Managed Security Services on the Cloud by IBM
-
Upload
othon-cabrera -
Category
Documents
-
view
13 -
download
0
description
Transcript of Managed Security Services on the Cloud by IBM
© 2012 IBM Corporation
Managed Security ServicesSelling Enterprise Security Services From the Cloud
© 2012 IBM Corporation2
Data tops concerns relative to cloud computing…
Protection of intellectual property and data
Ability to enforce regulatory or contractual obligations
Unauthorized use of data
Confidentiality of data
Availability of data
Integrity of data
Ability to test or audit a provider’s environment
Other
30%20%14%11% 9% 8% 6% 2%
Source: Deloitte Enterprise@Risk: Privacy and Data Protection Survey
© 2012 IBM Corporation3Page 3
Security Services Market Dynamics
Market dynamics – Due to the nature of numerous security technologies invented for resolving a variety of security issues, security market is very fragmented, crowded with a large number of vendors providing specific solutions. New technologies are evolving rapidly, and M&A has been incredibly active in the past few years. However, there are very few “full scale” security solution providers that can globally provide customers in different sizes and industries with a comprehensive portfolio of security solutions that combines security technologies, and consulting, implementation, and managed services.
IBM has:
• Solution comprehensiveness: IBM has a unique position in the market as an true end-to-end security provider – we address virtually any dimension of customers’ security challenges.
•Leading technologies: All IBM’s security solutions are built based on unparalleled security technologies invented by IBM research (including x-Force) & development or market leading product vendors (
•Global delivery: IBM has thousands of consultants, specialist, and delivery experts and global security operation centers to deliver professional, managed, and cloud security services to customers in almost every country in the world
IBM Global Technology Services
WW Security Services market is a $31.5B opportunity in 2011, growing at a CAGR of 10.8% throughout 2015
ProfessionalServices
Consulting Service $9.66B
Education $3.02B
Managed Services $4.51B
Implementation Service $14.29B
Major actors:
MSS – IBM, Dell SecureWorks, Symantec, Verizon, AT&T, HP, Wipro
Cloud Services – IBM, HP, McAfee, Verizon,Symantec, SecureWorks
Consulting services (PSS) – IBM, Deloitte, PwC,E&Y, Accentuate, KPMG, Verizon
© 2012 IBM Corporation4
Capability: The IBM Security FrameworkDelivering intelligence, integration and expertise across domains
Intelligence ● Integration ● ExpertiseIntelligence ● Integration ● Expertise
IBM Security
End-to-end coverage across domains
6K+ security engineers and consultants
Award-winning X-Force research
Analyst recognized leadership
Continued commitment to investment
Trusted Advisor to Global companies
End-to-end coverage across domains
6K+ security engineers and consultants
Award-winning X-Force research
Analyst recognized leadership
Continued commitment to investment
Trusted Advisor to Global companies
© 2012 IBM Corporation5Security & Privacy Leadership
Helping clients begin their journey to the cloud with relevant security expertise
Subscription service, Cloud-based, monitoring & management Security Services that help reduce costs & complexity, improve sec. posture, and meet regulatory compliance
Security Event and Log Management Vulnerability Management Services Hosted Application Security Hosted Mobile Device Management Managed Email / Web Security X-Force Threat Analysis Service
IBM Managed Security Services approaches the problem two ways:
Security for the Cloud Security from the Cloud
Cloud Security Strategy Roadmap
Application Security Assessment
Penetration Testing
Identity and Access Management
Cloud Security Assessment
© 2012 IBM Corporation6
Security FROM the Cloud: Hosted Application Security Management (HASM)
Service Overview:
Helps customers identify and remediate web application vulnerabilities on Internet facing servers without the need to purchase, install, and configure separate servers and software packages. The solution tests for common Web application vulnerabilities including Cross-Site Scripting, Buffer Overflow, and Web 2.0 exposure scans.
Service Quick Facts:
Service Type: Cloud / Managed
Average Project: $100K-750K
Key Offering Capabilities:
Full AppScan Enterprise access: The solution delivers the power of enterprise class application assessment capability directly to the organization via a cloud based delivery model.
Skilled experts to assist in analyzing scan results: Dedicated one on one time with security experts is included in the service to assist with interpretation of scan results and applicable remediation strategies
Suggested fixes and remediation steps provided: Scan results are accompanied by detailed fix suggestions that guide developers to solutions and best practices.
24x7 support and on-demand access: The HASM platform and associated support are available from IBM experts 24x7.
Service Value Proposition / Benefits:
Reduces risk with an unmatched time to value
Allows for vulnerabilities to be identified and remediated without in-depth expertise
Application Security Analysts consult with clients to help build a prioritized remediation strategy.
