IBM Security Services Overview

Transcription

1 Services Overview Massimo Nardone Senior Lead IT Security Architect Global Technology Services, IBM Internet Security Systems THE VEHICLE THE SKILL THE SOLUTION

2 Today s Business Reality: More Risk, Fewer Resources TODAY S ECONOMY Computerworld With a faltering economy resulting in increased jobs cuts and corporate belt tightening, security analysts are warning companies to be especially vigilant about protecting their data and networks. Tough economic times create uncertainty in the workplace. When there is uncertainty, it creates stress for employees. It makes the company more vulnerable to threats. Shelley Kirkpatrick Management Concepts YOUR REALITY Cutting Operational Expenses Postponing hiring of additional IT staff, long-term projects and new initiatives in favor of near-term return on investment (ROI) Seeking productivity increases in the existing infrastructure Managing Increased Risks Increased risk of fraud and other criminal activity Increased threats from outside and within organizations The average cost per hour of unplanned downtime = $42,000 per 1000 transactions Maintaining Compliance Posture ~ 500,000 regulations have been imposed on global businesses, institutions and government agencies since % of consumers notified of a security breach will terminate their relationship with the company they perceive as responsible 2

3 Why? IBM Leadership Proof Points - 15,000 researchers, developers and SMEs on security initiatives - 3,000+ security & risk management patents security customer references and 50+ published case studies years of proven success securing the zseries environment - Already managing more than 2.5B security events per day for clients - Framework unites all investments - $1.8 billion invested in

4 Protection Platform Among the most advanced and complete security architectures ever developed delivering preemptive security Integrated security intelligence Comprehensive suite of professional security services Single, integrated view into the network Platform and service extensibility Correlation and integration of multiple data sources Underlying best-in-breed appliances 24/7 outsourced security management Improved system uptime and performance without a large investment in technology or resources Guaranteed protection services Protection Platform 4

5 The Global Extensive Infrastructure 8 Security Operations Centers 9 Security Research Centers 133 Monitored Countries 20,000+ Devices under Contract 3,700+ MSS Clients Worldwide 4 Billion+ Events Per Day IBM has the unmatched global and local expertise to deliver complete solutions and manage the cost and complexity of security 5

6 Professional Security Services 6

7 PSS: Comprehensive, Enterprise-Wide Security Services Assess - Application Security Assessment - Information Security Assessment - Policy and ISO Gap Analysis - Risk Assessments - Security Certification Program - FISMA Assessment - PCI Assessment - Penetration Test Deploy - Deployment Services - Migration Services Manage & Support - Emergency Response Services - Staff Augmentation & Support - X-Force Threat Analysis Service Design - Implementation Planning - Network Security Architecture Design - Policy Design and Development - QuickStart Programs for Regulatory Compliance - Security Strategy Workshop - Standards and Procedures Development Educate - Certification - On-Site & Off-Site Classes - Security Awareness Program - Third Party Classes 7 2/8/2010

8 Hudson s Bay Company addresses PCI compliance standards while improving their data security with IBM GTS and ISS. Business challenge: Facing regulatory mandates, the Hudson s Bay Company Canada s largest diversified general merchandise retailer needed to meet the Payment Card Industry Data Security Standard (PCI DSS). To help meet this requirement, the company sought a managed security service that could provide full-scale security management. Solution: To meet the requirements stipulated by PCI DSS, the customer engaged IBM Global Technology Services (GTS) and IBM Internet Security Systems (ISS). The solution provided the customer with log and security monitoring, as well as managed protection services. Meeting the PCI DSS regulations was mandatory, but IBM provided us with more than just compliance, Sensitive data is secure, systems are monitored closely for performance issues and our IT staff can focus on more mission-critical activities. Kristofer Laxdal Hudson s Bay Company Benefits: IBM GTS and IBM ISS helped to customer to address compliance with PCI DSS while reducing the consumption of internal IT resources. The customer was able to better anticipate, track and mitigate security threats before they caused harm to data or the IT infrastructure. IBM GTS and IBM ISS provided professional management of the customer s network devices and appliances.

