IBM Tivoli - Security Solutions for the Cloud


Published on

IBM Tivoli - Security Solutions for the Cloud. Presenter: Geln Gooding

Published in: Technology, Business
  • Be the first to comment

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

IBM Tivoli - Security Solutions for the Cloud

  1. 1. Business Unit Designation or other information Everyday Security: Simple Solutions to Complex Security Problems Sean Bergin WW Sales Director Tivoli Security Director,
  2. 2. 2 Welcome to the smart planet… and a smarter infrastructure Globalization and Globally Available Resources Billions of mobile devices Access to streams of accessing the Web information in the Real Time Dynamic Infrastructure Improve Service: Reduce Cost: New F N Forms of C ll b f Collaboration ti Manage Ri k M Risk: IBM Insight Forum 09 Make change work for you ®
  3. 3. 3 Managing risks introduced by new opportunities Emerging technology Virtualization and cloud computing increase infrastructure complexity. Web 2.0 and SOA style composite applications introduce new challenges with the 20 applications being a vulnerable point for breaches and attack. Data and information explosion Data volumes are doubling every 18 months.* Storage, security, and discovery around information context is becoming increasingly important. Wireless world Mobile platforms are developing as new means of identification identification. Security technology is many years behind the security used to protect PCs. Supply chain The chain is only as strong as the weakest link… p y g partners need to shoulder their fair share of the load for compliance and the responsibility for failure. Clients expect privacy An assumption or expectation now exists to integrate security into the infrastructure, infrastructure processes and applications to maintain privacy privacy. Compliance fatigue Organizations are trying to maintain a balance between investing in both the security and compliance postures postures. *Source: Pyramid Research, October 2007 IBM Insight Forum 09 Make change work for you ®
  4. 4. 4 High-level cloud security concerns Loss of Control Data Security y Many companies and governments Migrating workloads to a shared are uncomfortable with the idea network and compute of their information located on infrastructure increases the systems they do not control. potential for unauthorized Providers must offer a high degree exposure. Authentication and of security transparency to help access technologies become put customers at ease. increasingly important. Reliability High Hi h availability will b a k concern. il bilit ill be key IT departments will worry about a loss of service should outages occur. Mission critical applications may not run in the cloud without strong availability guarantees. Compliance Security Complying with SOX, HIPAA and other regulations may Management Providers must supply easy, easy prohibit th use of clouds f hibit the f l d for visual controls to manage some applications. firewall and security settings Comprehensive auditing for applications and runtime capabilities are essential. environments in the cloud. IBM Insight Forum 09 Make change work for you 4 ®
  5. 5. 5 Not all risks are created equal Frequency of Occurrences Per Year Virus Data Corruption Data Leakage Worms W Disk Failure frequent 1,000 Application Outage 100 System Availability Failures Lack of governance 10 Network P bl N t k Problem Failure to meet 1 Industry standards Failure to meet Compliance Mandates Terrorism/Civil Unrest 1/10 / 0 Workplace inaccessibility Natural Disaster infrequent 1/100 Regional Power Failures 1/1,000 Pandemic i 1/10,000 Building Fire 1/100,000 $1 $10 $100 $1,000 $10k $100k $1M $10M $100M Consequences (Single Occurrence Loss) in Dollars per Occurrence low high IBM Insight Forum 09 Make change work for you ®
  6. 6. 6 How would you rate Security as a business priority? Select the most appropriate answer 1. Our primary business focus is Control: access to data, applications & environments 2. Our business focus extends to Visibility: monitoring incidents and events 3. Our focus extends to include Compliance: audit and prove performance 4. Security Management is a key business directive and is given extreme foc s e treme focus from both an IT and an o erall b siness overall business perspective IBM Insight Forum 09 Make change work for you ®
  7. 7. 7 Not all risk is created equally, neither are all security solutions solutions… Find a balance between effective security and cost Pressure Cost The axiom… never spend $100 dollars on a fence to protect a $10 horse Complexity Studies show the Pareto Principle (the 80-20 rule) applies to IT security* Effectiveness 87% of breaches were considered avoidable through reasonable controls Agility Small set of security controls provide a disproportionately high amount of coverage Critical controls address risk at every Time layer of the enterprise Organizations that use security controls O i ti th t it t l *Sources: W.H. Baker, C.D. Hylender, J.A. have significantly higher performance* Valentine, 2008 Data Breach Investigations Report, Verizon Business, June 2008 ITPI: IT Process Institute, EMA December 2008 IBM Insight Forum 09 Make change work for you ®
