4. Elements of an Enterprise Security Hub Encryption Key Management Tape encryption Common Criteria Ratings Support for Standards Audit, Authorization, Authentication, and Access Control RACF ® IDS, Secure Communications Communications Server IBM Tivoli Security Compliance Insight Manager Crypto Express 3 Crypto Cards System z SMF ITDS Scalable Enterprise Directory Network Authentication Service Kerberos V5 Compliant z/OS ® System SSL SSL/TLS suite ICSF Services and Key Storage for Key Material Certificate Authority PKI Services DS8000 ® Disk encryption DKMS DKMS TKLM Venafi Guardium Optim ™ Data Privacy Compliance and Audit Extended Enterprise Platform Infrastructure Venafi Encryption Director Venafi Encryption Director Multilevel Security TS1120 IBM Tivoli ® zSecure Suite DB2 ® Audit Management Expert Tivoli Identity Manager Tivoli Federated Identity Mgr LDAP Enterprise Fraud Solutions
05/03/11 04:24 Shearer SLM.ppt System z Solution Edition for Security: Example: Fraud Forensics, Analysis and Prevention via Intellinx (which exploits the zAAP) In a recent example, a local police department encountered an embarrassing leak when a police officer made unlawful inquiries into the National and State Wants and Warrants database to uncover “dirt” on the VP candidate – Joe Biden, in the hopes of selling the information to the tabloids. The fraud was detected through forensics, and the offending officer was terminated and charged accordingly. In a similar case involving an law enforcement, a State Police employee leaks information on planned arrests in a homicide case investigation to one of the suspects (a friend)
05/03/11 04:24 Shearer SLM.ppt System z Solution Edition for Security: Example: Fraud Forensics, Analysis and Prevention via Intellinx (which exploits the zAAP) In a recent example, a large hospital chain encountered an embarrassing leak when a nurse made unlawful inquiries into the Patient Medical Database and then sold the information about a high-profile celebrity to a Tabloid magazine. In this particular case, the celebrity was Paris Hilton, who successfully sued the Hospital for failing to secure her medical records as required by law (HIPPA). Everyday, high-profile patients are admitted to the hospital or visit their local Doctor’s office. It need not be Paris Hilton for a curious or greedy employee to want to access the medical records. Fraud Forensic tools, as those delivered via the Solution Edition for Security will help identify the offending party and deter future unlawful access. Failure to implement such tools, when they are easily implemented, will constitute “negligence”, which may lead to punitive damages costing millions and millions of dollars
05/03/11 04:24 Shearer SLM.ppt When everyone thinks about mainframe security they only think about RACF. System z Security includes a comprehensive set of products and solutions that provide unmatched security capabilities that span data privacy, compliance and audit, and platform infrastructure – and we extend these capabilities beyond the mainframe and into the enterprise. These are a sample of the products and solutions that provide the enterprise capabilities.
05/03/11 04:24 Shearer SLM.ppt
This chart represents the business components of a large North American Bank
This chart represents the business components of a large North American Bank
05/03/11 04:24 Shearer SLM.ppt
05/03/11 04:24 Shearer SLM.ppt Each of the solution slides focus on the leading customer challenges addressed by this solution, the specific solution capabilities achieved by implementation of the solution, and a list of the recommended solution components. Intellinx zWatch is a vendor product that we can order separately for this solution. At this time it is not a core element o the solution however we can include it separately. We are considering adding this into the solution as a core component in the future.