Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
IBM Tivoli - Security Solutions for the Cloud
1. Business Unit Designation or other information
Everyday Security:
Simple Solutions to Complex Security Problems
Sean Bergin
WW Sales Director Tivoli Security
Director,
2. 2
Welcome to the smart planet… and a smarter infrastructure
Globalization and
Globally Available
Resources
Billions of mobile devices Access to streams of
accessing the Web information in the Real Time
Dynamic
Infrastructure
Improve Service:
Reduce Cost:
New F
N Forms of C ll b
f Collaboration
ti Manage Ri k
M Risk:
IBM Insight Forum 09 Make change work for you
®
3. 3
Managing risks introduced by new
opportunities
Emerging technology
Virtualization and cloud computing increase infrastructure complexity.
Web 2.0 and SOA style composite applications introduce new challenges with the
20
applications being a vulnerable point for breaches and attack.
Data and information explosion
Data volumes are doubling every 18 months.*
Storage, security, and discovery around information context is becoming
increasingly important.
Wireless world
Mobile platforms are developing as new means of identification
identification.
Security technology is many years behind the security used to protect PCs.
Supply chain
The chain is only as strong as the weakest link… p
y g partners need to shoulder
their fair share of the load for compliance and the responsibility for failure.
Clients expect privacy
An assumption or expectation now exists to integrate security into the
infrastructure,
infrastructure processes and applications to maintain privacy
privacy.
Compliance fatigue
Organizations are trying to maintain a balance between investing in both the
security and compliance postures
postures.
*Source: Pyramid Research, October
2007
IBM Insight Forum 09 Make change work for you
®
4. 4
High-level cloud security concerns
Loss of Control Data Security
y
Many companies and governments Migrating workloads to a shared
are uncomfortable with the idea network and compute
of their information located on infrastructure increases the
systems they do not control. potential for unauthorized
Providers must offer a high degree exposure. Authentication and
of security transparency to help access technologies become
put customers at ease. increasingly important.
Reliability
High
Hi h availability will b a k concern.
il bilit ill be key
IT departments will worry about a
loss of service should outages
occur. Mission critical applications
may not run in the cloud without
strong availability guarantees.
Compliance Security
Complying with SOX, HIPAA
and other regulations may
Management
Providers must supply easy,
easy
prohibit th use of clouds f
hibit the f l d for
visual controls to manage
some applications.
firewall and security settings
Comprehensive auditing
for applications and runtime
capabilities are essential.
environments in the cloud.
IBM Insight Forum 09 Make change work for you 4
®
5. 5
Not all risks are created equal
Frequency of
Occurrences
Per Year Virus Data Corruption
Data Leakage
Worms
W
Disk Failure
frequent
1,000
Application Outage
100 System Availability Failures
Lack of governance
10 Network P bl
N t k Problem
Failure to meet
1 Industry standards
Failure to meet
Compliance Mandates Terrorism/Civil Unrest
1/10
/ 0
Workplace inaccessibility Natural Disaster
infrequent
1/100
Regional Power Failures
1/1,000
Pandemic
i
1/10,000 Building Fire
1/100,000 $1 $10 $100 $1,000 $10k $100k $1M $10M $100M
Consequences (Single Occurrence Loss) in Dollars per Occurrence
low high
IBM Insight Forum 09 Make change work for you
®
6. 6
How would you rate Security as a
business priority?
Select the most appropriate answer
1. Our primary business focus is Control: access to data,
applications & environments
2. Our business focus extends to Visibility: monitoring incidents
and events
3. Our focus extends to include Compliance: audit and prove
performance
4. Security Management is a key business directive and is given
extreme foc s
e treme focus from both an IT and an o erall b siness
overall business
perspective
IBM Insight Forum 09 Make change work for you
®
7. 7
Not all risk is created equally, neither
are all security solutions
solutions…
Find a balance between effective security
and cost
Pressure
Cost
The axiom… never spend $100 dollars on
a fence to protect a $10 horse Complexity
Studies show the Pareto Principle (the 80-20
rule) applies to IT security* Effectiveness
87% of breaches were considered
avoidable through reasonable controls
Agility
Small set of security controls provide a
disproportionately high amount of coverage
Critical controls address risk at every Time
layer of the enterprise
Organizations that use security controls
O i ti th t it t l
*Sources: W.H. Baker, C.D. Hylender, J.A.
have significantly higher performance* Valentine, 2008 Data Breach Investigations
Report, Verizon Business, June 2008
ITPI: IT Process Institute, EMA December
2008
IBM Insight Forum 09 Make change work for you
®
8. 8
IBM provides the business answers you need in uncertain times
with solutions for all IT domains
Improving service managing
service,
risk and reducing cost of
Security without compromise
IBM Insight Forum 09 Make change work for you
®
9. 9
How would you rate Security as an IT priority?
