IBM Global Technology Services IBM Security ServicesThought Leadership White PaperLeveraging security from the cloudThe who, what, when, why and how of cloud-based security services
2 Leveraging security from the cloudIntroduction security from the cloud offers customers the best of bothToday’s executives understand the need for information worlds. They gain access to sophisticated security technologysecurity but still struggle to manage the cost and complexity of and up-to-the-minute security intelligence without the capitala myriad of security technologies for everything from threat expense, overhead and management responsibility associatedprevention to email security, vulnerability scanning and with on-premise solutions.security event and log management. While important to acomprehensive security strategy, implementing and managing Discovering the “who, what, when, where, why and how” ofthese solutions can divert IT resources from other critical ini- cloud-based security services reveals how security can be usedtiatives. And organizations with smaller budgets may not even to reduce risk, optimize resources, improve ﬂexibility andbe able to consider sophisticated defense-in-depth security address regulatory requirements—without breaking the bank.solutions. Cloud computing provides a delivery model forsecurity that addresses many of these challenges for businesses Who beneﬁts from security delivered vialarge and small. the cloud? Security threats and weaknesses do not recognize verticalCloud computing is a ﬂexible, cost-effective and proven deliv- industry boundaries or discriminate between small and largeery platform for providing business or consumer IT services companies. However, advanced security technologies are usu-over the Internet. Cloud resources can be rapidly deployed ally conﬁned to larger organizations with the budget andand easily scaled, with all processes, applications and expertise required to install, manage and monitor advancedservices provisioned “on demand,” regardless of user enterprise solutions. As a result, many organizations lack pro-location or device. As a result, cloud computing helps tection against new threats based on a shortage of resources,organizations increase service delivery efficiency, streamline not for intent or negligence.IT management and better align IT services with dynamicbusiness requirements. Cloud-based security services beneﬁt the largest enterprises, as well as small and medium-size businesses. Relative to on-When it comes to delivering information security, cloud com- premise security software, cloud security requires little to noputing provides several advantages relative to on-premise up-front capital investment and deployment costs; and thesecurity software and appliances. Cloud-based security services cloud delivery model lowers ongoing operational management(otherwise known as hosted security or security software as a costs. It also satisﬁes risk management needs acrossservice) provide security functionality over the Internet. The industries—from government to retail to manufacturing.customer does not take ownership of security applications butrather subscribes to a total solution that is delivered remotely. In addition to reducing costs and addressing risk managementThere are no hardware/software licenses to purchase and no requirements, cloud security services help to enable a cus-associated maintenance fees. The cloud delivery model also tomer’s limited operational resources to direct their effortshelps reduce security complexity as organizations will not be towards more strategic initiatives that drive real businessfaced with a proliferation of security devices and technologiesto manage, conﬁgure and patch. In many ways, consuming
IBM Global Technology Services 3value. Compared to traditional, on premise security imple- Traditional approaches to security require the purchase ofmentations, organizations leveraging the cloud spend less time multiple security technologies and management systems, alongmanaging systems, troubleshooting technical problems, and with manpower for integration, conﬁguration and patching.responding to the most recent security threat. Cloud-based services reduce those expenses and provide an ideal delivery method for many external security functions,What are cloud-based security services? including:Cloud-based security services are delivered remotely to pro-vide security functionality and intelligence from a remotely ● Vulnerability scanninglocated provider. They combine managed services, technology ● Web/URL ﬁlteringand security intelligence to integrate security with existing ● Security event managementbusiness processes, prevent attacks and misuse, address key ● Security log managementstakeholder demands, and meet environmental changes. ● Email securityCloud-based security services enable clients to perform rou-tine security activities more efficiently and cost-effectively by In addition to security functionality, cloud-based securityutilizing technology and infrastructure provided by a trusted services also provide up-to-the-minute security intelligencethird party. They help clients contain costs with ﬂexible and analytics to keep all security technologies patched and up-pricing based on usage. The cloud security service provider to-date. For example, a company that purchased an emailtakes responsibility for application functionality, deployment, security appliance three years ago may face challenges keepingperformance and maintenance, liberating the client from these the security software updated or risk making the softwareburdensome activities. obsolete. By using cloud-based security, the service evolves over time, always up-to-date with the latest functionality andCloud-based security services offer the following advantages software content.over traditional security deployments: When do cloud-based security services● No expensive, on-premise security hardware to purchase, provide a real advantage? install and maintain The ﬂexibility of cloud-based security services can transform● No stand-alone software to constantly update and patch the way businesses operate, aligning security with evolving● Rapid deployment and self-service through a web-based business requirements like never before. The cloud-based portal advantage becomes clear whenever organizations experience a● Ability to scale and expand security coverage quickly, with- change causing them to reassess, reprioritize and reconﬁgure out investing in additional infrastructure security. For example: it provides security and business process● Flexible, service-oriented pricing and service level advantages in the event of new government regulations, an agreements acquisition, or the addition of a new business unit and/or sys- tem. In such cases, cloud security services work ﬂuidly in a changing IT environment without requiring the customer to divert valuable IT and security resources from other critical initiatives.
