In the previous blog, I described IBM’s enormous new security initiative – since then, I’ve been trying to dig deeper into the new tools and methodologies that IBM envisions, and have some results to share!
One of our contacts within IBM was willing to give a fairly detailed under-the-hood look into their thinking:
First, IBM is making sure that their new security framework addresses the full web of compliance requirements, with the following viewed as core:
· Sarbanes-Oxley Act (SOX), Section 404
· Health Insurance Portability and Accountability Act (HIPAA)
· Gramm-Leach-Bliley Act (GLBA) Section 501
· European Union Data Protection Act
· Basel II
· PATRIOT Act
Second, a bit of insight into the methodology - IBM’s approach to security consists of multi-faceted protection from the core to the perimeter and by helping clients put their security policy into practice through applying a unified process for assessing and addressing security and compliance concerns.
The steps involved in this unified process consist of Assessment, Planning, Implement ation and Monitoring.
ASSESSMENT: IBM consultants will inventory enterprise assets, apply security policies and identify and prioritize vulnerabilities – elements will include:
· Gaining a clear understanding of client’s security and compliance posture
· Independently identify and prioritize vulnerabilities
· Inventory enterprise assets
· Determine adequacy of security systems, processes and policies
· Continually assess threat profile
IBM intends to identify gaps in client’s security posture by conducting Information Security Assessment or Payment Card Industry Assessment or empower clients to do it themselves using:
· IBM Proventia® Enterprise Vulnerability Scanner software
· IBM Tivoli® Security Compliance Manager software
PLANNING: In this step, IBM intends to help organizations to define an enterprise security roadmap that will close any gaps. Enterprise security policies, processes and procedures and enterprise security architecture are also developed and ongoing risk management and compliance programs are put in place. IBM also plans to help clients align security and business priorities or empower them to do it themselves by providing an information security framework
IMPLEMENTATION: Leading-edge intrusion defense, data security, application security and network security to keep clients ahead of the threat. Components:
· Execute plans to preemptively help protect against internal and external threats
· Implement security architecture and encryption to help protect critical data
· Implement identity and access management
· Centralize policy enforcement for business data and unstructured information
· Design security incident response management plan
IBM will offer help in implementing plans through Encryption architecture, design and implementation services or empower clients to do it themselves using:
· IBM FileNet® P8 4.0 software for enterprise content management
· IBM Tivoli identity and access management technologies
· IBM Emergency Response Services
MONITORING: This last step consists of advanced monitoring and reporting capabilities designed to help organizations proactively detect, analyze and react to threats through the following services:
· Monitor and manage security infrastructure 24x7
· Maintain audit-ready posture
· Proactively detect, analyze and react to threats
· Continually monitor trends for emerging threats
In conclusion, this is obviously an ambitious program, but has caught my interest b/c I agree with IBM that the industry’s current approach is neither effective nor sustainable. I’m in favor of any attempt to improve the state of the art, and will continue to dig for details – much more to come!
Recent Comments