Business Challenges:
Web apps represent the fastest growing threat vector
70% of companies view web 2.0 as a top security concern
Web vulnerabilities are easily remotely exploited
Web app scanning is required by regs such as PCI.
Application Security
Management
© 2012 IBM Corporation7
Situations that drive the need to HASM
• Is the organization subject to federal or state legislative regulations or industry compliance stands? (PCI / HIPAA / SOX / GLBA)
• If so, then you need to assess the application to provide validation that it is within compliance standards and regulations.
• The Hosted Application Security Services conducts application assessments that help to provide required information for compliance regulations.
• Is web site used to collect any customer information?
• Is it used to send or receive sensitive information – including corporate IP, employee data, customer or partner information?
• Is it accessed by hundreds, thousands (or even millions) of users?
© 2012 IBM Corporation8
Security FROM the Cloud: Hosted Mobile Device Security Management (MDS)
Service Overview:
Designed to provide expert monitoring and management of policy enforced mobile connectivity to corporate and enterprise-wide assets. Incorporates design and deployment capabilities along with managed services to accelerate time to value and drive established security measures to mobile endpoints.
Service Quick Facts:
Service Type: Cloud / Managed
Average Project Size: Varies
Key Offering Capabilities:
Backed by IBM’s industry leading MSS: Managed and monitored by IBM, one of the largest Managed Security Service Providers in the world.
Broad mobile platform support: Offers support for leading mobile operating systems allowing for broad applicability of policy and technology.
Turn-key implementation: Comprehensive deployment strategies designed to simplify the rollout and reduce the burden on security / IT teams
Secure, policy based connectivity: When used in conjunction with the Juniper SA gateway, secure, policy based enforcement can be applied across mobile devices accessing corporate resources.
Deep security technology: Introduced enterprise class security to mobile endpoints: FW, AV, AS, etc.
Service Value Proposition / Benefits:
Gain control over data stored on mobile endpoints
Helps organizations reduce the impact of lost devices
Supports the consumerization of mobile rollouts while retaining a responsible and secure approach to data management
Business Challenges:
Attainment of mobile security skills can be challenging
Most mobile deployments combine corporate and employee owned assets w/ varying security controls
More data lives on smartphones than ever before
Mobile Device
Security Mgt.
© 2012 IBM Corporation9
Situations that drive the need for MDS
• What security policies does your company have for corporate desktops and laptops?• Are your employees' mobile devices compliant with relevant security policies?• Do you allow your workforce to access corporate data from their personal mobile devices?• Do you want to embrace mobile technology to provide flexibility to your employees? • Are you aware of the potentially disastrous risks and threats that can affect mobile
devices?• Do you lack the in-house expertise and technology needed to ensure secure mobile
access to corporate data?
• Today’s mobile device should be viewed as any other endpoint device in the organization having an overall endpoint security strategy is key.
• There are differences between desktops/laptops and mobile devices. • The risk of breaches for mobile devices is the same or even greater due to the proliferation of
smartphones.
© 2012 IBM Corporation10
Security FROM the Cloud: Security Event and Log Management (SELM)
Service Overview:
The Security Event and Log Management Service enables compilation of the event and log files from network applications, operating systems, and security technologies into one seamless platform. The SELM offering allows for automated analysis of IPS data as well as robust query and research capabilities against a variety of different log types.
Service Quick Facts:
Service Type: Cloud / SaaS
Average Project Size: Varies
Key Offering Capabilities:
Two tiers of service: SELM is available in Standard and Select service levels allowing for varying degrees of analysis and analytics to be applied to data types
Integrated workflow and analysis capabilities: With SELM’s integrated workflow and analysis capabilities, security issues can be investigated, escalated, and recorded using IBM’s web based tools
Custom log parser and correlation engine: Easily use regular expressions to add support for custom log sources and correlation rules
Forensically sound storage and archival: SELM employs best practice processes for storage
Seamless blending of MSS and non-MSS data: SELM blends managed and unmanaged logs and events into a common data set
Service Value Proposition / Benefits:
Improve time to value by leveraging an on-demand cloud based platform
Shorten investigations for suspicious/malicious activity
Centralize key data and reduce storage burdens
Challenges:
Information and event management solutions can be costly and overly complex depending on needs
Data often spans geographies and obtaining a consolidated view can be difficult and costly
Many solutions struggle with real-time analysis
Security Event and
Log Mgt.
© 2012 IBM CorporationIBM ConfidentialIBM Confidential
Situations that drive the need for SELM
• How are you managing, monitoring and archiving both log and event data across your enterprise?
• Does your company have a formal log management and monitoring process that supports analysis, escalation, and investigation?
• Do you consolidate log data from disparate geographies and systems or is this data spread among many separate locations?
• In the event of a security incident, can you effectively query and analyze logs from hundreds or thousands of systems in minutes?
