One of the trends that we are seeing today is the convergence of security management and systems management.The better job you can do managing your infrastructure, the better equipped you will be to define and enforce security policies and controls across that infrastructure.There are few places where this convergence is more evident than the endpoint.
As the notion of a perimeter disappears, and we see the continued proliferation of an increasing number of traditional and non-traditional endpoints, such as servers, desktop PCs, laptops, ATMs, point-of-sale devices, and self-service kiosks, organizations are looking for a comprehensive approach to how they best manage and secure all of their endpoints.This includes, but is not limited to, identifying all of the endpoints that you have in your environment, managing the complete lifecycle of that endpoint, providing continuous security and compliance, effectively deploying patches in a timely manner and finally, managing the power usage of that endpoint.
Tivoli Endpoint Manager, built on BigFix technology, can address all of those needs, but in this blog, I want to focus on that last piece of the conversation, because it is one that does not immediately come to mind when people are typically thinking about the most critical elements of managing an endpoint.However, we have seen that effective power management is something that can actually pay for all of the other benefits that Tivoli Endpoint Manager can provide.You can ultimately end up saving money, the environment, and in the process, deploy critical security and systems management controls across all of your endpoints (even the ones you didn’t originally know you had).
In a recent article (click here), Penn State wrote about their deployment of Big Fix (now called Tivoli Endpoint Manager) and indicated that it could save them about $800,000 annually.At a large university like Penn State, they have thousands of computers that can be included in their power management initiative, and many of these computers are only heavily used during peak hours.Tivoli Endpoint Manager allows the Penn State IT staff to automatically put these computers in sleep mode when they aren’t in use.They are anticipating not only a significant ROI (about $800,000 annually), but are also hoping to reduce the amount of carbon dioxide released into the atmosphere by 60,000 tons.
One of the objections that people often bring up when it comes to power management for the endpoint is that it can interfere with the patch process.This is one of the areas where the convergence of security and systems management is so important.The policies that you create and enforce from a systems management perspective need to work hand-in-hand with the policies related to security management.For that reason, Tivoli Endpoint Manager was built on the core concepts of convergence, scalability and granular policy setting.It allows an IT staff to automatically wake computers at a designated time, apply required patches or enforce configuration policies, reboot, and then bring the endpoint back down to a hibernated, low energy state, or shut it down altogether.
The Chichester School District (click here) provides yet another great example of power management savings. This regional school district in Delaware County, Pennsylvania, manages more than 2,000 Microsoft Windows desktops and 50 Microsoft Windows servers throughout a six-school network.The Chichester School District implemented energy conservation using the power management capabilities of Tivoli Endpoint Manager to help reduce computing energy costs by 70 percent. Their IT team also uses the distributed “Wake-on-LAN” functionality to distribute and install patches to those machines that are turned off at night. This allows for a reduction of energy resources and confirms machines are securely patched—without impacting employee productivity.
The integrated patch and power management capabilities of IBM Tivoli Endpoint Manager provides IT staff with real-time information on remote endpoints to simplify patch processes, conserve energy and reduce on site troubleshooting.
So, I was at Pulse this year and was the source of a pretty constant ridicule for carrying around what felt like a fifty pound laptop bag.It was horrible, and inconvenient, and not even effective.I had hard copies of schedules that were out of date about 30 seconds after I clicked print.By the end of the conference I had calluses on my fingers and I couldn’t walk more than about ten steps without having to change hands.It was really a constant reminder that I need to go to the gym more.
Anyway, interestingly enough, most vendors in the endpoint security space have basically adopted this same approach in designing their technology.Incoming attacks get blocked by signatures, and in order to keep you “prepared,” some companies just create and update these huge signature files, shoot them across the network, fold their hands and hope they get properly installed, and then get right back to work because the files they just sent are more or less immediately out of date.I can tell you from experience that lugging around a bulky bag of incomplete, outdated information is no way to do your job.It’s also no way to keep your employees, and by extension, your company, ahead of threats.
