1 / 20

IBM Tivoli Security for Cloud Solutions in 2010

IBM Tivoli Security for Cloud Solutions in 2010. Chip Crane Solutions Architect Security Specialist IBM Software Group wcrane@us.ibm.com. Today: Cloud is seen as Risky. Many Forms of data… Structured Unstructured Images Video, Voice. Protecting Data At rest

Download Presentation

IBM Tivoli Security for Cloud Solutions in 2010

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. IBM Tivoli Security for Cloud Solutions in 2010 Chip Crane Solutions Architect Security Specialist IBM Software Group wcrane@us.ibm.com

  2. Today: Cloud is seen as Risky Many Forms of data… • Structured Unstructured • Images • Video, Voice • Protecting Data • At rest • In motionthroughout transaction Cloud Stored in different ways on many devices… • Cell phones • Laptops • PDAs,iPods • Briefcases With Many Forms of Travel… • Digital • Voice/audio • Cut and paste, IM • Paper, Fax Coffee Shop Hotels Home Business Partners Supply Chain

  3. Evolving Threats: more sophisticated, motivated attackers • Expanding e-crime • Big business driven by profit • Innovation to capture new markets (victims) • Victim segmentation and focus • Stealth is the new “black” • Rate of attacks is accelerating • Attacks more malicious • “Designer” attacks

  4. Balancing agility, cost, and effectiveness Cost Effectiveness Agility Cost of Security and Compliance Controls Effectiveness of controls Operating Agility # controls

  5. Network, Server, & Endpoint Data & Information People & Identity Physical Infrastructure Application & Process Security Governance The unparalleled needs across domains People and Identity Data and Information Application and Process Each domain has a distinct security lifecycle. IBM uniquely secures assets across their lifecycle in all IT domains that impact business processes. Network, Server, and End-point Physical Infrastructure End to End Business Process & Dependencies Secure Development Tools Security Method Enforcement Web Application Scanning Application Firewall SOA & XML Security Digital Video Surveillance Smart Surveillance Solns. RFID solutions Enterprise Asset Mgt. Physical Security Identity & Access Mgt Federated Identity Mgt. Trusted Identity Identity Provisioning Identity Proofing Database/Content Mgt Content Monitoring Data Governance Data Encryption Solns. Storage Management Intrusion Detection Vulnerability Mgt. Event Correlation Change & Config. Mgt Security Compliance Scan

  6. IBM Security Framework IBM Security Solution Areas

  7. Cloud Computing & Application Security - SOA Tivoli Access Manager Goals • In an SOA environment, provide secure access and federate identity across these services • Externalize core security services from the application • Ensure security administrators make changes NOT developers. • Ensure changes to security are auditable IBM solutions • Tivoli Federated Identity Manager • Tivoli Identity Manager • Tivoli Access Manager eBusiness & ESSO • WebSphere Enterprise Service Bus ( ESB) • WebSphere Message Broker • WebSphere DataPower

  8. Security Compliance Aligning IT security to business priorities Our Value • Quickly prove that only the right people are getting access to your sensitive business data • Effectively collect and report on all of the audit-relevant events, alerts and logs generated in your infrastructure every day • Validate that all systems, including System z, are securely configured • Tivoli Solutions • Tivoli Security Information & Event Management (TSIEM) • Tivoli Compliance Insight Manager (TCIM) • Tivoli zSecure Suite • Tivoli Security Compliance Mgr Cross-Brand Solutions • IM DB2 Audit Management Expert (AME) and Entity Analytics

  9. Identity & Access ManagementManage users, identities, access rights, enforce & monitor user activity on all IT systems Our Value • Provisioning: Quickly setup and/or recertify user account access across all platforms, including System z • Quickly locate and manage invalid user accounts • Productivity: Increase user productivity through convenient yet secure single sign-on support • Access and Audit: Control access to applications consistently, across enterprise, web, and SOA-based applications. • Tivoli Solutions • Tivoli Identity Manager v5 • including key partnerships • Tivoli Access Manager family • Tivoli Federated Identity Mgr • Tivoli zSecure Suite

  10. Our Value Consistently control access to both structured and unstructured data across all environments, including System z Data & Information Security Data Security Protecting a critical enterprise asset Tivoli Access Manager (with FileNet), Tivoli zSecure DLP (Partnership), Records Crawler, IBM Classification Module Encryption, Key Lifecycle Management Cross-Brand Solutions • IBM FileNet • ISS partnerships for Data Leakage Protection • IM DB2 AME and Entity Analytics Tivoli Solutions • Tivoli Access Manager • Tivoli zSecure Suite • Tivoli Key Lifecycle Manager (2008)

  11. Application SecuritySecurity policy management for an application from creation through production. The Value • Consistently and auditably control access to all of my applications – enterprise, web, and SOA-based • Shield developers from changes to security policy (authentication, etc.) • Protect against the most common application-level vulnerabilities Cross-Brand Solutions SOA: WebSphere (ESB, WSRR, WAS, Portal Server, WPS Enterprise: Rational AppScan and WebXM Tivoli Solutions • Federated ESB (‘identity-aware’) • Tivoli Federated Identity Manager • Application Vulnerabilities • Tivoli Access Manager

  12. Security Information & Event Management Infrastructure Security ManagementComprehensive threat and vulnerability management across networks, servers and end-points The Value • Detect and manage network, host and endpoint threats and intrusions • Centrally manage and monitor security operations Hosted environment Local area network (LAN) Perimeter Web server Mail server Cross-Brand Solutions • ISS SiteProtector and partnerships for Data Leakage Protection Tivoli Solutions • Tivoli Security Information & Event Management • Tivoli Compliance Insight Manager • Tivoli Security Compliance Mgr

  13. Present IAM for Most Companies

  14. Future IAM For Your Customers

  15. Users wait up to 3 weeks for activated accounts ProvisioningNew Users 30-60% of existing accounts are invalid De-Provisioning Users Current Business Process Inefficiencies Help Desk costs $20 per call for password resets, up to 50% of calls related to password resets Managing Users Up to 30% of development time is for controlling access to applications and data Deploying New Initiatives 100+ user data sources at typical firm provide out-of-sync, untrustworthy, identity data Reconciling User Data Many new privacy and regulatory requirements around the world Protecting Trust Fixing these allows you to: Improve Security, Lower Costs, and Increase Revenues

  16. Tivoli IAM Business Benefits Tivoli Access Manager ESSO: • Simplifies the end user experience and improves time-to-information by eliminating the need to remember multiple user names and passwords • Facilitates compliance by tracking and collating user access • Enhances security by eliminating poor end user password behavior and seamlessly integrating strong authentication form factors • Reduces Help Desk costs by lowering the number of password reset calls

  17. Tomorrow: Cloud is seen as Safe Today: Cloud is seen as Risky Many Forms of data… • Structured Unstructured • Images • Video, Voice • Protecting Data • At rest • In motionthroughout transaction Cloud Stored in different ways on many devices… • Cell phones • Laptops • PDAs,iPods • Briefcases With Many Forms of Travel… • Digital • Voice/audio • Cut and paste, IM • Paper, Fax Coffee Shop Hotels Home Business Partners Supply Chain

  18. Questions? z z z z z z z

More Related