Select the most appropriate answer
1. Our Security focus is primarily on Identity & Access Management
2. Our Security focus extends into Application Security
3. Our Security focus extends into securing information without
negatively impacting service quality
4. We have an extensive Security program incorporated into our IT
and business governance
IBM Insight Forum 09 Make change work for you
®
10. IBM: The only security vendor in the market with 10
end to end
end-to-end coverage of the security foundation
Critical Security Processes
Manage Identities, Access and Entitlement: Process for assuring access to enterprise
resources has been given to the right people, at the right time, for the right purpose IBM Solutions
Protect Data and Information: Capability that allows for granular protection of
unstructured & structured data data leak prevention and acceptable use policy monitoring
data,
Implement GRC Information and Event Management: Log management
capabilities designed to automate the process of auditing, monitoring and reporting on
security and compliance posture across the enterprise
Address Threats and Vulnerabilities: Process and capabilities designed to protect
enterprise infrastructure from new and emerging threats
Assure Software and System Integrity: Process for assuring efficiency and
integrity of the software development & release lifecycle.
g y p y
Manage Assets: Process for maintaining visibility and control over service and
operational assets, and their impact on the business
Manage Change and Configuration: Process for assuring routine, emergency and
out-of-band changes are made efficiently, and in such a manner as to prevent
operational outages
Manage Problems and Incidents: Managed security operations center (SOC) or
in-house Service Desk solutions designed to assure incidents are escalated and
addressed in a timely manner Forensics teams ready to respond to an emergency
manner.
IBM Insight Forum 09 Make change work for you
®
11. New Tivoli Security Solutions solve real 11
customer challenges
Provide efficient and
Identity d
Id tit and compliant access for
Access right people to right
resources at right
g
Assurance
A time
Protect integrity and
Data and confidentiality of
Leading Energy
Application business data and
Utility
transactions from
Security browser t di k
b to disk
Secure and audit
Security
y critical business
Management services with your
most trusted and
for z/OS resilient platform
IBM Insight Forum 09 Make change work for you
®
12. 12
Issues Select IBM Security Offerings
Increasing number of industry and regulatory Audit Readiness Workshops and
requirements Assessments: Security Health check,
Security Workshop, Security Risk
Reputational and financial risks of non- Assessment, Compliance Assessments
compliance
Controls Effectiveness Assessments:
Cost of preparing for audits and assessments Penetration Testing, Regulation-specific
Assessments
Risk & Difficulty determining and documenting
effectiveness of controls Controls and Governance Services: IBM ISS
Compliance Governance Services for compliance and
Management Internal policy violations regulatory se v ces, Information Secu ty
egu ato y services, o at o Security
Framework
Audit findings
Compliance Management and Reporting:
Tivoli Compliance Insight Manager, Tivoli
“How can I improve my zSecure Audit, IBM Compliance Warehouse,
security and IBM Records Manager
compliance risk
li i k Values
posture? How do I
prepare for security Demonstrable policy enforcement aligned to regulations, standards, laws, agreements
audits without a Decreases reputational risk and penalties and fines for non-compliance
significant effort and
also address any y Enables cost effective audit and assessment preparation by automating reporting and
findings or documentation efforts
d i ff
deficiencies?” Provides visibility into controls effectiveness and policy violations, reducing risk of
internal and external threats
Improves security posture to reduce audit findings
IBM Insight Forum 09 Make change work for you
®
13. Which best describes your current Identity & Access 13
Management capability?
Select the most appropriate answer
1. Users sign on to individual applications, minimal infrastructure
exists for security monitoring and auditing.
2. Multiple user registries and access control policies are defined
in multiple places.
3. A consistent practice and a consistent infrastructure for access
control are implemented. Provisioning of account information is
policy based
policy-based and consistently applied.
4. Identity and access management are tied to the employee life
cycle in the organization Automated policy-based
organization. policy based
administration of users' accounts streamlines administration
across the organization.