What companies need to do is focus on what a defense-in-depth of the endpoint would really look like.It means you need a lot of things.You need to have antivirus and firewall protection.You need a patch process that actually works.You need centralized policy management that is easily enforceable.And, of course, you need all of this in real-time.Until recently, that also meant you needed a lot of aspirin.
With its acquisition of BigFix last July, IBM basically invested in the convergence of security and systems management, two pieces of the operational infrastructure that will continue to become more intertwined.You can’t just write the policy, or obtain the patch, you also need to be confident that these changes and updates are continually being enforced at every single endpoint.Try automatically applying patches to computers that aren’t turned on and you’ll pretty quickly understand why convergence is so important.
Up until this week there were four offerings that were part of the Tivoli Endpoint Manager suite of products, all of which are managed under the same roof.We have solutions for lifecycle management, security and compliance, power management and patch management.This week, we were pleased to announce Tivoli Endpoint Manager for Core Protection, a solution designed to add another layer of depth to your endpoint security posture.Tivoli Endpoint Manager for Core Protection is the result of the relationship between IBM and Trend Micro, and offers the real-time, lightweight threat protection that other endpoint security solutions can’t really compete with.
I spoke earlier about how other vendors were sending these huge signature files across their network, files that were outdated before you even figured out how to install them on your PC.Tivoli Endpoint Manager for Core Protection is different because while it does employ the use of some signature files, it also leverages the cloud to reduce the amount of information that needs to be sent across the network and also provides the real-time protection that static signature files cannot.As the cloud is updated with the latest threat information, so too are all of the endpoints that are in conversation with that cloud.
This has proven to be extremely effective. In a recent third party test, the Trend Micro technology blocked 100% of all incoming malware (the second place competitive product came in at 77%) by taking a multi-layer approach. Nearly all (97.5%) of the malware was detected and blocked in the first layer (URL reputation) and the remaining pieces of malware were blocked in the two subsequent layers of defense. Now, here's where it gets even more impressive. An hour after the original test, they again tested just the malware that got through URL reputation, but this time it did not get through even that first layer of defense. This is protective technology that is updating and hardening its defenses as new threats come in.
I don't think I really need to explain the importance of endpoint security to anyone reading this. We all have different things at stake, whether it's your back accounts, your music collection, confidential information for work or even just a photo album. What I can say is that 77% isn't good enough when it comes to protecting any of those things.
The strength of Tivoli Endpoint Manager is that it combines first-rate security with the systems management capabilities needed to ensure that protection is deployed across the entire infrastructure. When it comes to endpoint management, it's about no longer looking at technology in silos, it's about understanding why and how we can integrate different complementary offerings. Tivoli Endpoint Manager is built on that philosophy.
For more information about Tivoli Endpoint Manager, please visit:
Today's post comes from Sandy Hawke, Manager IBM Security Solutions.
I recently presented to the ISACA community on a live webinar. I focused the discussion on how to leverage automation to improve endpoint security and compliance. The archived webinar is available here. Just as a brief background, ISACA is an international professional association that focuses on all aspects of IT Governance and has over 95,000 members worldwide.
The online event drew a pretty substantial audience which is good, and yet a bit surprising in two key ways. First of all, many of the recommendations I made to the audience were not radically new concepts, but basic foundational controls that all security professionals agree are critical for achieving and maintaining solid security and demonstrable compliance. So haven't they heard this story before?
Maybe not. And that's the second observation. Most of the ISACA membership is in the IT audit/Risk Management line of business. While they're not the folks who are implementing security technologies on a daily basis (i.e. "hands at keyboards")- they are keen to understand how security is implemented, how it works, how automation can be used to facilitate audits, etc. And that's the new trend we've been witnessing. While the audit team knows what the policy controls should be, they may not know if/how these controls get enforced, maintained, monitored and reported on- essentially how security is "operationalized." The more that they know what's possible with respect to security operations and automation, the better they'll be at knowing what questions to ask IT operations during audits, what technologies to recommend, etc.
