THE PREMIER SERVICE MANAGEMENT EVENT May 18 - 22, 2008 | Orlando, Florida Business Partner Summit Maximize Your Sales with Business Security Solutions

THE PREMIER SERVICE MANAGEMENT EVENTMay 18 - 22, 2008 | Orlando, Florida

Business Partner Business Partner SummitSummit

Maximize Your Sales with Business Security SolutionsMaximize Your Sales with Business Security Solutions

Bob Kalka, Global Security Enablement [email protected]

2

Agenda

• A Sales Perspective on Business Security

• IBM Corporate Security Strategy

• Relationship with IBM Service Management

• 1H08 Tivoli Security Sales Plays

• Top Opportunities

• Our Unique Value

• Summary

3

Massive insider breach at DuPont February 15, 2007 By: Larry Greenemeier

The world is riskier than it used to be…

iTunes back to normal after holiday traffic quadruplesABC News: December 28, 2006

Bill Would Punish Retailers For Leaks of Personal Data by Joseph Pereira (February 22, 2007)

TJX data breach: At 45.6M card numbers, it’s the biggest ever March 29, 2007 By: Jaikumar Vijayan

Bill would punish retailers for leaks of personal dataFebruary 22, 2007By Joseph Pereira

Societe Generale Uncovers Massive FraudJanuary 24, 2008By: Emma Vandore

4

More demands for personalized service

New standards & regulations

Improve operational efficiency – manage costs

Acquisitions &mergers

Seamless access to infrastructure – anytime/anyplace

Need for a consolidated view of information and applications

Inadequate return on investment in IT

Protect security and privacy of critical assets

Need to streamline linkages with partners and suppliers

Legacy system integration

Increasing volume of data

Increasingly mobile workforce

External system threats

Business Challenges - Sound Familiar?

5

Business Challenges – The Simple View

1. Can I protect against internal and external security threats and vulnerabilities? (IT Security)

2. Can I protect my business initiatives? (Business)

• Who can come in?

• What can they do?

• Can I easily prove it to an auditor?

PHYSICAL

INFRASTRUCTURE

DATA

USERS

APPLICATIONS

6

The Simple Answer is “No, I Can’t”

PHYSICAL

INFRASTRUCTURE

DATA

USERS

APPLICATIONS

Disclosures of Sensitive Business Data(IT Policy Compliance Group, 2007)

Between 3 and 2270%

More than 22 incidents

20%Less than 3

10%

7

IBM Security Framework

“Marketecture”

The IBM Security Framework

Common Policy, Event Handling and Reporting

Security Governance, Risk Management and Compliance

Network, Server, & End-point

Physical Infrastructure

People and Identity

Data and Information

Application and Process

Managed Security Services

Security Hardware

and Software

Professional Services

Physical Security Solutions

Security Governance, Risk & Compliance Solutions

Threat and Vulnerability Mgmt & Monitoring Solutions

Application Security Lifecycle Mgmt Solutions

Identity and Access Management Solutions

Information Security Solutions

8

People and IdentityNetwork, Server, End Point

Data & Information Process & Application

ITITB

usin

essB

usin

ess

C(I)SO

CFO/CCO LoB/App. Architecture

CSO

Market Opportunity

Overview: Protect & secure data & information

2008 Opportunity: $5.5B, 08-11 CAGR 28%

Overview: Continuously manage, monitor and audit application security

2008 Oppty: $400M, 08-11 CAGR 20%

Overview: Comprehensive threat & vulnerability management across networks, servers & end-points

2008 Oppty: $11.6B, 08-11 CAGR 12%

Overview: Enable secure collaboration with internal and external users with controlled access to information, applications and assets.

2008 Oppty: $3.7B, 08-11 CAGR 16%

9

IBM Service Management (ISM)

VisibilityVisibility

See See your your

businessbusiness

Only IBM delivers integrated

visibility across Business & IT

Audiences.

ControlControl

Govern Govern your your

assetsassets

Only IBM delivers integrated control across Business

& IT Assets.

An Integrated Approach to Getting Business Results

AutomationAutomation

Build agility Build agility into into

OperationsOperations

Only IBM delivers integrated

automation across Business & IT Operations.

10






People and Identity




• SECURITY COMPLIANCE

• Demonstrable policy enforcement aligned to regulations, standards, laws, agreements (PCI, FISMA, etc..)