• Could your security team use additional time and budget to address security issues?
• Do you have the tools in place for centralizing data, storing long term (up to 7 years), and an automated form of analysis?
• What tools are being used for existing efforts, are those tools integrated off the shelf vs. cobbled together?
• What would be the implications of a distributed data deployment if you attempted to quickly respond to a global security incident?
• How would you check all of your systems for suspicious activity if you knew of an attackers IP or a compromised account?
© 2012 IBM Corporation12
Security FROM the Cloud: Hosted Vulnerability Management Service (VMS)
Service Overview:
Offers network based vulnerability assessment from the cloud via the VSOC web portal. Scans can be configured and scheduled via the web, with scanning performed from the cloud or via IBM managed scanners at the customer premise. Results are and archived in the cloud, and accompanied by reporting, workflow, and remediation capabilities.
Service Quick Facts:
Service Type: Cloud / SaaS
Average Deal Size: $75K-300K
Key Offering Capabilities:
Vulnerability management: Agent-less scanning from both inside and outside the firewall
Remediation guidance and workflow: Fix vulnerabilities quickly and easily with the information provided in remediation reports
Intelligent scanning: Delivers accurate scanning results in less time with a system that follows an assessment similar to that used by ethical hackers.
PCI compliance assistance: IBM can serve as an Approved Scanning Vendor (ASV) in support of PCI compliance initiatives
Web and dbase vulnerability detection: Identifies basic web and database vulnerabilities to satisfy compliance requirements
Service Value Proposition / Benefits:
Streamlined SaaS delivery model saves clients money and improves time to value.
Assists with compliance efforts for multiple regulations, including PCI
Reduces risk and improves security posture.
Business Challenges:
Vulnerabilities allow easy access to systems
Proper assessment and remediation is required for compliance initiatives
Today’s solutions can be difficult to use and manage
Security Event and
Log Mgt.
Vulnerability Mgt.
Service
© 2012 IBM Corporation13
Situations that drive the need for VMS
• How are you managing software vulnerabilities (Network, database, and application) in your IT environment today?
• Does your company have a formal vulnerability management program that supports frequent scanning, prioritization, and remediation efforts?
• Does your current scanning solution support Network, application and database vulnerabilities?• Have you considered the cost savings that could be realized by leveraging scanning from the
cloud vs. maintaining your own solution in-house?• Could your security team use additional time and budget to address big picture issues in your
environment?
• What is the importance of a vulnerability management program with repeatable process, documentation, reporting, and validation?
• What tools are being used for your existing efforts, are those tools integrated off the shelf vs. cobbled together.
© 2012 IBM Corporation14
‘Cloud security service’ value
The value proposition for cloud security has become widely understood, creating projects within many enterprises.
Services FROM the cloud:
Online access to key security tools that enable clients to efficiently perform key security functions
Reduced up-front capital investment and deployment
Lower overall security management costs
Quicker time to deploy and time to value vs. on-premise
Reduced on-premise skill requirements
Ability to standardize capabilities on one platform
Ability to rapidly consume software improvements
© 2012 IBM Corporation15
IBM Managed Security Services helps answer critical security questions
Firewalls Intrusion detection Routers/switches Servers Emails URLs
Answering customers’ critical questions:
Am I being targeted?Where else has this IP been?
What’s the attack vector?Is the attack approach custom or common?Is the attack against a vulnerable system?
Is there a block or prevention rule?Can you shut down that port?
Is this website malicious?Is that an email virus?
Virtual SOC Portal 9 security operations centers13+ billion events per day
© 2012 IBM Corporation16
IBM’s global security expertise extends to cloud and is trusted by some of the world’s most demanding companies!
15B-plus events managed per day
1,000-plus security patents
133 monitored countries (MSS)
9Security operations centers
Security Operations Centers
Security Research Centers
Security Solution Development CentersSecurity Solution Development Centers
Institute for Advanced Security Branches
9 Security research centers
11 Security development labs
400Security operations analysts
520 Field security specialists
941Professional services security
consultants
3,300 Strategic outsourcing security
delivery resources
© 2012 IBM Corporation17
IBM Security Services – Cloud Security Resources
Offering Details:
Hosted Application Security Management
Hosted Vulnerability Management
Hosted Mobile Device Security Management
Hosted Security Event and Log Management
Web Pages:
IBM Cloud Security Web page
Tools:
MSS Total Cost of Ownership
Papers:
Cloud Security Guidance
Strategies for Assessing Cloud Security
Leveraging Security from the Cloud
IBM POV: Security and Cloud Computing
© 2012 IBM Corporation18
Retrouvez une sélection d’offres Cloud IBM pour les Partenaires sur :
http://ibmcloudcatalog.blogspot.com
© 2012 IBM Corporation18