IBM Global Small and Medium Business. Keep Your IT Infrastructure and Assets Secure



Similar documents
Preemptive security solutions for healthcare

Leveraging innovative security solutions for government. Helping to protect government IT infrastructure, meet compliance demands and reduce costs

How To Protect Your Network From Attack From A Network Security Threat

Web application security Executive brief Managing a growing threat: an executive s guide to Web application security.

Security solutions White paper. Acquire a global view of your organization s security state: the importance of security assessments.

Cisco Advanced Services for Network Security

Provide access control with innovative solutions from IBM.

Cisco Security Optimization Service

IBM Internet Security Systems products and services

Seamless Mobile Security for Network Operators. Build a secure foundation for winning new wireless services revenue.

IBM Global Technology Services Preemptive security products and services

Staying a step ahead of the hackers: the importance of identifying critical Web application vulnerabilities.

Top Five Security Issues for Small and Medium-Sized Businesses

AIRDEFENSE SOLUTIONS PROTECT YOUR WIRELESS NETWORK AND YOUR CRITICAL DATA SECURITY AND COMPLIANCE

Beyond passwords: Protect the mobile enterprise with smarter security solutions

2012 Endpoint Security Best Practices Survey

Reducing the cost and complexity of endpoint management

IBM Security Intrusion Prevention Solutions

Breaking down silos of protection: An integrated approach to managing application security

Payment Card Industry Data Security Standard

Top tips for improved network security

IBM Internet Security Systems

Implement security solutions that help protect your IT systems and facilitate your On Demand Business initiatives.

Securing the Service Desk in the Cloud

Worldwide Security and Vulnerability Management Forecast and 2008 Vendor Shares

Managed Security Services for Data

Service management White paper. Manage access control effectively across the enterprise with IBM solutions.

INFORMATION PROTECTED

Establish and Maintain Secure Cardholder Data with IBM Payment Card Industry Solutions

IBM Security QRadar Vulnerability Manager

SECURING YOUR SMALL BUSINESS. Principles of information security and risk management

AIRDEFENSE SOLUTIONS PROTECT YOUR WIRELESS NETWORK AND YOUR CRITICAL DATA SECURITY AND COMPLIANCE

Zoo Atlanta installs an IBM Proventia Network Multi-Function Security system to guard against Internet threats and spam.

Strengthen security with intelligent identity and access management

Web application security: automated scanning versus manual penetration testing.

IBM Managed Security Services Vulnerability Scanning:

PCI Data Security Standards (DSS)

Small and Midsize Business Protection Guide

INSIDE. Securing Network-Attached Storage Protecting NAS from viruses, intrusions, and blended threats

McAfee Total Protection Reduce the Complexity of Managing Security

REGULATIONS FOR THE SECURITY OF INTERNET BANKING

Internet threats: steps to security for your small business

White Paper Achieving PCI Data Security Standard Compliance through Security Information Management. White Paper / PCI

IBM Rational AppScan: enhancing Web application security and regulatory compliance.

Cloud Security Who do you trust?

How Your Current IT Security System Might Be Leaving You Exposed TAKEAWAYS CHALLENGES WHITE PAPER

Safeguarding the cloud with IBM Dynamic Cloud Security

Advantages of Managed Security Services

AUTOMATED PENETRATION TESTING PRODUCTS

Security. Security consulting and Integration: Definition and Deliverables. Introduction

IBM QRadar Security Intelligence April 2013

White paper September Realizing business value with mainframe security management

Risk-based solutions for managing application security

How To Secure Your Business

Why Leaks Matter. Leak Detection and Mitigation as a Critical Element of Network Assurance. A publication of Lumeta Corporation

IBM Security QRadar Risk Manager

DEFENSE THROUGHOUT THE VULNERABILITY LIFE CYCLE WITH ALERT LOGIC THREAT AND LOG MANAGER

Conquering PCI DSS Compliance

Managed Services. Business Intelligence Solutions

Security management solutions White paper. Extend business reach with a robust security infrastructure.