  8. 8. 8 IBM provides the business answers you need in uncertain times with solutions for all IT domains Improving service managing service, risk and reducing cost of Security without compromise IBM Insight Forum 09 Make change work for you ®
  9. 9. 9 How would you rate Security as an IT priority? Select the most appropriate answer 1. Our Security focus is primarily on Identity & Access Management 2. Our Security focus extends into Application Security 3. Our Security focus extends into securing information without negatively impacting service quality 4. We have an extensive Security program incorporated into our IT and business governance IBM Insight Forum 09 Make change work for you ®
  10. 10. IBM: The only security vendor in the market with 10 end to end end-to-end coverage of the security foundation Critical Security Processes Manage Identities, Access and Entitlement: Process for assuring access to enterprise resources has been given to the right people, at the right time, for the right purpose IBM Solutions Protect Data and Information: Capability that allows for granular protection of unstructured & structured data data leak prevention and acceptable use policy monitoring data, Implement GRC Information and Event Management: Log management capabilities designed to automate the process of auditing, monitoring and reporting on security and compliance posture across the enterprise Address Threats and Vulnerabilities: Process and capabilities designed to protect enterprise infrastructure from new and emerging threats Assure Software and System Integrity: Process for assuring efficiency and integrity of the software development & release lifecycle. g y p y Manage Assets: Process for maintaining visibility and control over service and operational assets, and their impact on the business Manage Change and Configuration: Process for assuring routine, emergency and out-of-band changes are made efficiently, and in such a manner as to prevent operational outages Manage Problems and Incidents: Managed security operations center (SOC) or in-house Service Desk solutions designed to assure incidents are escalated and addressed in a timely manner Forensics teams ready to respond to an emergency manner. IBM Insight Forum 09 Make change work for you ®
  11. 11. New Tivoli Security Solutions solve real 11 customer challenges Provide efficient and Identity d Id tit and compliant access for Access right people to right resources at right g Assurance A time Protect integrity and Data and confidentiality of Leading Energy Application business data and Utility transactions from Security browser t di k b to disk Secure and audit Security y critical business Management services with your most trusted and for z/OS resilient platform IBM Insight Forum 09 Make change work for you ®
  12. 12. 12 Issues Select IBM Security Offerings Increasing number of industry and regulatory Audit Readiness Workshops and requirements Assessments: Security Health check, Security Workshop, Security Risk Reputational and financial risks of non- Assessment, Compliance Assessments compliance Controls Effectiveness Assessments: Cost of preparing for audits and assessments Penetration Testing, Regulation-specific Assessments Risk & Difficulty determining and documenting effectiveness of controls Controls and Governance Services: IBM ISS Compliance Governance Services for compliance and Management Internal policy violations regulatory se v ces, Information Secu ty egu ato y services, o at o Security Framework Audit findings Compliance Management and Reporting: Tivoli Compliance Insight Manager, Tivoli “How can I improve my zSecure Audit, IBM Compliance Warehouse, security and IBM Records Manager compliance risk li i k Values posture? How do I prepare for security Demonstrable policy enforcement aligned to regulations, standards, laws, agreements audits without a Decreases reputational risk and penalties and fines for non-compliance significant effort and also address any y Enables cost effective audit and assessment preparation by automating reporting and findings or documentation efforts d i ff deficiencies?” Provides visibility into controls effectiveness and policy violations, reducing risk of internal and external threats Improves security posture to reduce audit findings IBM Insight Forum 09 Make change work for you ®
  13. 13. Which best describes your current Identity & Access 13 Management capability? Select the most appropriate answer 1. Users sign on to individual applications, minimal infrastructure exists for security monitoring and auditing. 2. Multiple user registries and access control policies are defined in multiple places. 3. A consistent practice and a consistent infrastructure for access control are implemented. Provisioning of account information is policy based policy-based and consistently applied. 4. Identity and access management are tied to the employee life cycle in the organization Automated policy-based organization. policy based administration of users' accounts streamlines administration across the organization. IBM Insight Forum 09 Make change work for you ®