9 A large cosmetics company improves security and meets PCI regulatory standards with IBM ISS. Business challenge: Faced with regulatory challenges mandated by the Payment Card Industry Data Security Standard (PCI DSS), a large cosmetics company looked to elevate their Level 2 PCI merchant status to a Level 1 requiring additional compliance requirements. This included an assessment of core environments, outsourced data centers, Web applications for third-party vendors and point of sale (POS) systems. Solution: IBM ISS Professional Security Services (PSS) assessed the customer s security gaps, performing remediation activities around internal/external penetration tests and policy documentation. In addition, IBM ISS installed Proventia Multi-Function Security appliances to protect both stores and offices and engaged ISS Managed Security Services (MSS) to consolidate and correlate the increased security information. Benefits: IBM ISS helped the customer meet PCI standards for Level 1 merchants by creating the necessary compensating controls. IBM ISS consultants leveraged their deep experience with a major merchant network and acquirer banks to help achieve compliance. IBM PSS consultants are often able to negotiate compensating controls and deadlines on behalf of customers. Solution components: IBM Professional Security Services (PSS) IBM Managed Security Services (MSS) IBM Proventia Network Multi-Function Security (MFS) - M10, M30, G400 PCI-DSS compliance expertise

10 Managed Security Services 10

11 Strengthened Portfolio through Vendor Alliances 11

12 Service provider of a major telco and ISP enterprise gains a powerful, comprehensive security solution Client requirements Company s network must be able to ward off numerous attacks and threats. They needed to provide its parent company with a deeper level of security as well as analyses of the incoming threats. Solution Company and IBM Global Technology Services deployed: Multiple IBM Network Intrusion Prevention Systems An IBM Network Enterprise Scanner An IBM Proventia Network Anomaly Detection System An IBM SiteProtector SecurityFusion Module. Benefits The new solutions provide a comprehensive intrusion detection and prevention solution that blocks attacks and then analyzes and reports them without slowing down the data traffic on the network. The total security solution delivers a better view of the data traffic on the network, as well as the needs of customers. Industry: Telecommunications Profile: a major independent telecommunication company and Internet service provider (ISP) in Europe Category: Security

13 A large Canadian fashion retail group achieves around-theclock protection for their IT infrastructure with IBM ISS. Business challenge: Conscious of threats to their IT infrastructure, a large Canadian fashion retail group sought to improve the security for their IT environment. The company did not have an Intrusion Protection System (IPS) or Intrusion Detection System (IDS) to help fortify their security nor the people to help manage such resources. Solution: IBM ISS helped the customer to implement a Managed Intrusion Prevention and Detection service, providing comprehensive protection for their networks and servers. The customer obtained a three-year contract with IBM ISS to manage and guide their IPS security solution - the first time the customer has outsourced part of their business. Benefits: The customer received critical protection without overwhelming their in-house IT team and resources. The customer gained around-the-clock, real-time access to professionally trained and certified security experts at IBM ISS. IBM ISS helped the customer lower their total cost of ownership (TCO) through reduced staff, maintenance and infrastructure requirements. Solution components: IBM Proventia Network Intrusion Prevention System (IPS) IBM Proventia Network Intrusion Detection System (IDS) IBM Managed Security Services

14 IBM ISS Managed Security Services Driving Cost Savings with Guaranteed Protection Goes beyond simple event monitoring and device management by offering the industry s leading performance-based service level agreement (SLA) with a $50,000 cash-back payment* by the leading-edge IBM Internet Security Systems (ISS) X-Force research and development team. Security Management Monthly Annual In-House $85,592 $995,102 ISS Managed Security $37,671 $452,051 Cost Savings $44,921 $543,051 In this example, leveraging a managed protection provider yields a 55% savings over in-house security. Assumes full security staff of 10 providing 24x7x365 coverage, managing 12 HA Firewalls and 6 IDS engines, attending 2 training classes/yr, 20% employee turnover, equipment costs allocated over 3 years, and maintenance costing 15% of total equipment costs. * Money-back payment (for Managed Protection Services - Premium Level only): If IBM Internet Security Systems fails to meet the Security Incidents Prevention Guarantee, client shall be paid US$50,000 for each instance this guarantee has not been met. Please see IBM Internet Security Systems SLAs for more details. 14

15 Portal Reporting The portal reporting engine provides a custom query capabilities that allow users to build reports for exactly the data they desire. All reports can be run in several formats and can be exported to HTML, CSV and PDF. 15

16