IBM Security Privileged Identity Manager helps prevent insider threats

White Paper. How to Effectively Provide Safe and Productive Web. Environment for Today's Businesses

case study Core Security Technologies Summary Introductory Overview ORGANIZATION: PROJECT NAME:

Solutions for Health Insurance Portability and Accountability Act (HIPAA) Compliance

Information Security Services. Achieving PCI compliance with Dell SecureWorks security services

Technology Blueprint. Protect Your Servers. Guard the data and availability that enable business-critical communications

IBM Global Technology Services Preemptive Security Products and Services

Top five strategies for combating modern threats Is anti-virus dead?

SIZE DOESN T MATTER IN CYBERSECURITY

Cybersecurity Report on Small Business: Study Shows Gap between Needs and Actions

How To Secure Your Store Data With Fortinet

INTRODUCING isheriff CLOUD SECURITY

Enterprise Cybersecurity Best Practices Part Number MAN Revision 006

The Business Case for Security Information Management

Proven LANDesk Solutions

Business Case Outsourcing Information Security: The Benefits of a Managed Security Service

Safeguarding the cloud with IBM Security solutions

External Supplier Control Requirements

10 Quick Tips to Mobile Security

Internet Content Provider Safeguards Customer Networks and Services

Application Security in the Software Development Lifecycle

SANS Top 20 Critical Controls for Effective Cyber Defense

Information Technology Security Review April 16, 2012

IBM Internet Security Systems. The IBM Internet Security Systems approach for Health Insurance Portability and Accountability Act compliance overview

Cloud Assurance: Ensuring Security and Compliance for your IT Environment

Protect the data that drives our customers business. Data Security. Imperva s mission is simple:

McAfee Server Security

Symantec Protection Suite Add-On for Hosted and Web Security

A HELPING HAND TO PROTECT YOUR REPUTATION

A Decision Maker s Guide to Securing an IT Infrastructure

I D C E X E C U T I V E B R I E F

Preparing for a Cyber Attack PROTECT YOUR PEOPLE AND INFORMATION WITH SYMANTEC SECURITY SOLUTIONS


McAfee Next Generation Firewall Optimize your defense, resilience, and efficiency.

IBM Security X-Force Threat Intelligence

Zone Labs Integrity Smarter Enterprise Security

State of Security Survey GLOBAL FINDINGS

How NETGEAR ProSecure UTM Helps Small Businesses Meet PCI Requirements

Protecting against cyber threats and security breaches

Transcription:

IBM Global Small and Medium Business Keep Your IT Infrastructure and Assets Secure

Contents 2 Executive overview 4 Monitor IT infrastructure to prevent malicious threats 5 Protect IT assets and information from unauthorized access 7 Defend infrastructure, confidential data, applications and services 9 Summary Executive overview More business transactions occur electronically every year, and mid-sized organizations are retaining a growing volume of sensitive data. This data is available to an expanding user base, including employees, trading partners, suppliers and customers. IT infrastructures are more extensive, more complex, more distributed and more accessible. This accessibility is making organizations susceptible to attacks and intrusions from ever-increasing and evolving threats. Hybrid threats and sophisticated, profit-driven hackers are increasingly bypassing traditional security defenses like firewalls and anti-virus scanning. When an attack compromises data, an organization faces customer service issues and lost revenue, data and productivity, some of which might be unrecoverable. In many industries, there is also the requirement to retain data to comply with government regulations and audits losing this data to an external threat or insider attack could create severe consequences to your bottom line and reputation in the form of fines or even the closing of your business. In a recent McAfee poll of 1,400 IT professionals with at least 250 employees in their companies, one-third said that a major security breach could put them out of business. 1 With so much at risk, it would be logical to assume that companies are taking great care to make sure that their data, systems and IT infrastructure are protected from malicious threats. However, this is just not so. Most companies have only basic protections in place simple solutions such as VPNs, firewalls, anti-virus software and spyware detection. According to a recent Information Week article, most IT managers in mid-sized companies say they are ill-prepared when it comes to systems and security management and that they are not confident in their safeguards. 2 There are numerous reasons why so many companies do not have adequate protection from external and internal malicious threats. For mid-sized companies, the most common reasons are a lack of expertise and tools that 2

