security Services Providers, North America Magic Quadrant (August 2007)
IBM Insight Forum 09®
Make change work for you
20Tivoli is established leader in IAM and SIEM marketsSIEM markets
#1 Identity and Access Management Market Share (IDC) – past 3 years#1 Identity and Access Management Market Share (IDC) – past 3 years#1 SIEM Market Share (Gartner)Over 2,700 customers worldwide#1 SIEM Market Share (Gartner)Over 2,700 customers worldwide
IBM Insight Forum 09®
Make change work for you
21IBM: Comprehensive Security Risk & ComplianceManagementManagement
The only security vendor in the market with end-to-end coverage of the security foundation
15 000 researchers developers and SMEs on15,000 researchers, developers and SMEs on security initiatives
3,000+ security & risk management patents
200+ security customer references and 50+published case studies
40+ years of proven success securing the mainframe environment
IBM Insight Forum 09®
Make change work for you
22
IBM Insight Forum 09®
Make change work for you
23
Thank oThank you
Questions?
IBM Insight Forum 09®
Make change work for you
top related