Years ago, the IT Audit/Risk Manager organization and activities were kept quite separate from the IT Operations/IT Infrastructure teams. And at the time there were pretty good reasons to keep these groups as distinct as possible- you've all heard of "keeping the fox out of the hen house" analogy, right? The IT Audit/Risk Mgmt teams could set and enforce policy and conduct assessments that wouldn't be influenced by the operations staff. Well, with the advent of converging technologies, economic trends, and the increased importance of measuring security investments and compliance program- in real time, these groups are coming together. More so than ever before.
And technologies that can foster that type of trust, cooperation, and collaboration are indispensable.
When IBM first kicked off the Dynamic Infrastructure announcement at Pulse 2009 conference, we heard some rumblings on whether Dynamic Infrastructure was just another executive buzzword or if there was real meat behind "the concept."
Doug McClure summarized the feeling well in his blog: “While this is great for executive level folks, I think we needed to drive this message into consumable and actionable things that lower level technical attendees could take back to their companies. They may be the ones who need to execute and show how previous or planned investments could help their company become smarter and more dynamic.”
After IBM’s announcement yesterday on new Dynamic Infrastructure offerings, critics will be hard-pressed to wonder whether Dynamic Infrastructure is actionable.Not only did IBM announce new products and services in the areas of Information Infrastructure, Virtualization, Service Management, and Energy Efficiency, but they also demonstrated how these solutions are helping three of our clients--the Taiwan High Speed Rail Corporation, Tricon Geophysics and the United States Bowling Congress--build new, more dynamic infrastructures to help reduce costs, improve service and manage risk.
A key piece of the announcement is the IBM Service Management Center for Cloud Computing, which now includes new IBM Tivoli Identity and Access Assurance, IBM Tivoli Data and Application Security, and IBM Tivoli Security Management for z/OS, for Cloud environments. I don’t know about you, but all that’s more meat than this vegetarian can handle. :)
To continue driving home the Dynamic Infrastructure success, IBM is sponsoring a variety of events for the public to learn more. Register for a free, local Pulse Comes to You event to see how Service Management is a key component for enabling a DyanmicInfrastructure for a Smarter Planet.
What is IBM Tivoli Software? We know you want the short version. Steven Wright of Tivoli Software breaks it all down for us in less than 7 minutes on a white grease board. Check it out while you have your morning coffee, afternoon tea, or while you get your miles in on the treadmill or trail with your smart phone. Then visit ibm.com/software/tivoli for more details on how IBM Tivoli Software can help you run a smarter business. .
Today's post comes from Perry Swenson, Market Manager, IBM Security Solutions.
IT departments at financial services firms are under tremendous pressure to ensure servers, desktops, mobile devices and other endpoints are secure and compliant. At the same time, they’re continually looking for ways to save time and resources in areas like software licensing, patch management, asset inventory and security configuration. IBM Tivoli Endpoint Manager, built on BigFix technology, is helping these firms better understand and manage the status of their endpoints, regardless of where they’re located.
In the below video of Nate Howe, VP of Risk Management at Western Federal Credit Union talks about how Tivoli Endpoint Manager provides real-time patching for operating systems and third party applications and utilities. With over $1.4 billion in assets and 32 branches in 10 states serving more than 120,000 members nationwide, Western Federal Credit Union is one of the leading credit unions in the United States. Nate explains that they now have a single view into all aspects of the systems and security for their 400 employees, 100 servers and 2 data centers, including a better inventory of installed software. And, they can do more with fewer people, which enables them to focus less on infrastructure and more on business applications and enabling business automation.
Another customer that’s realizing benefits from Tivoli Endpoint Manager is SunTrust Banks, Inc. Based in Atlanta, SunTrust enjoys leading market positions in some of the highest growth markets in the United States and also serves clients in selected markets nationally. SunTrust has a highly distributed environment with nearly 1,800 branch locations and no local IT resources at most of those locations. Using Tivoli Endpoint Manager, SunTrust now maintains a 98.5 percent patch and update compliance rate. They’ve also decreased update and patch cycle times from 2-3 weeks to 2-3 days while increasing productivity through automation. Read the SunTrust case study here.
By enabling improved endpoint visibility and new levels of automation, Tivoli Endpoint Manager is a powerful solution to help financial services firms enhance their security and compliance.
