Featured Speaker
IBM Security Solutions! Glinda Cummings World Wide Tivoli Security Product Manager 2010 IBM Corporation
IBM Security Solutions! How IBM defines Cloud Computing
IBM Security Solutions! 4
IBM Security Solutions! Threats to Cloud Adoption ies isclosures 008 2009 2010 IBM X Force Report 50% 45% 40% 35% 30% 25% 20% 15% 10% 5% 0% Percent of vulnerabilities disclosed in 2010 Percent of 2010 vulnerabilities without patches. Web Application Vulnerabilities by Attack Technique 2004-2010 2004 2005 2006 2007 2008 2009 2010 Cross-Site Scripting SQL Injection Other File Include 2010-2011 Breach Statistics (ITRC) Breaches since Jan 2010 Breaches Total Records Protection In of Lost Sensitive Millions Data Percent of lost data secured by encryption Percent of lost data protected by Password Information Week Analytics Protection of Lost Sensitive Data Lack of interoperability with other productivity or network software. Cost of buying Encryption technology. Lack of management sponsorship or organizational imperative. 5 Figure 58: Web Application Vulnerabilities by Attack Technique 2004-2010
IBM Security Solutions! Perspectives on Cloud Security Theirs Ours 6
IBM Security Solutions! 7
IBM Security Solutions! 8
IBM Security Solutions! IBM s Approach to Securing the Cloud Focus on building Security into the fabric of the cloud Enabling security through services and Interfaces Leveraging innovations to empower security 9
IBM Security Solutions! Clouds can be delivered many ways. Customer Capital Ownership Vendor 10
IBM Security Solutions! Clouds can be delivered and consumed in multiple form factors Vendor Embedded Security Consumer 11
IBM Security Solutions! 12
IBM Security Solutions! Sample Scenario Design Develop Deploy Manage Cloud Security Assessment Tivoli Security Information Event Monitoring Tivoli Service Asset Manager Rational Requisite Pro Tivoli Enterprise Manager Rational Jazz Rational App Scan Rational App Scan Source IBM Datastage IBM Optim IBM Guardium Tivoli Storage Manager for Virtual Environments Tivoli Monitoring WebSphere Purescale IBM Intrusion Prevention Hosted Vulnerability Management for Cloud Hosted SELM for Cloud Tivoli Access Manager Tivoli Identity Manager Rational Build Forge WebSphere Datapower Rational Asset Manager Tivoli Federated Identity Manager IBM Managed Backup Service 13
IBM Security Solutions! Workload Driven Cloud Security Benefits Enhanced Security Better Integration Greater Satisfaction Improved Transparency Enriched Governance Workload Specific Security S Healthcare Retail Finance Education Collaboration Foundational Security Controls Access and Identity Data and Information Release Management Security Event Vulnerability Management Physical Security Problem Management Governance and Compliance Change and Configuration Management 14
IBM Security Solutions! Service Enabled IBM Professional Security Services Security Strategy Roadmap IBM Professional Security Services Security Assessment IBM Professional Security Services Application Security Services for Cloud 15 IBM Managed Security Services Hosted Vulnerability Management IBM Managed Security Services Security Event and Log Management IBM Managed Security Services Managed Backup Cloud
IBM Security Solutions! Security Empowered Security for Social Networking Advanced Security Analytics Security for Mobile Endpoints 16
IBM Security Solutions! IBM Security Portfolio 17
IBM Security Solutions! Simple Application of Security to the Cloud 18
IBM Security Solutions! IBM Cloud Security Guidance 19
IBM Security Solutions! Why IBM IBM is the only company with the Breadth and depth of products, technologies, services and business partners to provide end-to-end security. IBM has over 200 Security related products and over 3500 Highly Skilled Security professionals IBM has over 40 years of security development and innovation experience IBM has six worldwide research labs innovating security technology and nine security operations centers. IBM analyzes more than 13 billion security events on behalf of its clients and block more than 150 million attacks each day. IBM is one of the most trusted companies in the World. 20
IBM Security Solutions! 21
Featured Speaker
The Cloud Identity Security Leader
Ping Identity Mission Enable & Protect Identity Secure the Cloud Defend Privacy 2011 Ping Identity Corporation 24
Megatrends in IT 2011 Ping Identity Corporation 25
What s holding your business back? Customer Satisfaction Do customers or partners login more than once? 75% of online shoppers may leave or not use a site that requires registration USA Today March 23, 2011 Productivity Do employees have five, ten, or twenty separate logins? Do your employees, partners, or customers have tablets or smartphones with applets and multiple passwords? Security Risks How long does it take to remove access to critical private and public cloud applications when an employee or partner leaves? X 2011 Ping Identity Corporation
Why is it so hard to secure the Cloud? ebusiness Enterprise Firewall Existing AAA Portal Directory 2011 Ping Identity Corporation
Secure the Cloud - Best Practices 1 Separate identity from applications centralize IT control of identities and access Do not proliferate passwords Integrate identity at the application layer not the presentation layer to lower maintenance and avoid user involvement 2 Eliminate passwords don t sync, replicate or hide them Adhere to secure and proven industry standards leverage customer and cloud vendor adoption of trusted approaches to Cloud and Mobile SSO 3 Leverage existing identity infrastructure look for supported integrations and standards to avoid fragile, high maintenance identity architecture 4 Adhere to standards leverage secure and proven identity standards to maximize interoperability and scale Avoid multiple purpose-built identity silos design for flexibility and scale with a single identity architecture supporting different use cases 5 Leverage existing identity infrastructure look for supported integrations and standards to avoid costly, fragile or high maintenance architectures Avoid purpose-built identity silos design a single identity architecture that supports all required use cases 2011 Ping Identity Corporation 28
Different ways to secure the Cloud Separate Identity from Applications Eliminate Passwords Adhere to Standards Leverage Existing Identity Infrastructure Avoid Purposebuilt Identity Silo Password Vaulting Identity as a Service Traditional IAM Cloud Identity Management 2011 Ping Identity Corporation
The Cloud Identity Security Leader Enterprise Solutions More than 160 Partners Denver Boston Cloud SSO Customer & Employee IAM Mobile App Support API Security Centralized Access Control 98% of Customers Recommend Ping to others! - TechValidate Survey 2011 More than 600 Customers SaaS Vendors, Cloud Integrators & Resellers Thought Leadership Vancouver London Tens of millions of employees, customers, consumers, and partners use Ping Identity solutions every day! 2011 Ping Identity Corporation 30
Cloud Identity Management 2011 Ping Identity Corporation
How it Works Token Token 2011 Ping Identity Corporation 32
Cloud Identity Management Deploys in hours Elegant, lightweight scalable Standards-based SAML, OpenID & WS Federation OAuth, WS-Trust Strong Auth 30 Turn-Key Integrations Anywhere, anytime, any device 600+ Enterprise and SaaS customers 98% customers willing to recommend Ping 40 of the Fortune 100 130+ Cloud SaaS Highly scalable & performance tested Support for all use cases Passwords and identities never leave your control Users only need one secure password Eliminate the effects of password & policy change Centralize policy and support for all cloud apps Enable Cloud application deprovisioning 2011 Ping Identity Corporation
Secure the Cloud. Free your Business: A Case Study 2011 Ping Identity Corporation 34
Our Customers 600+ enterprises, government agencies and services providers worldwide trust Ping Identity including 40+ of the Fortune 100. Finance Healthcare Consumer International Telecom 2011 Ping Identity Corporation 35
Featured Speaker