A large proportion of security execs admitted they re not in compliance with regulations that specifically dictate security measures their organization must undertake or risk stiff sanctions, up to and including prison time for executives. Alan Holmes, The Global State of Information Security 2006, CIO, September 15, 2006 3 are required to address today s security challenges adequately and the belief that hiring additional IT personnel or consulting staff is too expensive and too time-consuming for the average mid-sized company s budget. At the same time, companies are presented with a confusing array of solutions that are supposed to be comprehensive but in reality do not provide the protection necessary to keep not only systems, data and networks safe from attacks, but also investments and brand. IBM understands the challenges that mid-sized companies face when they try to make their IT infrastructures more secure. IBM IT Security solutions for mid-sized businesses deliver effective, easy-to-manage and affordable security capabilities that: Protect business-critical information Make information about security available on demand Can readily adapt to ever-changing threats Can help ensure that compliance requirements are met Our solutions help companies secure their IT infrastructure by: Monitoring IT infrastructure to prevent malicious threats Protecting IT assets and information from unauthorized access Defending infrastructure, confidential data, applications and services Using these solutions and drawing on the knowledge of IBM Business Partners, you can understand where you are vulnerable and protect your networks and critical information at several levels to reduce the risk and costs associated with a security breach. These solutions are designed and priced for mid-sized companies that are seeking exceptional performance but also want applications and tools that are easy to install, use and manage and help from experts. This paper describes these solutions and how they meet the requirements for a secure IT infrastructure. 3

Monitor IT infrastructure to prevent malicious threats Today s hackers are more technology savvy than ever. Even less experienced intruders are finding ways to bypass common security mechanisms such as patches, firewalls, VPNs and anti-virus updates to breach or damage Web sites, applications and infrastructures. They are attacking applications at multiple levels and using wireless access points to gain unauthorized entry. In a secure IT infrastructure, virus, spy ware, spam and hacker intrusions and the risk of unauthorized access to assets and information are minimized by proactively monitoring and blocking threats to the IT environment from external and internal invasions. IBM and our Business Partners provide a set of solutions designed to help you monitor and protect your IT infrastructure. To monitor your systems and networks effectively, you need to know where the weaknesses in your IT environment are. IBM Express Vulnerability Assessment can help you identify your weak points and define ways to reduce risks. IBM experts assess the security of your Web-based systems and the potential business impacts of security breaches. The experts then present a final assessment report that ranks IT weaknesses as high, medium or low risk. The solution has worldwide scalability, too our consultants can reach around the world for standardized evaluation at all sites. Another step in safeguarding your IT environment is to address weaknesses before they can be exploited and to have comprehensive preemptive protection against unknown threats. IBM Express Managed Security Services for Web Security features anti-virus and anti-spy ware services and URL filtering. These services monitor Web traffic and block viruses or spy ware from being downloaded as part of a Web page. The IBM Proventia Network Intrusion Prevention System automatically blocks malicious attacks while preserving network bandwidth and availability. In addition to ensuring business uptime, this solution helps businesses comply with regulatory mandates and industry standards. 4