It almost goes without saying, but, hey, I'll say it anyway...Security is top of mind for everyone these days, no matter your industry, no matter the size of your organization - and even on a personal level, too. You certainly don't have to be a security manager to be concerned about security, particularly internet security.
Case in point: Which of the following internet vulnerabilities is keeping you up at night these days?
Perhaps a more precise answer would be "All of the above plus a few more."
So, how can you stay ahead of these types of threats - understanding what the most critical and recurrent vulnerabilities are and what you can do to prevent them? One excellent source of emerging information is the IBM X-Force Research and Development team. For more than a dozen years, these security specialists have tracked well over 40,000 different vulnerabilities, from Trojan horses to malware to Web spoofing, and documented them in the world's largest and most comprehensive threat database.
The IBM X-Force researches and monitors the latest internet threat trends, develops security content for IBM customers, and helps advise customers and the general public on how to respond to emerging and critical threats. Twice a year, the team releases a detailed report discussing the latest security complexities. These reports are far more than just abstract information. They are actionable intelligence, designed to lead to more comprehensive security and a better business outcome. Take a look at the latest report.
For more information about how the IBM X-Force research can help your organization (and perhaps even keep you from losing sleep worrying about security threats), check out this Service Management in Action article.
Signing off for this week,
Your friendly roving Integrated Service Management reporter
Today's post comes from Vidhi Desai, Market Manager, IBM Security Solutions.
Today’s business environment calls for information sharing at an unprecedented scale. Sensitive information is shared between organizations, end consumers and even business partners. The biggest challenge that organizations face in doing so, is how to ensure that sensitive information is securely shared with different parties and that the right people are accessing the data. With the adoption of cloud and Software as a service deployment models, ensuring secure access is even more critical and challenging.
Consider a scenario where a government agency needs to share information with different agencies, local governments, citizens or even with other business entities (eg. Revenue agency that needs to share information with citizens and other entities like a tax preparation service). If one of the entities is operating in a public cloud environment, its becomes critical for government to ensure that right person is accessing the right data without sacrificing privacy, security or scalability (party requesting information really is the government revenue agency or tax preparer they claim to be).
Over the past couple years, we have seen how the US government has taken steps to ensure secure sharing of data between agencies with regulations such as FISMA, which was introduced in 2002, bringing attention to the critical nature of cyber security and its impact on national security.
Identity is at the core of any information sharing transaction. Hence whenever an individual attempts to access secure online sites or web portals, their identity has to be verified to ensure they are authorized to view that data. Additionally from the end user or citizen’s perspective, they should be able to set up their identity once and then log in to multiple systems without having to log in multiple times.
Federated identity management is the solution which enables multiple applications to share user credentials based on trust. This is especially critical in supporting cloud deployments for secure information sharing across private, public and hybrid clouds. With federated SSO, users can log on to the sites of multiple businesses and organizations by using the same user id and password, hence gaining a seamless and secure entry to multiple applications.
Tivoli Federated identity manager from IBM is an access management solution that provides web and federated single sign on to end users across multiple applications resulting in improved user experience. Tivoli Federated Identity Manager enables central management of access, enhanced user productivity and facilitates trust by delivering single sign on across separately managed infrastructure domains, both within an organization and across organizations.
Today's post comes from Veronica Shelley, Market Manager, IBM Security.
With IBM's October 12th SmartCloud launch, perhaps you're considering cloud computing for your organization. After all, the benefits of cloud computing are well known. Cloud computing is flexible, scalable, and cost-effective, and it's a proven delivery platform for providing business or consumer IT services over the Internet. Cloud computing can help you cut costs and IT complexity, provide new services to customers, and streamline business processes. Cloud computing is gaining in popularity and may be the wave of the future. Yet, many organizations hesitate to get started due to security concerns and confusion over how to get started.