  14. 14. 14 PEOPLE AND IDENTITY Issues Select IBM Security Offerings Understanding the identity risk gap Identity Lifecycle Management: Tivoli Identity and Access Management solution, Cost of administering users and identities in- Tivoli Security Management for z/OS house h solution Privileged user activity unmonitored High-Assurance Digital Identities: Trusted Manage Dormant IDs or shared identities being used to Identity Initiative Identities and inappropriately access resources Identity Audit: Tivoli Compliance Insight Manager, Tivoli zSecure Audit Access Failing F ili an audit dit Identity Services: Identity & Access Design and Implementation Services, ISS Managed Identity Services, Identity Risk and Investigation Solution (IRIS) and other GBS Security services “How can my How Values business benefit Reduces the cost, increases efficiency and enables audit-ability of managing flow of users from management entering, using, and leaving the organization of digital identity?” Decreases risk of internal fraud, data leak, or operational outage Supports globalization of operations Enables shift from traditional brick & mortar sales to delivery of on-line services to customers and partners across the globe Improves end-user experience with Web-based business applications by enabling such activities such as single sign-on IBM Insight Forum 09 Make change work for you ®
  15. 15. 15 DATA AND INFORMATION Issues Select IBM Security Offerings Data stored on removable media that can be Data Loss Prevention: ISS Data Security and Data Prevention lost/stolen Loss Prevention solution Data stored in the clear is easily accessible Protecting Data at Rest or In Transit: Tivoli Application and Data Security solution, Inconsistent data policies WebSphere MQ Extended Security Edition, Unstructured and/or unencrypted data WebSphere DataPower Appliances Protect Data Legal, regulatory and ethical exposure f the L l l d hi l for h SIEM: Ti li C Tivoli Compliance I i ht M li Insight Manager, ISS organization SiteProtector and Costs of data breaches, notification, brand Data Encryption: Tivoli Key Lifecycle Manager, Information value encrypted tape and disk drives Failing an audit Data Classification: InfoSphere Information “How can I reduce the Analyzer, Cognos, Analyzer Cognos Enterprise Content cost and pain Management, Discovery and Classification, , IBM associated with Records Manager tracking and controlling Unstructured Data Security: Tivoli Access who touched what data Manager when? How do I assure Data Confidentiality: Optim Data Privacy solution, that my data is Lotus P L Protector f M il S for Mail Security i available to the business, today and Security Services: ISS Professional and Managed Security Services, Security Event and Log tomorrow?” Values Management Services Reduces the cost increases ability to meet audit and compliance mandates cost, Provides a cost-effective way to meet legal discovery, hold and retention requirements Assures data is available to the right people, at the right time Assures data is not deliberately or inadvertently taken, leaked, or damaged Decreases number and complexity of controls integrated within the enterprise p g p IBM Insight Forum 09 Make change work for you ®
  16. 16. 16 APPLICATION AND PROCESS Issues Select IBM Security Offerings Web applications #1 target of hackers seeking to Application Security: Rational AppScan, exploit vulnerabilities Rational AppScan Malware Scanning, IBM Web Application Module WebSphere Increasing number of attacks via XML scripting DataPower A li D t P Appliances and virus insertion Secure Web Application Controls: Tivoli Access Manager Applications are deployed with vulnerabilities Applications Messaging Security: Lotus Domino Poor security configs expose clients to business Messaging, WebSphere MQ File Transfer loss Edition, IBM ISS Mail Security solutions PCI regulatory requirements mandate application Security for SOA: WebSphere DataPower, security Tivoli Security Policy Manager, Tivoli 80% of development costs spent on identifying Federated Identity Manager, WebSphere and fixing defects Services Registry & Repository Real and/or private data exposed to anyone with Application Security Services: ISS “How can my business access to development and test environments, Application Security Risk Assessment benefit from including contractors and outsourcers Services , ISS M S i Managed S d Security S i Services i management of application security?” Values Reduce risk of outage, defacement or data theft associated with web applications Assess and monitor enterprise-wide security policy compliance enterprise wide Improve compliance with industry standards and regulatory requirements (e.g., PCI, GLBA, HIPAA, FISMA…) Improve ability to integrate business critical applications securely Automated testing and governance throughout the development lifecycle, reducing long-term security costs IBM Insight Forum 09 Make change work for you ®