• IDENTITY & ACCESS (USERS)

Enable secure collaboration with internal and external users with controlled and secure access to information, applications and assets

• INFORMATION SECURITY (DATA)• Protect and secure your data and information

assets

• APPLICATION SECURITY

•Continuously manage, monitor and audit application security

• INFRASTRUCTURE SECURITY

• Comprehensive threat and vulnerability management across networks, servers and end-points

Compelling Reasons to Act

11

Security Compliance Aligning IT security to business priorities

Our ValueOur Value

•Quickly prove that only the right people are getting access to your sensitive business data

•Effectively collect and report on all of the audit-relevant events, alerts and logs generated in your infrastructure every day

•Validate that all systems, including System z, are securely configured

Tivoli OpportunitiesTivoli Opportunities

• Tivoli Security Information & Event Management (TSIEM)

• Tivoli Compliance Insight Manager (TCIM)

• Tivoli Security Operations Manager (TSOM)

• Tivoli zSecure Suite

• Tivoli Security Compliance Mgr

Cross-Brand OpportunitiesCross-Brand Opportunities

• ISS SiteProtector and partnerships for Data Leakage Protection

• GBS and GTS/ISS Services

• IM DB2 Audit Management Expert (AME) and Entity Analytics

12

Meeting Requirements of the Digital DozenThe products outlined in this chart highlight IBM capabilities. Please call your local IBM executive for a full listing of all products and services that map to PCI requirements

•Tivoli Security Compliance Manager•IBM ISS Enterprise Scanner•IBM Rational AppScan

•TSIEM

•IBM Digital Video Surveillance•IBM Biometric Access Control

•IBM Tivoli Identity Manager•IBM Tivoli Federated Identity Manager

•IBM Tivoli Access Manager•IBM Tivoli zSecure Admin

•IBM ISS Proventia •IBM ISS Enterprise Scanner

•Professional Services•TSIEM

•IBM ISS Proventia

•IBM Tivoli Access Manager•TSCM

•IBM Storage Manager•IBM PKI Services

•IBM Data Encryption of IMS and DB2•IBM Websphere•DataPower XML Security Gateway

•IBM Tivoli CCMBD•Rational Release Manager•IBM Rational AppScan•ISS Enterprise Scanner

13

Our ValueOur Value

•Provisioning: Quickly setup and/or recertify user account access across all platforms, including System z

•Quickly locate and manage invalid user accounts

• Productivity: Increase user productivity through convenient yet secure single sign-on support

•Access and Audit: Control access to applications consistently, across enterprise, web, and SOA-based applications.


• Tivoli Identity Manager v5• including key partnerships

• Tivoli Access Manager family (TAMeb, TAM ESSO, TAMOS)

• Tivoli Federated Identity Mgr

• Tivoli zSecure Suite



Cisco Secure

ACS

Cisco Secure

ACS

Business Applications

Authoritative Identity Source

(Human Resources, Customer Master, etc.)

TIM Trusted Identity Store

Accounts

jcd0895jdoe03

doej

John C. Doe

Sarah K. Smith

smiths17

Sarah_s4

ackerh05

nbody

Sarah’s Manager

RecertificationRequest

Access Revalidated and Audited

11

22

33

44

55

Identity & Access ManagementManage users, identities, access rights, enforce & monitor user activity on all IT systems

14

Duke MedicineHealthcareTivoli Identity Manager Tivoli Business Systems Manager, Tivoli Monitoring Tivoli Enterprise Console, Tivoli Application Dependency Discovery Manager

“Disaster recovery is not an acceptable option for healthcare institutions. We wanted to focus on disaster avoidance and business continuity and achieve a goal of no downtime.”

Rafael Rodriguez, Associate CIO, Academic and

Infrastructure Services,Duke Health Technology

Solutions

Value Drivers:Value Drivers:

• Enhance healthcare delivery and build a secure foundation for patient-centric care through a Service Oriented Architecture based IT infrastructure that drives greater alignment, visibility and control of IT services.