Perceived risk versus actual risk
Cloud computing may seem new, but the fact is companies have been outsourcing services and technology for years. Providers already deliver hosted technology offerings that are located off-site with client access via the Internet. This is a common scenario for services such as remote storage or hosted email and other software as a service (SaaS) solutions. And just because companies may give up some control to the provider when they move to a cloud-based environment (just as they give up some control in any outsourced arrangement), it doesn't mean they have to compromise on security. By asking the right questions and adequate preparation, companies can build a "trust and verify" relationship with the cloud provider they are working with.
Questions to ask to ensure cloud security
It's important to remember that the same factors apply to ensuring security whether it is cloud-based or within a traditional IT infrastructure. The key difference in the cloud model is that it includes external elements, and those elements will be managed by the cloud service provider. This means companies need to understand the environment beyond their own data center and consider how it impacts the organization from a security standpoint. To help ensure security and peace of mind, as well as a good working relationship with the cloud provider, the client company should always identify and prioritize cloud-specific security risks beforehand. Often, companies will find they have the same amount of control, if not more, with a cloud service.
There are specific tactics an organization can use to enhance cloud security. For identity and access management issues, companies need to control passwords, support privileged users and enable role-based access to these cloud services. With data protection, a key concern is knowing whether or not a company's hosted data is secure, especially if data from rival companies is also being stored on the provider's cloud service. Companies should also ensure the cloud provider is deploying antivirus software on all supported systems that could be exposed to attacks, and ensuring that selected programs can identify and protect against malicious software or processes. From an auditing and monitoring perspective, companies need to determine how the cloud provider is testing and monitoring the infrastructure to meet legal and regulatory requirements.
Reaping the benefits of cloud
Organizations interested in reaping the benefits of cloud can best begin by understanding the security ramifications of a cloud deployment to their business, keeping in mind they can start small by deploying cloud in low-risk workload areas like email services. This easing-in process gives organizations valuable time to become familiar with cloud on a scale that's simpler to grasp and doesn't put them at increased security risk. And as familiarity of cloud and trust in the provider grows over time, companies can expand their use of cloud computing into other areas of business. By following this gradual path, companies can start enjoying the benefits of cloud in a way that's safe and secure.
Today's post comes from Vikash Abraham, Market Manager, IBM Security.
Virtualization has proven its business worth as a technology, however there is still limited understanding about how to secure it. To many, the question still remains - why do virtual environments need separate security when we have already secured the physical environment i.e. physical servers and the network in a data center. To answer this, it is essential to understand that the virtual environment creates a totally new layer above the physical server, which in turn, acts like a mini data center with all the complexities of multiple virtual machines, hypervisors, virtual networks and virtual appliances. The biggest risk that comes with a virtualized environment is the lack of visibility into it. Thus even if the environment is being attacked it isn’t necessary that the administrators are aware of it. Hackers are also excited with the hope of unveiling a set of new vulnerabilities that this environment could come with.
Having realized this risk of vulnerability and possible loss of millions-worth of data, the PCI Security Standard Council has come up with compliance guidelines for virtual environments. In June 2011, PCI group released ‘PCI DSS Virtualization Guidelines’ that broadly describes aspects that need to be considered while securing a virtual cardholder data environment. The guidelines consider the new entities that pop up with virtualization, such as Hypervisors, Virtual Machines, Virtual Appliances, Virtual Switches or Routers, Virtual Applications & Desktops and provide the virtualization considerations across the 12 PCI DSS requirements.
It is clear that a new approach to security is required, with concepts like ‘secure by design’ making further sense in this multilayered environment. Also, a specialized security solution would be needed to provide visibility, control and proactive protection. The solution needs to protect all entities of the virtual environment and monitor data that is being shared between these entities.
While securing virtual environments, the physical components of the data center should not be ignored. These physical components should continue to be secured as it would have been prior to virtualization. The PCI guideline points out that to ensure total security, the entire infrastructure hierarchy needs to be secured. This means that even if only one Virtual Machine (VM) is carrying cardholder data, both the hypervisor and the physical server need to be secured. Since the VM sits on the hypervisor and the physical server, a compromise to either of them can lead to the VM getting compromised.
Also with the increasing buzz around Cloud computing and Cloud-based service offerings, there would be further security requirements and considerations that need to be implemented to create a secure Cloud based cardholder data environment. However, if Cloud is considered as the next level of virtualization, the additional security required would be on top of the current virtualization considerations.