Monitoring your network and systems also means watching for unauthorized users on your property that might be trying to gain access to information. IBM Consulting, Integration and Deployment Services for Surveillance and Security provides services ranging from assessment, strategy and architecture to deployment and integrated security applications running on a modular architecture. The IBM solution goes beyond the obvious components for monitoring your infrastructure. To help you assess the impact of regulatory changes, establish a flexible software delivery process, plan and execute risk mitigation strategies and generate the documentation necessary to help pass audits, we offer IBM Rational ClearQuest. Also, IBM Secure Perspective for System i helps you define an understandable security policy using natural language, so that it is meaningful for all parties in your business. It then implements your system security settings, demonstrates compliance to your policy and reports on your compliance. Protect IT assets and information from unauthorized access Access to sensitive data has expanded far beyond the walls of organizations. At any given time, employees, trading partners, suppliers and customers all might be connecting to one or more of your company s data repositories. This interconnectedness affords you many benefits, but it also introduces a great deal of risk. To try to control access, most companies are introducing processes such as more passwords and other identity recognition tools. However, by doing this, they risk affecting user productivity. For example, employees and other users have so many passwords that they cannot always remember them, resulting in lost time and effort spent contacting the party responsible for resetting the password. There are other, potentially more serious risks. Consider what might happen if one of your employees keeps passwords in a PDA or day planner and then leaves it at a public place like a coffee shop. Access to your proprietary and sensitive information is compromised. 5

IBM IT security solutions for protecting assets and information from unauthorized access deliver effective, easy-to-manage and affordable tools that keep business-critical information out of the hands of the wrong people while streamlining user access. Using these solutions, organizations protect their networks and critical information at several levels to reduce the risk and costs associated with a security breach without sacrificing user productivity. Identity management is a key component of this IBM solution. IBM Tivoli Identity Manager Express is an automated identity management solution designed especially for mid-sized organizations, supporting up to 5000 users. It can help you manage an increasing number of users with fewer resources by establishing a central point to manage user rights. To advance your identity management, compliance and authentication initiatives, IBM Tivoli Access Manager for Enterprise Single Sign-On provides single signon for all your applications without a lengthy and complex implementation effort. The architecture supports your technical requirements and computing environment and integrates with Tivoli Identity Manager Express. Controlling access also means patching and protecting system flaws that could compromise your business. Keeping your sensitive information safe requires a solution that combines vulnerability management with preemptive blocking techniques to optimize protection. With IBM Proventia Network Enterprise Scanner, you gain detailed visibility into system vulnerabilities, you can prioritize and assign ownership to risk-reducing activities, you can organize and track remediation tasks and you can generate reports that demonstrate the successful results of your work. Unauthorized users often exploit e-mail systems to gain access to your information and documents. You need to keep malicious e-mailers out while retaining e-mail correspondence for legal purposes and compliance. IBM CommonStore is a family of e-mail archive management products used to help mid-sized companies protect their critical business assets from the access issues created by the proliferation of e-mail. IBM Content Manager goes one 6

The average fraud scheme continues for 18 months before being detected. Association of Certified Fraud Examiners, 2006 ACFE Report to the Nation on Occupational Fraud and Abuse. 4 step further, helping you use your digital information for maximum effect while ensuring that only authorized users have access to your content. From multimedia to text, this solution supports a range of information formats and makes content from multiple applications and workgroups available only to those granted access to that content. Defend infrastructure, confidential data, applications and services Watching and monitoring your systems and infrastructure and managing user access to them are similar to having a lookout in a tower and a drawbridge controlled by a keeper to protect a castle. However, without a moat and several layers of walls, the castle isn t completely safe. The same can be said for your infrastructure, confidential data, applications and services. You need more than a lookout and a gatekeeper you need strong protection that will block any attempts by unwanted intruders to attack. You also need to take it one step further, and put protection in place that can stop attacks from the inside. The IBM IT security solutions for defending your infrastructure, confidential data, applications and services proactively block internal and external threats so that your company can keep running if there is a security incident. They also speed the detection and reaction time. A favorite target of attack is your network. Hackers and automated network sniffers constantly scan the Internet for vulnerable systems. And insufficiently encrypted traffic can expose your confidential information. IBM Express Managed Security Services for Firewall and VPN is a managed service that helps you protect your network while reducing maintenance requirements and costs. It provides IBM hardware that can be set up easily at your location with help from the IBM Help Desk or an IBM Business Partner and professional management. IBM Lotus Mobile Connect protects your wireless communications by creating a mobile VPN that encrypts data over vulnerable wireless LAN and WAN connections so that your mobile employees can access enterprise resources. For added defense, IBM Proventia Network 7