Solution:Solution:

• An IT infrastructure transformation program that helps staff drive growth, find every efficiency and manage risk

Value Realisation:Value Realisation:

• Improved service availability enhanced compliance and security strengthened relationship between patients and care providers reduced IT management costs to redirect IT dollars to new initiatives

15

Banco Mercantil do BrasilBanking, Financial MarketsIBM Tivoli Identity Manager

“We have already reduced from seven days to two days the time it takes to provide employees with access to IT resources, including human resource processes, identifications and passwords,”

Roberto Pérez Herrera,Technical Support Manager,

Value Drivers:Value Drivers:• To fine tune its business model, Banco Mercantil do Brasil needed

to automate access management processes for its internal applications.

Solution:Solution:• To fine tune its business model, Banco Mercantil do Brasil needed

to automate access management processes for its internal applications.

Value Realisation:Value Realisation:• Users can now control and synchronise their own passwords.• The calls related to password service are down 30 percent,

resulting in a savings of at least 450,000 USD annually• HR managers can create and cancel employees’ and consultants’

accounts in just two days instead of seven days• Employees and consultants have access only to applications

related to their responsibilities• Account holders can create and change their passwords faster,

increasing employee productivity and strengthening security.

16

Data Security

Our ValueOur Value

•Consistently control access to both structured and unstructured data across all environments, including System z

Tivoli Access Manager (with FileNet), Tivoli Access Manager (with FileNet), Tivoli zSecureTivoli zSecure

DLP (Partnership), Records Crawler, DLP (Partnership), Records Crawler, IBM Classification ModuleIBM Classification Module

Encryption, Key Lifecycle ManagementEncryption, Key Lifecycle Management

Data & Information SecurityData & Information Security


• Tivoli Access Manager• IBM Unstructured Data

Security Solution-IBM Classification Module

• Strong Authentication-FileNet

• Tivoli zSecure Suite• Tivoli Key Lifecycle Manager

(2008


• IM IBM Classification Module

• IBM FileNet

• ISS partnerships for Data Leakage Protection


Protecting a critical enterprise asset

17

IBM Unstructured Data Security Solution delivers immediate benefits• Classify

• Improve visibility and organization of unstructured content• Enhance user productivity and collaboration by streamlining access to

unstructured content• Secure

• Improve security by securing the data that needs securing• Reduce administration costs by centralizing the management of privileged

user access• Monitor

• Enhance visibility and improve risk management of privileged users• Enable compliance and streamline reporting

IBM ClassificationModule

IBM Tivoli Access

Manager for Operating Systems

IBM Tivoli Compliance

Insight Manager

18

Application SecuritySecurity policy management for an application from creation through production

Our ValueOur Value

• Consistently and auditably control access to all of my applications – enterprise, web, and SOA-based

• Shield developers from changes to security policy (authentication, etc.)

• Protect against the most common application-level vulnerabilities

BuildBuild

Developers

Developers

Developers

CodingCoding TestTest ProductionProduction

Provides Developers and Testers with expertise on detection and remediation ability

Enables Chief Security Officers to drive remediation back into development & QA

Ensures vulnerabilities are addressed before and after applications are put into production

Provides user access control and can help remediate known vulnerabilities


• Federated ESB (‘identity-aware’)• Tivoli Federated Identity

Mgr

• Application Vulnerabilities• Tivoli Access Manager


• SOA: WebSphere (ESB, WSRR, WAS, Portal Server, WPS

• Enterprise: Rational AppScan and WebXM

19

The Federated Enterprise Service Bus (ESB)for SOA Environments

• The Federated ESB is a core application of Security as a Service• Drives ESB to become ‘identity-aware’• TFIM is a core component

Service A Service B

Enterprise Service Bus (ESB)

Ray [email protected]

Security Token Service

Exchange this representation of the user from Service A for one that

Service B will understand

New representation of user identity

(for Service B)(WS-Trust)

Authorization Service

Authorized ? Yes/No

20

Major Mutual Funds FirmFinancial MarketsTivoli Access Manager for e-business, Tivoli Federated Identity Manager

Value Drivers:Value Drivers:•The company needed to deploy hundreds of new Web applications to millions of customers, while at the same time integrating new corporate customers into its federated Web portal. .

Solution:Solution:•The path selected by the company to handle 400 applications protected by common access-control policy was IBM Tivoli Access Manager for e-business software. This application accommodates some 2.5 million users.