An enterprise would one day need to move on to the virtualized environment, considering the pressure to carry out continuous optimization and increase utilization. This would also mean that the ever growing cardholder data would need to move into this environment. The current deterrents that hinder this move are the lack of understanding of the environment and its security requirements to achieve a PCI compliant datacenter. However, sooner or later, the compelling business advantage of virtualization would push a CIO to take that leap.
Today's post comes from Anne Lescher, Product Marketing Manager, IBM Security.
Many enterprises run their mission critical application workloads on their mainframe systems. They would like to centralize their application security controls, security policy enforcement, data protection, auditing reporting and compliance management for a consolidated view of security. They are looking for smarter security intelligence that will help them leverage the mainframe as their enterprise security hub.
IBM Security zSecure suite V1.13 consists of multiple individual components designed to help you administer your mainframe security server, monitor for threats, enforce policy compliance, audit usage and configurations, and assist in compliance management and audit reporting.
• IBM Security zSecure Admin, Visual, and CICS Toolkit provide administrative, provisioning, and management components that can significantly reduce administration time, effort, and costs, and help improve productivity and response time, as well as help reduce training time for new administrators.
• IBM Security zSecure Audit, Alert, and Command Verifier provide security policy enforcement, audit, monitoring and compliance management components. These offerings help ease the burden of compliance audits, can improve security and incident handling, and can increase overall operational effectiveness.
New Security zSecure suite V1.13 capabilities offer enhancements for DB2, CICS, and IMS application security auditing that:
• Automates security analysis of CICS and IMS transactions and programs
• Provides automated determination of which System Authorization Facility (SAF) classes are being used by each active IBM DB2, IBM CICS, or IBM IMS subsystem
• Enhances Access Monitor and allows you to improve data consolidation
• Allows annotating userid displays with data from external human resource files such as department and employee number
• Adds globalization enhancements to support international language support and auditing
• Allows addition of your own sensitivity classification, audit concern, and priority to data set names and general resources
• Supports currency with z/OS V1R13, ACF2 R14 and R15, CICS V4R2, and Top Secret R12, R14, and R15
• Extends integration with Communications Server and provides various interface improvements
Today's post comes from Anne Lescher, Product Marketing Manager, IBM Security Solutions.
As the mainframe continues to extend support for
consolidated workloads on System z, enterprises should strongly consider
utilizing the mainframe as their enterprise data and security hub. Mainframes are uniquely able to protect
information with a rich collection of encryption capabilities that includes
self-encrypting tape and disk storage for data at rest, in addition to robust
access controls, file level encryption, database encryption, and communication
encryption protocols. Now with the mainframe’s ability to support virtual
workloads, organizations can create cloud environments with protected data
available for shared innovative collaborative ventures.
Encryption is the ultimate solution for protecting sensitive
data. But many practitioners are reluctant to utilize encryption due to
concerns of performance overhead, disruption to their operations and changes
required in their applications, and encryption key management complexity. But
the biggest fear of all is losing all access to encrypted data if the
encryption key is ever lost or forgotten.
In most cases, organizations have less and less choice over
when and how to encrypt information as more and more industries and governments
enact legislation and standards that mandate the use of encryption.
industry via HIPAA HITECH in the US protects sensitive patient
transactions mandate encrypted payment card information with PCI-DSS
financial information must be protected as regulated by SOX, GLBA, etc.
notification regulations include 45 US
states, national laws protecting
their citizens data such as in Italy, the recent rules
changes for the EU Directive on Privacy and Electronic Communications,
So a superior encryption key lifecycle management solution
is essential in order to implement the best end-to-end security which protects
enterprise mission critical data and sensitive personal information.This solution should include standards based
key management and help:
Centralize and automate encryption key management process
Work with hardware based encryption built into a
variety of IT components like self encrypting tape and disk drive
Reduce the number of encryption keys to be
managed through techniques like key wrapping of unique keys per device
Simplify encryption key management with an
intuitive user interface for configuration and management
Maintain performance by using hardware
acceleration and not slowing down data access paths
Facilitate compliance management of regulatory
standards with proof of encryption for safe harbor from disclosure requirements
Leverage open standards like the OASIS standard
Key Management Interoperability Protocol (KMIP) to give the choice of best of
breed components and facilitate vendor interoperability
Operate transparently without requiring code
IBM Security Key Lifecycle Manager for z/OS allows enterprises to fully exploit the security strengths of their mainframes to act as both an enterprise data hub and an enterprise security hub for the consolidated workloads that run on the newest System z platforms.