Multi-Function Security appliances stop all types of Internet threats before they penetrate your network and IBM Proventia Network Intrusion Prevention System delivers uncompromising protection for every layer of the network, protecting your business from both internal and external threats. As mentioned in the previous section, another source of threats are the viruses and worms that often arrive in e-mails, leaving company assets at risk, jeopardizing compliance and diminishing worker productivity. IBM System p5 Network E-Mail Security Express helps protect e-mail from virus, spam, phishing and fraud attacks. Powerful enough to protect business-critical e-mail and flexible enough to adapt readily to ever-changing e-mail threats, it features a network e-mail monitor, multiple spam scanning engines and multiple virus detectors to prevent threats from reaching desktops. IBM Express Managed Security Services for e-mail security can also help you mitigate the risks inherent in e-mail communications. This solution provides a comprehensive suite of services that scan and monitor your Internet e-mail before it ever reaches your network giving you confidence that your company s e-mail is free from harmful or damaging content. Defending your assets also includes your physical and human assets. IBM Digital Video Surveillance and Security is a comprehensive data capture, storage and retrieval solution that safeguards the privacy of digital content, while providing fast, easy access to footage for authorized personnel. It automatically archives new content and purges old footage and helps security personnel effectively collaborate with internal departments and external agencies during emergencies. It also deters violence, vandalism and other illegal behavior because it can capture and quickly retrieve high-quality images that might be admissible in court. 1 8

Organizations that reported that their security policies and spending are aligned with their business processes experienced fewer financial losses and less network downtime than those that did not. Alan Holmes, The Global State of Information Security 2006. 5 Summary IT security offers many benefits by building a secure dynamic infrastructure. These include: Expansion of your business reach on a global scale Trusted electronic relationships with your trading partners Improved response to customer needs and marketplace demands Strong employee and partner relationships Reduced regulatory, financial and legal exposure Improved business productivity Risk management Protection of information assets Prevention of problems before they occur IBM and our Business Partners have put together the IBM Express Advantage portfolio of IT Security solutions to address each type of IT security threat. These solutions are designed and priced specifically to help medium-sized businesses meet the challenges of today s environment. In addition, several solutions in the portfolio can be hosted at IBM sites to ease your burden of acquiring and maintaining the hardware and software. Only IBM and its vast network of Business Partners provide a range of solutions to help mid-sized companies improve the security of their IT infrastructures, as well as deep expertise in every industry, extensive local presence, and the support and backing of IBM to deliver simple, affordable, custom solutions. 1 Sharon Gaudin, Companies Say Security Breach Could Destroy Their Business. InformationWeek, 24 April 2007. http://www.informationweek.com/showarticle.jhtml?articleid=199201085 2 Sharon Gaudin, IT Managers Fear Security Breaches Could Cost Their Jobs. InformationWeek, 30 April 2007. http://www.informationweek.com/showarticle.jhtml;jsessionid=dqiu10doktvhwqsndlr CKH0CJUNN2JVN?articleID=199202582&queryText=king+research 3, 5 http://www.cio.com/article/24979/the_global_state_of_information_security_/1 4 http://www.acfe.com/fraud/report.asp 9

2007 IBM Corporation IBM Corporation Software Group Route 100 Somers, NY 10589 U.S.A. Produced in the United States of America 05-07 All Rights Reserved. IBM, the IBM logo, System x, Tivoli and WebSphere are trademarks or registered trademarks of International Business Machines Corporation in the United States, other countries or both. Other company, product and service names may be trademarks or service marks of others. References in this publication to IBM products or services do not imply that IBM intends to make them available in any other countries. The IBM home page on the Internet can be found at ibm.com

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information