IBM Tivoli Security Management Blog
Jeanette Fetzer 0600009SUT email@example.com Tags:  security management vulnerability 2 Comments 1,638 Visits
Last week, IBM announced our intent to acquire BigFix. I wanted to point this out in case any of you missed this while on vacation or working furiously to get ready to go on vacation. This is exciting news! BigFix is a leading provider of security configuration and vulnerability management, systems lifecycle management, endpoint protection and power management. These capabilities will strongly complement IBM's service management portfolio to simplify IT operations and security, to deliver a single integrated architecture for endpoint management.
As business models spread out and the workforce is increasingly global and mobile, it is a large task to stay ahead of threats, ensuring that configurations are set to reduce vulnerabilities and that security patches are deployed in a timely fashion. This can be labor intensive or prone to incomplete coverage. Endpoints are where your employees and team members are getting the job done - recording transactions, designing products, helping customers, working on plans. This is where your enterprise value begins, with the generation of and collaboration with information on these systems spread around your enterprise and even the world. These systems are not contained in one area and can be out of reach from physical contact with the IT organization. But they come and go from your network daily. A poorly protected endpoint can have a vulnerability exploited that can not only impact the system itself, but potentially serve as an entrypoint for malware to enter the enterprise network.
BigFix provides real-time visibility and control of endpoints across a large number of computing platforms. This acquisition is intended to close later this year. Adding this to IBM's already strong service management portfolio will help clients improve the management of both their IT and operational assets. Enterprises can look to IBM for these solutions to help improve service delivery and overall business performance while helping to save time, labor and expense.
Read more about the acquisition here: http://www-03.ibm.com/press/us/en/pressrelease/32026.wss
Kelly Schupp 06000132TN firstname.lastname@example.org Tags:  compliance-management ism-jams security tivoli compliance insider-threat identity ibm management iss 1,159 Visits
On October 13th, speakers Jeff Crume, IBM Distinguished Engineer and IT Security Architect, IBM World Wide Tivoli Tiger Team and Jim Goddard, Business Development Executive, IBM Internet Security Systems addressed issues around Mitigating insider threats through proactive identity management
We've excerpted the following questions and answers from the live Q&A segment of this Jam.
1. What if I need authentication that is stronger than the userids/passwords?
Both Tivoli Access Manager for e-business and Tivoli Access Manager for Enterprise Single Sign-On support second factor authentication mechanisms such as smart cards, one time password tokens and biometrics.
2. How does the security logging work to ensure collection and analysis is done in a forensically sound manner?
One of the most important aspects of log analysis is to ensure that any analysis does not occur on the original log file. Tivoli Compliance Insight Manager does that by archiving the original log file thereby not contaminating the event source. This is something often overlooked with custom code.
3. If a user's SSO password is compromised, are all his applications now accessible via that account and password?
It is likely that users are already using one password for all their accounts in order to minimize the complexity of password management so this risk already exits. However, another option to minimize the risk is to use a second factor to strengthen authentication.
4. What are some of the ways to recertify access?
Tivoli Identity Manager comes with pre-built workflows to perform a recertification of all users for a given service. You can configure the actions to take such as deactivate or mark only if a user or manager does not recertify the account.
5. Was What kind of PII (personally identifiable information) is stored within the Identity Access Management (IAM) solution?
Whether information is considered PII must be judged at a local level based on regulations and policy. However, some elements the personnel feed will include might be name, country and address. It is a best practice to not include sensitive information in the feed such as social security numbers.
6. What about authentication of a user who logs in from multiple systems at multiple locations?
In some cases this behavior may be desirable but if this is not the case, Tivoli Access Manager for e-business has a Session Management Service which can be configured to restrict simultaneous logins.
7. Does TIM work with Domino Servers?
Yes. Tivoli Identity Manager also supports provisioning email accounts on Microsoft Exchange as well as many other IBM and non-IBM applications, data bases, operating systems, etc.