For more information, you can visit us online here.
Today’s post is brought to you by Veronica Shelley, Product Marketing
Manager, IBM Security Solutions.
A typical user can have multiple log-in and password
combinations, often with different requirements and update intervals. With so
many log-ins to keep track of, users either forget or resort to unsafe
practices (i.e. writing them down) to help remember their passwords. Yet, there
are times when youruser community
simply can’t remember their log-in information. How many calls to the Help
Desk, how many hours of lost user productivity, can be attributed to workers
who can’t log into a particular application or database because they forgot
their password? Precious time is wasted finding, remembering, and resetting
passwords, so this can become a major productivity issue for organizations of
As the number of enterprise applications and access points
continue to increase IBM Tivoli Access Manager for Enterprise Singe Sign-On
(TAM ESSO) delivers a balance between easy access and strong security. This
industry leading access management solution supports a wide variety of
authentication factors (including smart cards, badges, tokens, and biometrics),
meeting the needs of different user groups and industries. TAM ESSO provides single sign-on capabilities,
meaning users have to remember just one password to automatically log into all
their applications and data sources. No more time consuming and expensive help
desk calls, no more frustrated users, no more lost hours of productivity. Users
benefit from fast access to all of their applications, while organizations benefit
from the increase in productivity, security and compliance with security
A few years ago, I worked on organizing an analyst summit for IBM where we announced the (then new) IBM Security Framework.*
Cut to today and the IBM Security Framework is still at the foundation of Smarter security solutions from IBM.
The IBM Security Framework. Visibility, Control and Automation.™
when we talk to customers about how to address their business pains, the fundamentals remain the same even though the technology continues to advance in new directions.
With Cloud and Virtualization in particular, the technology is certainly changing at a pretty fast clip.
Take a look at the fourth video in our series, "Cloud Enabling Your Data Center: Security and the Cloud" where Joe Anthony, IBM Director, Security, Risk & Compliance Product Management, talks about the IBM Security Framework and how it addresses the Cloud and business pains our customers are trying ot address.
The message and the focus of security and the Cloud is still very much rooted in the IBM Security Framework.
As a reminder, the entire video series can be seen using the YouTube Playlist (Get Cloud Ready).
* To be clear, I had nothing to do with building the IBM Security Framework. I was just the project manager for the event. Like Jarvis in the Avengers. (as a side note: one thing I learned about event planning - coffee, coffee, coffee!)
We are increasingly living our lives in online spaces, and as a result, the monetary value of those spaces seems to be rising every day. Billions and billions of dollars are spent every single year on online advertising. One of the challenges is not only making sure that your money is well spent, but also that your spend won't have a negative impact on your brand. If you're wondering how that could happen, think about this: it's estimated that about 10% of all online ads wind up in places they shouldn't be.
I actually had the pleasure of having lunch with Ian Lightstone (CFO ArtsandTV) a few months back while we were originally filming this video. It was my first exposure to the project and I have to say, it's pretty fascinating what they're working on. As someone who spends all their time talking about vulnerabilities and attack types and all the other pieces of the security conversation, advertising wasn't something that came up a lot. SEO attacks are probably the closest I'd ever gotten to thinking about advertising in the context of security. So how does security intersect with advertising?
ArtsandTV is a relatively small company that needed a lot of data. Data is something that IBM has. Specifically, we have one of the largest URL filtering databases in the world (Security Content Analysis SDK). This product is something typically used to enhance existing security offerings, but it is being used a bit differently here. The Project Sunblock team wanted to improve the way advertisers spend their money.