•To integrate new corporate customers into the company’s portal, the client deployed IBM Tivoli Federated Identity Manager software, a tool that offers a simple model for secure identity management and information access.

Value Realisation:Value Realisation:• The overall benefit to the

company with the new solution is the peace of mind of knowing that all of its data is secure.

• From a financial standpoint, the client saved US$60,000 per application by centralizing its security policy, in part by reducing the number of help-desk calls by 61 percent.

• Going forward, the client will be able to integrate new corporate customers in a matter of days.

21

Together, Rational AppScan and Tivoli Access Manager provide enhanced application security

Site wide discovery, inventory and assessment of all web applications• Increase TAM usage by finding applications that are not registered • Show that TAM apps are more secure by comparing security of those that are not in

TAM to TAM applications.

Clean all applications of vulnerabilities before moving to TAM• Ensure all applications inside TAM are secure

Post-TAM application security monitoring• All applications inside TAM are regularly scanned to security issue to ensure ongoing

compliance with policy• TAM can help remediate vulnerabilities identified by AppScan as they attempt to bypass

access controls

3rd party orCustom App

AppScan ensures that applications TAMeb is granting access to are tested for vulnerabilities

Access Manager

Application Vulnerabilities

TAM provides centralized user access to applications & addresses key vulnerabilities tested by AppScan

Cross-site scripting &cross-site request forgery

22

Aarhus KommuneGovernment, HealthcareTivoli Access Manager for e-business

Value Drivers:Value Drivers:

• The key challenge was to involve elderly citizens actively in coordinated care and improve management of the chronic ailments of this growing demographic.

Solution:Solution:

• With assistance from IBM Global Business Services, Aarhus Kommune developed a blueprint for an integrated solution based on pervasive technology that could improve the quality of healthcare and homecare division care. Eight elderly patients volunteered to test the solution through a pilot program called "Eldertech," which involved providing each test subject with IBM Personal Care Connect devices and Lenovo ThinkPad X Series Tablet devices for home use over a four-month trial period.

Value Realisation:Value Realisation:

• The Eldertech pilot demonstrated the potential of a flexible healthcare ecosystem solution to support the empowerment of elderly citizens and the coordinated delivery of care, which is essential to enable preventive chronic care.

“The city of Aarhus collaborated closely with public researchers and private companies to explore and develop technology in pervasive computing. This project will help us meet the challenge of supporting our aging population by empowering our elderly citizens and improving their quality of life.”

23

Infrastructure Security ManagementComprehensive threat and vulnerability management across networks, servers and end-points

Web serverMail server

Hosted environment

Local area network

(LAN)

Perimeter

Security Information & Event ManagementSecurity Information & Event Management

Tivoli Opportunities

• Tivoli Security Information & Event Management

• Tivoli Compliance Insight Manager

• Tivoli Security Operations Manager

• Tivoli Security Compliance Mgr

Cross-Brand Opportunities

• ISS SiteProtector and partnerships for Data Leakage Protection


Our ValueOur Value

•Detect and manage network, host and endpoint threats and intrusions

• Centrally manage and monitor security operations

24

25

From Reactive Security to a Risk-aware Enterprise

Reactive

Compliant

Consolidated

Automation

Control

Visibility

Threat and Vulnerability Management

Managed Firewall and Anti-Virus

Identity and Access Management

Change and Configuration Management

Security Information and Event Management

Risk Aware

Security Risk Measurement

Strategy






People and Identity



26

IBM Security Leadership

Marketshare: Identity and Access Management

LeaderWave: Enterprise Security Information Management ( Consul InSight)

Marketshare: Web Access Management, Worldwide,

2005 ( FIM, TAM )

LeaderWave: User Account Provisioning ( TIM )

Managed Security Services (Marketshare)

Leader

MQ: Security Information & Event Management (TSOM, Consul InSight)

MQ: User Provisioning ( TIM )

LeaderWave: Enterprise Security Information Management ( Consul )

Leader

Marketshare: Web Access Management, Worldwide, Ranked #1

MQ: Web Access Management ( TAM )

LeaderWave: User Account Provisioning ( TIM )

Identity Management ( TIM , TAM, FIM, TDI, TDS)

Managed Security Services (Marketshare)

ChallengerConsul InSight)

MQ: User Provisioning ( TIM )

Ranked #1

ISS Network Security, Firewalls and Managed Services

Leader

#1

#1

#1

#1 Ranked #1

Ranked #1

27

Emerging Trend: Security Policy Management

•The days of “everybody has to choose the same access control engine” for cross-firm collaboration and integration are long gone

• How can we define security policy centrally based on standards (e.g. with WS-SecurityPolicy and XACML) and push it to the enforcement points?