  17. 17. 17 NETWORK, SERVER AND END POINT Issues Select IBM Security Offerings Mass commercialization and automation of Threat Mitigation Th t Miti ti : ISS N t Network I t k Intrusion i threats Prevention, WebSphere DataPower Appliances, Parasitic, stealthier, more damaging attacks ISS Server Intrusion Detection and Prevention products powered by X-Force®, ISS Endpoint Poor understanding of risks in new Security Control, Network Mail Security, technologies and applications, including Vulnerability Management and Scanning virtualization and cloud SIEM: Tivoli Compliance Insight Manager Manage Weak application controls Security Governance: Regulatory assessments and Infrastructure Lack of skills to monitor and manage security inputs remediation solutions, Security architecture and policy development Security Compounding cost of managing an ever increasing array of security technologies Incident Response: Incident Management and Emergency Response services Undetected breaches due to privilege access misuse and downtime from incidents Virtualization: Proventia Virtualized Network Systems Storage Security Inability to establish forensic evidence or demonstrate compliance Security Services: Security Intelligence and Virtual Network Advisory Services, Managed Intrusion Prevention and D t ti d Detection, M Managed fi d firewall services, ll i “How does my business Values Security Event and Log Management Services benefit from Reduces cost of ongoing management of security operations infrastructure security protection?” Improves operational availability and assures performance against SLA, backed by industry’s only guaranteed SLA for managed protection services Increases productivity by decreasing risk of virus, worm and malcode infestation Decreases volume of incoming spam Drill down on specific violations to quickly address resolution Readily show status against major regulations IBM Insight Forum 09 Make change work for you ®
  18. 18. 18 IBM professional security services Proven integrated lifecycle methodology that delivers ongoing security solutions Phase 5: Education Phase 1: Assessment IBM ISS P d t C Product Courses Threat Miti ti Th t Mitigation – On-site & off-site classes Governance Risk and Compliance Data Security Identity & Access Phase 4: M Ph Management t Physical Security and Support Application Security Staff Augmentation Emergency Response Phase 2: Design Service Policy Development Incident Response Planning Standards and Procedures Development Phase 3: Deployment 3 Implementation Planning Implementation and Optimization Migration Services IBM Insight Forum 09 Make change work for you ®
  19. 19. Analysts Recognize IBM Security Leadership 19 Gartner Leadership G d hi Forrester Leadership F t L d hi Security Information & Event Management Magic Managed Security Services Wave (October 2007) Quadrant (May 2009) Risk Consulting Services Wave (June 2007) Web Access Management Magic Quadrant IDC Market Share Leadership (November 2008) #1 Identity & Access Management (2008) User Provisioning Magic Quadrant (August 2008) #1 Identity Management Provider (2007) Master Data Management for Customer Data #1 Security & Vulnerability Management Software Magic Quadrant (July 2008) Worldwide (2007) Managed & Professional Network Service #1 V l Vulnerability A bilit Assessment S ft t Software W ld id Worldwide Providers, North America Magic Quadrant (May (2007) 2008) #1 Application Vulnerability Assessment Software Business Intelligence and Performance Worldwide (2007) Management Services, North America Magic Quadrant (May 2008) Frost & Sullivan Leadership Managed Security Service Providers, APAC Managed Security Services (2008, 2009) Marketscope – Strong Positive (May 2008) North American Network Security Infrastructure Managed Security Service Providers, Europe Protection Company of the Year (2008, 2009) Marketscope - Strong Positive ( ay 2008) a e scope S o g os e (May 008) North American Video Surveillance Software FilesX – Cool Vendors in Data Protection (March Developer Company of the Year (2008, 2009) 2008) #1 Vulnerability Assessment Provider (2006, Network Intrusion Prevention System Appliances 2007, 2008) Magic Quadrant (February 2008) IDS/IPS Market Leader (2007) Managed Security Services Providers, North Global Application Security Product Line Strategy America Magic Quadrant (August 2007) Award (2008) IBM Insight Forum 09 Make change work for you ®
  20. 20. 20 Tivoli is established leader in IAM and SIEM markets #1 Identity and Access Management Market Share (IDC) – past 3 years #1 SIEM Market Share (Gartner) Over 2,700 customers worldwide IBM Insight Forum 09 Make change work for you ®
  21. 21. 21 IBM: Comprehensive Security Risk & Compliance Management The only security vendor in the market with end- to-end coverage of the security foundation 15,000 researchers, 15 000 researchers developers and SMEs on security initiatives 3,000+ security & risk management patents 200+ security customer references and 50+ published case studies 40+ years of proven success securing the mainframe environment IBM Insight Forum 09 Make change work for you ®
  22. 22. 22 IBM Insight Forum 09 Make change work for you ®
  23. 23. 23 Thank you o Questions? IBM Insight Forum 09 Make change work for you ®