4 Leveraging security from the cloudWhere do cloud-based security services make better educated business decisions about how to reducework best? risk. The cloud security service provider does the heavy liftingWherever businesses have Internet connectivity and want to and the day-to-day busy work, but the customer maintainsprotect information assets, cloud security services will work. control of security posture.Whether applied globally, at corporate headquarters or onlyfor remote locations, the choice is driven by business require- With cloud security services, customers have a consolidatedments. Companies don’t have to commit to a large-scale view of business security posture, and a central resourcedeployment with cloud security services. Instead, they can (a security portal) for security-related information. Securityselectively test the delivery model by starting with hosted event data is only valuable if businesses can analyze it in ordersecurity at a particular location or for a certain segment of the to take corrective action. With a consolidated view of securityIT infrastructure, while still managing other aspects of secu- posture delivered via the cloud, businesses now have therity internally. Regardless of whether a business chooses cloud ﬂexibility to report on the number of remediation taskssecurity services to protect a single data center or the entire assigned and completed, the number of vulnerabilitiesIT infrastructure, it will have access to all cloud security reduced, and the cost savings associated with cleaner trafficservice capabilities, including advanced analysis and correla- and more efficient use of bandwidth.tion, artiﬁcial intelligence, industry-leading security expertiseand a web-based management portal. The ﬂexibility and robustness of a cloud security services por- tal also improves regulatory compliance efforts. The informa- tion needed for annual audits—vulnerabilities, security events,Why do organizations need cloud-based log ﬁles, etc.—is captured and maintained in a forensicallysecurity services? sound manner. For auditing and investigation, the informationCloud security services provide protection in a simpler, more can be accessed from the central portal faster and easier thanefficient and inexpensive manner that empowers customers to having to pull from various management consoles.focus resources on their primary business. The cloud-baseddelivery model can transform an organization’s approach to The cloud-based delivery model leverages existing technologysecurity, making security decisions more strategic and aligning investments such as routers, application servers and securitysecurity technology with evolving business requirements like software. Cloud security services scale for growth, staffnever before. With a centralized portal view of security that changes and shifts in business focus. This approach speedsalso provides integrated security intelligence, customers can time to protection, reduces demands on internal resources, enhances proﬁtability and increases focus on operational excellence.
IBM Global Technology Services 5How to select a cloud-based security the forefront of security technologies like vulnerabilityservice provider? assessment, intrusion prevention and virus prevention. AndAn effective service provider possesses the right combination IBM was a pioneer in offering cloud-based vulnerability man-of service delivery experience, managed services, technology agement, security event and log management and in providingand security intelligence. Cloud security services should be clients with a web-based centralized customer portal for alldelivered by security-focused experts that offer: their cloud-based services as well as their device management managed security services.● Proven experience delivering security functionality via the Internet This portal, called the IBM virtual security operations center● A central portal where customers can view their security (Virtual-SOC) customer portal, gives clients better visibility posture at any time and control over their entire security infrastructure.● A complete managed security services platform including Customers use the Virtual-SOC portal as their single device management and cloud-based security services command and control center for all their IBM cloud security● A full suite of security technology for the entire IT services as well as their device management managed security infrastructure services. The secure web-based portal empowers clients with● Real-time, proactive security intelligence on threats and the intelligence, tools and capabilities necessary to make real- vulnerabilities time decisions to improve their security posture. This feature-● The ability to work with existing infrastructure and security rich portal provides organizations with a centralized command technologies center for monitoring and controlling their security operations● An understanding of how risk management affects business across the entire enterprise. Available anytime, anywhere, the processes like application deployments, compliance manage- Virtual-SOC portal integrates security intelligence from the ment, supply chain and more IBM X-Force® security intelligence team, early-warning● A strong audit and compliance posture that ensures align- threat analysis services, customized reporting and interactive ment with your organization’s needs client/security operations center communications enabling● A global delivery footprint that provides global geographic collaboration between clients your organization and their team coverage and continuous service availability of the IBM security experts. IBM security products and services are based on the proactiveCloud-based security services from security intelligence of its X-Force research and developmentIBM Managed Security Services team—the unequivocal world authority in vulnerability andIBM has been at the forefront of cloud computing since its threat research. In addition, IBM has the business expertise toinception. And IBM is a proven provider of cloud security help customers align security and risk reduction with existingservices with nearly a decade of experience using this delivery business processes.model. As the trusted security advisor to thousands of theworld’s leading businesses and governments, IBM has been at