As you can probably imagine, there are a lot of inappropriate websites on the internet, places where you wouldn't want your brand to appear. In addition to the obvious places you want to avoid, there are other places that are more subtle. Imagine you are a bank, and you advertise a lot on some popular news site. One day, that site runs a story about the financial crisis and is extremely critical of the banking system. Despite the fact that you might frequently advertise on this site, you likely do not want your brand associated with that story.
So, ArtsandTV had the algorithms and IBM had the data. The combination of the two became Project Sunblock, an ad spend optimization and brand protection tool. Project Sunblock can help to keep your brand from appearing on inappropriate pages through the use of content and image analysis combined with a real-time decision making engine. This applies to both generally inappropriate sites, as well as the instances of specific articles and stories that you don't want your brand associated with.
One last thing to remember is that 10% figure I cited at the beginning this post. Not only is this solution protecting the image of a brand, it is also a way to get a better return on your investments. That 10% can be better spent elsewhere.
While preventing security breaches is paramount, security administrators are frequently bogged down with tedious, time-consuming, complex day-to-day tasks that divert their attention from security issues.These time-consuming tasks can be reduced by improving security administration processes and automating audit documentation, allowing administrators to focus on innovative extensions to their business applications in order to maximize investments.
Join us for this webcast on July 14th to learn about the new capabilities in Security zSecure suite, Security Key Lifecycle Manager, Tivoli Federated Identity Manager, Tivoli Security Information and Event Manager, and other security products that enhance cloud security on the mainframe.
In this session, you’ll learn how Tivoli Security Management for zEnterprise can help:
·Reduce the cost of administrating security on the mainframe by reducing complexity and using fewer staff resources
·Automate security policy enforcement to implement best practices and compliance requirements
·Analyze data to detect and respond rapidly to the large volume of security events and threats both internal and external
·Proactively handle events with automated closed-loop remediation that closes exposures
·Protect sensitive data and simplify the lifecycle management of encryption keys
·Consolidated cloud security management for zEnterprise
Wait!!! you say. What 's this about new product announcements? Well, of course, that's always the big news at a conference, and this installment of RSA was no different. Welcome IBM Network Intrusion Protection System (IPS) GX7800 to the IBM Security Solutions portfolio! Designed to help enterprises meet the challenges of an increasingly sophisticated and rapidly changing threat landscape, this new offering helps organizations protect their data and infrastructure from unauthorized access and attacks, without compromising on the performance and availability of business-critical applications. Read the press release to get the scoop on IBM Network IPS GX7800.
As you can see, RSA 2011 is proving to be a great lead-in to Pulse 2011, coming to Las Vegas February 27-March 2, where IBM Security will be front and center throughout the conference. In other words, the IBM Security Solutions story is to be continued...
Signing off for now, Your friendly roving Integrated Service Management reporter
When I saw Tom Cross give a talk at Innovate 2010 in June, I was first struck with the nonchalance with which he spoke of the black market business of Internet data. I could not have been more intrigued if I were watching a movie adapted from a John Grisham novel. He seemed to have some emotional distance from what creeps most of us out about our mail. And I’m not even talking about email. I mean the good old-fashioned USPS mail. I KNOW I am not the only one who has worn out a few paper shredders thanks to Citibank, Chase, and the like.
The second thing that hijacked my thought train for more than a few moments was how network vulnerabilities are created for the explicit purpose of learning cyber criminal behavior. Like signing up for as much spam as you can. Sure it makes sense to me now. But I am still vaguely uncomfortable talking publicly about threat and attacks. It seems akin to Batman and the Joker building websites to promote their plans to outsmart the other. What was I not getting? By now I was considering slipping quietly out of the room to silence the voice in my head saying I had been foolish, very, very foolish in my confidence as a clever and vigilant consumer of Internet Things.
Realizing that I had some mental catching up to do, I stayed for the lasting impression that could keep me awake at night: just how easy it is to steal digital data. As I struggled with the impartial irony of how enormous yet simple a cat and mouse game Web App security is, visions of Tom and Jerry danced in my boggled brain.