8. Is there a Best Practices Guide available for customers to use as a roadmap for planning a security deployment?
IBM Redbooks are an excellent source of practical information on best practices for configuring, customizing and implementing Tivoli security solutions. The full set of documents can be found at www.redbooks.ibm.com or an informal listing of Tivoli security-related content can be found at extranet.lotus.com/crume.
You can access the replay, podcast and PDF slides by registering here: http://ow.ly/vrjx
About ISM Jams
IBM Service Management Jams are weekly webcasts that address the hottest service management topics on a variety of levels from technological thought leadership to product tips and tricks. Jams air Tuesdays at noon EST, are available on-demand within 24 hours and are accessible for one year. ISM Jams are led by Wendy Whalen, ISM Jams Program Manager, Tivoli.
"It's the eye of the tiger, it's the thrill of the fight" EMA sees a promising future for the IBM Security Tiger Team
Lauren Mullins 270000QCXM email@example.com Tags:  data-security cloud cloud-security security virtualization pulse single compliance-management risk-management sign-on application-security compliance encryption key-management risk insider-threat management identity-management 1,587 Visits
IBM is rising up to the challenge to meet customer needs of purchasing integrated security solutions with its recently announced IBM Security Tiger Team. Last year IBM announced its security framework in order to unify its security message to the market. Now, IBM has made a bold move by creating a cross IBM Security Tiger Team, run by Kent Blossom, Vice President IBM Security Solutions. The Tiger Team will sell the entire set of IBM security capabilities spanning software, hardware and services, represented in the IBM Security Framework. The team will assess risk and compliance issues facing their client's business and develop the IBM solution to move a client into a secure environment. EMA says, " For IBM, this is an important step toward revealing the company as the large and powerful security vendor it truly is."
You can access the EMA article here (it will require registration):http://ow.ly/umqk
Kelly Schupp 06000132TN firstname.lastname@example.org Tags:  risk compliance encryption virtualization cloud-security security identity-management single sign-on management application-security pulse cloud data-security key-management 1 Comment 1,940 Visits
Today I spoke with Jeanette Fetzer, who is leading the security, risk and compliance management track at Pulse 2010. The topic of our discussion was the Call for Papers that is taking place now for Pulse 2010. Jeanette is looking for customers, partners and analysts to submit proposals. See below what will catch Jeanette's eye when submitting abstracts.
What are hot topics in the area of Security, Risk and Compliance Management right now? Which topics would you really like to see presented at Pulse?
Security, Risk and Compliance Management is a broad topic area that covers managing people and identities, securing applications and information as well as the infrastructure. We plan to have a variety of topics on the Pulse agenda that spread across this spectrum. Some hot topics we know customers want to exchange ideas on include Privileged Identity Management, Role Management, Application Security, Data Security, Virtualization and Cloud security, Encryption and key management and datacenter security. Last year, we witnessed some really valuable exchanges in the sessions where presenters shared how technologies like Federation or Single Sign On helped reduce costs in their businesses or extend their business models cost effectively.
Who are good candidates for submitting abstracts? And why?
We are interested in abstracts from customers, partners and analysts who are familiar with today's security challenges and how IBM's security solutions help to address those challenges. We'd like speakers who can share real world experience from selecting the IBM solution to implementing it with their fellow attendees.
What are you looking for in a good proposal?
A good proposal should have a strong title that is indicative of the content of the session. The abstract should offer in 150 words or less some insight into the security and enterprise challenges you faced and how you solved them with IBM security solutions. Please try to steer clear of using lots of acronyms. You may wish to highlight your industry or the size of your deployment or some exciting statistics about your implementation like number of users, employees or customers served, managed systems, geographic locations involved in your deployment or cost savings anticipated or realized. Attendees are interested in best practice and "lessons learned" discussions as well as some sharing of architecture ideas.
What are the benefits of submitting an abstract for Pulse?
Your paper may be published in the Pulse 2010 proceedings and you will have the opportunity to present as part of the formal agenda. All accepted client speaker submissions will receive a full conference pass* ($2195 value) and admission to our on-site VIP client lounge. For more information on submitting abstracts for Pulse, visit http://ow.ly/r4ej