IBM Insight Forum 09 Make change work for you
®
14. 14
PEOPLE AND IDENTITY
Issues Select IBM Security Offerings
Understanding the identity risk gap Identity Lifecycle Management: Tivoli
Identity and Access Management solution,
Cost of administering users and identities in- Tivoli Security Management for z/OS
house
h solution
Privileged user activity unmonitored High-Assurance Digital Identities: Trusted
Manage Dormant IDs or shared identities being used to
Identity Initiative
Identities and inappropriately access resources Identity Audit: Tivoli Compliance Insight
Manager, Tivoli zSecure Audit
Access Failing
F ili an audit
dit
Identity Services: Identity & Access
Design and Implementation Services, ISS
Managed Identity Services, Identity Risk
and Investigation Solution (IRIS) and
other GBS Security services
“How can my
How Values
business benefit Reduces the cost, increases efficiency and enables audit-ability of managing flow of users
from management entering, using, and leaving the organization
of digital identity?” Decreases risk of internal fraud, data leak, or operational outage
Supports globalization of operations
Enables shift from traditional brick & mortar sales to delivery of on-line services to
customers and partners across the globe
Improves end-user experience with Web-based business applications by enabling such
activities such as single sign-on
IBM Insight Forum 09 Make change work for you
®
15. 15
DATA AND INFORMATION
Issues Select IBM Security Offerings
Data stored on removable media that can be Data Loss Prevention: ISS Data Security and Data
Prevention
lost/stolen Loss Prevention solution
Data stored in the clear is easily accessible Protecting Data at Rest or In Transit: Tivoli
Application and Data Security solution,
Inconsistent data policies WebSphere MQ Extended Security Edition,
Unstructured and/or unencrypted data WebSphere DataPower Appliances
Protect Data Legal, regulatory and ethical exposure f the
L l l d hi l for h SIEM: Ti li C
Tivoli Compliance I i ht M
li Insight Manager, ISS
organization SiteProtector
and Costs of data breaches, notification, brand Data Encryption: Tivoli Key Lifecycle Manager,
Information value encrypted tape and disk drives
Failing an audit Data Classification: InfoSphere Information
“How can I reduce the Analyzer, Cognos,
Analyzer Cognos Enterprise Content
cost and pain Management, Discovery and Classification, , IBM
associated with Records Manager
tracking and controlling Unstructured Data Security: Tivoli Access
who touched what data Manager
when? How do I assure
Data Confidentiality: Optim Data Privacy solution,
that my data is Lotus P
L Protector f M il S
for Mail Security
i
available to the
business, today and Security Services: ISS Professional and Managed
Security Services, Security Event and Log
tomorrow?”
Values Management Services
Reduces the cost increases ability to meet audit and compliance mandates
cost,
Provides a cost-effective way to meet legal discovery, hold and retention requirements
Assures data is available to the right people, at the right time
Assures data is not deliberately or inadvertently taken, leaked, or damaged
Decreases number and complexity of controls integrated within the enterprise
p g p
IBM Insight Forum 09 Make change work for you
®
16. 16
APPLICATION AND PROCESS
Issues Select IBM Security Offerings
Web applications #1 target of hackers seeking to Application Security: Rational AppScan,
exploit vulnerabilities Rational AppScan Malware Scanning, IBM
Web Application Module WebSphere
Increasing number of attacks via XML scripting DataPower A li
D t P Appliances
and virus insertion
Secure Web Application Controls: Tivoli Access Manager
Applications are deployed with vulnerabilities
Applications Messaging Security: Lotus Domino
Poor security configs expose clients to business Messaging, WebSphere MQ File Transfer
loss Edition, IBM ISS Mail Security solutions
PCI regulatory requirements mandate application Security for SOA: WebSphere DataPower,
security Tivoli Security Policy Manager, Tivoli
80% of development costs spent on identifying Federated Identity Manager, WebSphere
and fixing defects Services Registry & Repository
Real and/or private data exposed to anyone with Application Security Services: ISS
“How can my business access to development and test environments, Application Security Risk Assessment
benefit from including contractors and outsourcers Services , ISS M
S i Managed S
d Security S
i Services
i
management of
application security?” Values
Reduce risk of outage, defacement or data theft associated with web applications
Assess and monitor enterprise-wide security policy compliance
enterprise wide
Improve compliance with industry standards and regulatory requirements (e.g., PCI, GLBA, HIPAA,
FISMA…)
Improve ability to integrate business critical applications securely
Automated testing and governance throughout the development lifecycle, reducing long-term
security costs
IBM Insight Forum 09 Make change work for you
®
17. 17
NETWORK, SERVER AND END POINT
