Security Services and Solutions. Full security, from planning through implementation to operation.

Transcription

1 Security Services and Solutions. Full security, from planning through implementation to operation.

2 Security Services and Solutions. Seamless end-to-end service provision. T-Systems supports its customers at each stage of complex realization from the planning (design) to the development, implementation, and integration of the customer solution (build), through to the operation (run). T-Systems generates end-to-end added value along the entire value chain. Process optimization, cost reduction, and improved financial performance embody the valuable benefits to our customers. Security is an integral component of all T-Systems solutions. We classify our dedicated Security Services into three subject areas: Our goal: to put the advantage in your hands. T-Systems offers: Comprehensive services in the area of ICT security, and full consideration of your organization, processes, and technologies at all levels. Services along the entire value chain. These include consulting, development/integration, products, and operations. Mutually compatible services and solutions tie seamlessly to your security requirements. Identity and Access Management (IAM) Enterprise Security Management, and Seamless ICT Infrastructure Security In each one of these areas, T-Systems offers a broad spectrum of services along the entire value chain. These include security consulting, engineering, integration, products, and solutions, as well as operations and/or management and maintenance.

3 2 3 Consulting Services (plan) Development/ Integration (build) Products/ Solutions (supply) Operation/ Management (run) Maintenance & Support (run) Identity and Access Management Business processes Applications Systems Networks Enterprise Security Management Seamless ICT Infrastructure Security

4 Identity and Access Management (IAM). User identities and secure access (to data, applications, and other resources) both play key roles in the structuring of electronic business processes within your company, and in complex value chains. The toughest and most important challenge is managing the digital identities over their entire life cycle, from creation, modification, and use until deletion. These identities, and all their attributes, form the basis for authentication and authorization, and hence the basis of effective data protection. Corporate restructuring and mergers add to the pressure for standardization of IT, and ultimately for reliable, comprehensive IAM. Above and beyond this, there must be compliance with regulatory mandates. Gain agility through IAM. T-Systems realizes complex Public Key Infrastructures (PKI). We design and implement solutions and components for the issuance, modification, distribution, and deletion of digital identities, as well as rights and attributes (provisioning) within heterogeneous IT landscapes and beyond corporate limits. Our portfolio of services also includes powerful authentification and encryption capacities, through to solutions for (enterprise) single sign-on and federation. As a renowned outsourcing service provider, T-Systems operates dedicated IAM components, such as directories, and complete solutions. We provide authentication as a service, including Onetime Password (OTP) tokens. T-Systems operates a government-licensed Trust Center, issues digital IDs and certificates, and provides directory services, and services like OCSP. We also offer mass signature and time-stamp services as an ASP. This means our customers, in turn, can focus on their core business activities. Make it secure by design. In many cases, innovative and industry-specific solutions cannot be realized solely by integrating off-the-shelf products and components. T-Systems therefore designs and specifies new systems, and develops custom software and system solutions in all industries. Our experts realize special security functions, key management solutions, and complete applications. Focal points are payment, ticketing, telematics, and billing, such as in electronic road pricing and other largely smart card-based systems. Since T-Systems possesses its own multifunctional Chip Card Operation System (TCOS), we are able to develop unique applications, such as the electronics in passports. We deliver and integrate smart cards.

5 4 5 Enterprise Security Management. Modern corporations view security as an integral part of their operational risk management. The implementation of defined policies and standards must be anchored in corporate processes and organization. Technical measures are developed and implemented as they are gradually refined. The constant review and assessment of risk, and identification of vulnerabilities, form the basis for the cost-effective design of security measures. Ultimately, companies require solutions enabling them to monitor and maintain the array of dedicated security solutions from a central location. Expert advice with excellence. T-Systems offers comprehensive consulting services on all issues pertaining to information security from the business process level, to security policies and security concepts, all the way to implementation. We test the established security level (ethical hacking), conduct threat and risk analyses, design architectures and solutions, and prepare a detailed description of measures/actions. We implement an Information Security Management System (e.g. according to ISO 27001). Our integrated approach incorporates technology and organization. We offer various services with respect to the identification and analysis of security incidents, monitoring, and notification. This ensures that a high level of security is maintained on a consistent basis, such as with our CERT Information Service, which delivers daily information about security vulnerabilities in products. Master security solutions. The more complex the applications, systems, and networks, the greater the number and diversity of security solutions. T-Systems advises clients on how to reduce complexities, and streamline architectures. We integrate solutions that track and integrate security information such as configurations and known vulnerabilities as well as security events from a variety of sources. These solutions also support the examination and evaluation of this information, and allow for the elimination of vulnerabilities through system updates. T-Systems designs and realizes individual customer solutions in the areas of secure communications, access control to networks, systems, and applications, as well as the integration of security measures in electronic workflows and document management. Assurance required. Product security is likewise integral to a comprehensive approach. We assess the established level of product and system security, and can thereby assist in closing existing gaps. We are internationally renowned as the leading specialist in the assessment of security measures for hardware and software. T-Systems is accredited by the Federal Office for Information Security (BSI), and the Zentraler Kreditausschuss (central banking committee, ZKA) in Germany, VISA International, MasterCard International, the Initiative Payment Card Industry (PCI), and numerous other organizations throughout the world.

6 Seamless ICT Infrastructure Security. Companies must protect their ICT infrastructure, detect attacks on systems and networks, and secure data and data flows. Ever-increasing mobility is not the only reason why solutions are needed for secure connections to corporate networks and applications, and secure data transmission. Solutions are required which protect ICT systems, inspect and filter documents and data streams, and which may even control information flow from within the company. The challenge is to select mutually compatible, precisely tailored security solutions based on the latest technology, and to acquire, integrate, and operate these costeffectively. Solutions at hand. T-Systems offers VPN and firewall solutions, antivirus, anti-spam, and other filtering solutions, intrusion detection, and prevention solutions along with solution components for mobility and secure communications. In doing so, we utilize hardware and software from reputable manufacturers, but also offer proprietary solutions. We provide consulting on secure design of the IT landscape and critical ICT infrastructures. Security end-to-end. As one of the largest outsourcing service providers, we undertake complete operation of your security systems, or perform the necessary tasks for the administration and maintenance of your in-house systems (Security Management Center, Remote Management, and Out-Tasking). Our Managed Security Services also encompass Device Security Management.

7 Take advantage of our unparalleled expertise. 6 7 Security problems may arise, but they will not disappear on their own. Security must be planned, implemented, and maintained. Without a clear strategy, companies and public services cannot attain an adequate level of security. And most often, it will not work properly without the support of an external service provider. Would you like more information, or a more detailed consultation? Please contact your contact partner directly, or use the contact options listed here. We look forward to meeting you! In Germany, T-Systems is at the forefront of IT/TC security service provision (or simply, ICT Security ). For more than 20 years, we have supported public authorities and corporations from every industry and sector. Our customers benefit from the experience gained in many projects, and can rely on the quality and the objectivity of the advice and assessments given.

8 Published by T-Systems Enterprise Services GmbH Corporate Marketing Mainzer Landstraße Frankfurt am Main Germany ICT security L1-1 Valid as of 1/2009 Subject to changes and errors Sv Contact T-Systems Enterprise Services GmbH Corporate Customers, ICT Security Rabinstraße Bonn Germany info.ict-security@t-systems.com Internet: