What's hot in the security market
| Overview |
|
Our clients are grappling with a variety of security issues. Among them are identity management, application security, wireless security and privacy. Learn more about these issues and what we offer to help you address them.
| Identity Management |
|
Why is it hot?
In recent years identity management has become increasingly important, especially in the financial services, healthcare and government industries. Why identity management has emerged as a growing business and IT priority is no mystery. Obvious drivers include the need to protect one’s intellectual property, data brand value and customer loyalty from the potential damage wrought by electronically-based fraud and theft; the desire to cut technical support costs, increase productivity through self-service and enable integration across disparate platforms. Less obvious reasons, but equally important, include the challenges presented by changing environments, such as mergers, outsourcing, federated systems and global infrastructures, as well as industry and government regulations such as HIPAA, Sarbanes-Oxley and Gramm-Leach-Bliley acts.
IBM’s response
IBM offers businesses and government agencies cost effective, integrated solutions that can help to protect your data, computer systems and facilities from unauthorized users, while potentially delivering significant cost savings and helping to enable better integration and compliance.
Typically, identification management tools are ad hoc, disparate and only interact with Web applications and operating systems. IBM's services, however, extend well beyond the usual piecemeal approach by integrating identity (ID) management across the entire enterprise, incorporating users, machines, applications and business processes, as well as "physical" identities that can include biometrics, smart cards and badge readers.
Why IBM?
IBM’s Identity Management services suite is designed to enable a seamless, integrated identity management system that helps reduce the technical costs of supporting multiple systems and identities across your organization, while providing secure access to the right people and ensuring regulatory compliance. Unlike other providers who primarily offer a patchwork of unintegrated point products, the suite is a complete family of services. It covers assessment, architecture and selection of technologies, while covering the entire user lifecycle, from the initial establishment of an identity through its retirement.
Our proven approach integrates best of breed security technologies to bring the desired level of integration to your organization. We can help you facilitate sound identity management and access management functions across your organization, extending beyond your company to customers, partners and suppliers as well. All while working to lower the cost of identity management by reducing the number of different systems, standardizing technology used and outsourcing non-core functions.
Learn more
Identity Management Services is a comprehensive portfolio of capabilities that covers virtually every aspect of identity management — from identity proofing to user provisioning to access control.
Using ID management to make collaboration work discusses how ID management can help you build trust with vendors, suppliers and customers without compromising IT security.
| Application Security |
|
Why is it hot?
Today many criminals work from the comfort of their own homes, hacking into major computer networks and leaving no trace. They can steal your customers’ financial identities, invade your clients’ records and purchasing histories, penetrate your corporate assets and wreak havoc on your entire network infrastructure. Public and private sector organizations around the world are high risk targets for attack and penetration of their IT systems.
These attacks can have a significant financial impact on an organization. Hackers target areas of weakness in the application, middle tier (database) and the infrastructure layers of your IT systems. Gartner has stated that 75% of all attacks on web sites and web applications target the application level and not the infrastructure. The need for application security services is being driven by several factors, including the introduction of Services-Oriented Architecture (SOA), pervasive computing devices, wireless devices, smart cards (EMV) and biometrics.
IBM’s response
Executives are under increasing pressure to ensure that their enterprises are mitigating the risks and making them safe and security-rich. In response, In response, IBM Global Services provides an unmatched range of services, technology and expertise to help you align available security solutions to your areas of risk and then implement those solutions. IBM’s Application Security Services and solutions can help you to develop consistent and sustainable application development processes that include maintaining security as a requirement; test for vulnerabilities and validate your business controls; anticipate and mitigate your security risks; and educate and train your employees on application security.
Why IBM?
Before you launch that new application that allows your customers to access their personal information over the Internet, wouldn’t you like to feel confident that it won’t put you or them at preventable risk of data theft or other security-related problems? This is just one application security-related scenario that IBM can help you prepare for.
The focus at IBM has for many years been one that covers the breadth and depth of the discipline of engineering security into software. IBM, through its numerous product development arms and research laboratories around the globe, has produced some of the most advanced methods, tools and products that cover a broad range of application security aspects. These range from code analysis, testing tools and sophisticated risk management
systems to process engineering, systems and software architecture and security consulting methods delivered by IBM Global Services.
Learn more
An Application security assessment can help you evaluate if your applications and infrastructure meet your security requirements.
Application Security - An Essential Part of your Risk Management Program
Engineering e-Business Applications for Security
| Wireless Security |
|
Why is it hot?
Wireless connectivity provides your employees, clients and suppliers with improved access to your organization. With wireless access, employees can remain “connected” when traveling and your clients and suppliers can more easily interact with your enterprise.
Yet the tradeoff for improved access and greater flexibility provided by wireless is new headaches for your IT department. That’s because having a wireless network increases the potential for unauthorized access to your enterprise data, often resulting in fraud, theft or other mischief. Moreover, since new wireless standards like WiFi, WiMax & 3G continue to evolve, keeping up with those standards remains a moving target.
IBM’s response
IBM’s services are designed to help our clients to identify their regulatory or business deficiencies at the operational level and to build practical, business-prioritized plans to address those deficiencies. We can help you set up and maintain a secure wireless network, one that can keep up with ever-changing standards and take greater advantage of the new opportunities they present.
| Privacy |
|
Why is it hot?
The recent spate of mishaps and malicious incidents involving personal information is raising public concern over identity theft to new heights and spurring a new round of tougher, more specific, privacy legislation. These high-profile cases demonstrate how much harder it is to keep incidents involving personal information out of the press. The ensuing bad publicity can be devastating, and sometimes fatal, to organizations whose businesses rely on public and consumer trust.
Organizations are realizing that having security and privacy policies is not enough – the new business requirement is having good security and privacy practices operational throughout the enterprise.
IBM’s response
IBM is helping our clients make the transition from companies that merely make security and privacy promises to ones that can actually keep them. Our services are designed to help our clients identify their security or privacy deficiencies at the operational level. We can then assist our clients in building practical, business-prioritized plans to address those deficiencies. We also have services to help you build privacy frameworks and architectures that are designed to sustain an optimal privacy approach over the long term.
Why IBM?
IBM's approach goes deeper than a strictly legislation-oriented response. Instead, we focus on the common, fundamental Organization for Economic Co-operation & Development (OECD) privacy principles upon which most privacy legislation around the globe is based. Application of these core principles at the operational level is the best way to effect the necessary paradigm shift, helping you move from being a purely reactive organization to one that naturally "does the right thing" and is well positioned to anticipate and address future changes in legislation and public expectations. Our focus on privacy frameworks and architectures is unique and key to embedding privacy in your organization’s operations in a self-sustaining way.
Learn more
Our one-day Privacy Workshop can help you lay the groundwork for putting sound privacy practices in place.
© Copyright IBM Corporation 2009
 |
| Related reports & papers |
|
|