Issues Select IBM Security Offerings
Mass commercialization and automation of Threat Mitigation
Th t Miti ti : ISS N t
Network I t
k Intrusion
i
threats Prevention, WebSphere DataPower Appliances,
Parasitic, stealthier, more damaging attacks ISS Server Intrusion Detection and Prevention
products powered by X-Force®, ISS Endpoint
Poor understanding of risks in new Security Control, Network Mail Security,
technologies and applications, including Vulnerability Management and Scanning
virtualization and cloud
SIEM: Tivoli Compliance Insight Manager
Manage Weak application controls
Security Governance: Regulatory assessments and
Infrastructure Lack of skills to monitor and manage
security inputs remediation solutions, Security architecture and
policy development
Security Compounding cost of managing an ever
increasing array of security technologies Incident Response: Incident Management and
Emergency Response services
Undetected breaches due to privilege
access misuse and downtime from incidents Virtualization: Proventia Virtualized Network
Systems Storage
Security
Inability to establish forensic evidence or
demonstrate compliance Security Services: Security Intelligence and
Virtual Network
Advisory Services, Managed Intrusion Prevention
and D t ti
d Detection, M
Managed fi
d firewall services,
ll i
“How does my business Values Security Event and Log Management Services
benefit from Reduces cost of ongoing management of security operations
infrastructure security
protection?” Improves operational availability and assures performance against SLA, backed by industry’s only
guaranteed SLA for managed protection services
Increases productivity by decreasing risk of virus, worm and malcode infestation
Decreases volume of incoming spam
Drill down on specific violations to quickly address resolution
Readily show status against major regulations
IBM Insight Forum 09 Make change work for you
®
18. 18
IBM professional security services
Proven integrated lifecycle methodology that delivers
ongoing security solutions
Phase 5: Education Phase 1: Assessment
IBM ISS P d t C
Product Courses Threat Miti ti
Th t Mitigation
– On-site & off-site classes Governance Risk and
Compliance
Data Security
Identity & Access
Phase 4: M
Ph Management
t Physical Security
and Support Application Security
Staff Augmentation
Emergency Response Phase 2: Design
Service
Policy Development
Incident Response Planning
Standards and Procedures
Development
Phase 3: Deployment
3
Implementation Planning
Implementation and Optimization
Migration Services
IBM Insight Forum 09 Make change work for you
®
19. Analysts Recognize IBM Security Leadership 19
Gartner Leadership
G d hi Forrester Leadership
F t L d hi
Security Information & Event Management Magic Managed Security Services Wave (October 2007)
Quadrant (May 2009) Risk Consulting Services Wave (June 2007)
Web Access Management Magic Quadrant IDC Market Share Leadership
(November 2008) #1 Identity & Access Management (2008)
User Provisioning Magic Quadrant (August 2008) #1 Identity Management Provider (2007)
Master Data Management for Customer Data #1 Security & Vulnerability Management Software
Magic Quadrant (July 2008) Worldwide (2007)
Managed & Professional Network Service #1 V l
Vulnerability A
bilit Assessment S ft
t Software W ld id
Worldwide
Providers, North America Magic Quadrant (May (2007)
2008)
#1 Application Vulnerability Assessment Software
Business Intelligence and Performance Worldwide (2007)
Management Services, North America Magic
Quadrant (May 2008) Frost & Sullivan Leadership
Managed Security Service Providers, APAC Managed Security Services (2008, 2009)
Marketscope – Strong Positive (May 2008) North American Network Security Infrastructure
Managed Security Service Providers, Europe Protection Company of the Year (2008, 2009)
Marketscope - Strong Positive ( ay 2008)
a e scope S o g os e (May 008) North American Video Surveillance Software
FilesX – Cool Vendors in Data Protection (March Developer Company of the Year (2008, 2009)
2008) #1 Vulnerability Assessment Provider (2006,
Network Intrusion Prevention System Appliances 2007, 2008)
Magic Quadrant (February 2008) IDS/IPS Market Leader (2007)
Managed Security Services Providers, North Global Application Security Product Line Strategy
America Magic Quadrant (August 2007) Award (2008)
IBM Insight Forum 09 Make change work for you
®
20. 20
Tivoli is established leader in IAM and
SIEM markets
#1 Identity and Access Management Market Share (IDC) – past 3 years
#1 SIEM Market Share (Gartner)
Over 2,700 customers worldwide
IBM Insight Forum 09 Make change work for you
®
21. 21
IBM: Comprehensive Security Risk & Compliance
Management
The only security vendor in the market with end-
to-end coverage of the security foundation
15,000 researchers,
15 000 researchers developers and SMEs on
security initiatives
3,000+ security & risk management patents
200+ security customer references and 50+
published case studies
40+ years of proven success securing the
mainframe environment
IBM Insight Forum 09 Make change work for you
®