• How can we effectively ensure compliance with access policy at the points of enforcement?

•Solution: Tivoli Security Policy Manager: Policy definition & provisioning, and policy audit

•Benefit: Effective deployment of security policy

28

Emerging Trend: Identity Protection

• How do we apply risk management as individuals, given identity is valuable, consequential, contextual and dynamic?

• How to give ourselves a say in how much risk we’re willing to have with respect to our identity data, which is potentially shared across so many ‘consumers’?

• Solution: user-controlled identity as a service

• Like Federated Single Sign-On (FSSO), but not really – user has ultimate control as personal identity broker

• e.g. CardSpace and Higgins (wire compatible with CardSpace but supports more protocol providers such as OpenID and HTML forms, etc.)

• Benefit: not only allows us to implement our own individual risk management preferences, but lowers risks for service providers because they don’t have to store as much detailed information about us, since iCard provides needed info each time (think PCI etc.)

29

Only vendor that delivers breadth of security and compliance capabilities to address infrastructure, applications, information, people and identities

Integrates with all types of business data (structured, semi-structured, and unstructured) for addressing information & data security needs and all major application types (web, legacy, and ESB for SOA) for securing business process

Open security platform and leadership in Web Services security, policy management and federated identity

Analyst attested leadership in markets for user and infrastructure security and compliance software and services.

Leadership in mainframe security with RACF, zOS security, identity & access and compliance enabling clients to leverage System z as the enterprise security hub

Security integration with key ITIL processes out of the box: Incident, Problem, Change, Release, SLA, Configuration, Availability.

IBM offers full breadth of end-to-end asset and service management solutions that operate on a common web services infrastructure.

Breadth and Depth of Breadth and Depth of SolutionSolution

Extensive IntegrationExtensive Integration

Open StandardsOpen Standards

Product LeadershipProduct Leadership

Best in class System z Best in class System z securitysecurity

A core element of A core element of IBM Service ManagementIBM Service Management

Breadth of Service Breadth of Service Management offeringManagement offering

Why IBM?

30

For More InformationSales & Marketing ToolsSales & Marketing Tools

• Campaign Designer - IBM Tivoli Asset & Security Protection campaign (Translated into 12 languages!)

Partner PlaybooksPartner Playbooks• IBM Tivoli Security and Compliance Management Partner Playbook• IBM Tivoli Security for SMB • Tivoli Security Operations Manager Partner Playbook • Tivoli Identity Manager Express Partner Playbook

Channel Sales PlaysChannel Sales Plays• Facilitate Security & Audit Regulation Adherence with PCI Compliance• Security for SMB • Security Compliance and Audit Management

31

Maximize Web Resources for Sales Success

Tivoli TrainingIBM offers technical training and education services to help you acquire, maintain and optimize your IT skills. For a complete Tivoli Course Catalog and Certification Exams visit www.ibm.com/tivoli/education

Tivoli SMB Customer SiteletIBM Tivoli now has a sitelet designed specifically for your SMB customers. Promote to your clients and view the latest SMB case studies, whitepapers, demos and offers. Visit www.ibm.com/tivoli/SMB

Tivoli Knowledge CenterIBM Tivoli Business Partner Portal. Get the latest information on Tivoli, Maximo and Netcool. Your source for playbooks, sales plays, training roadmaps, deployment guides, ect Visit www.ibm.com/tivoli/partners

32

THANK YOUTHANK YOU

33

Trademarks and disclaimers

33

References to IBM products, programs, or services do not imply that IBM intends to make these available in all countries in which IBM operates. Any reference to an IBM product, program, or service is not intended to state or imply that only IBM's product, program, or service may be used.

Any functionally equivalent product, program, or service that does not infringe on any of the intellectual property rights of IBM may be used instead. The evaluation and verification of operation in conjunction with other products, except those expressly designed by IBM, are the responsibility of the user.

The customer examples described are presented as illustrations of how those customers have used IBM products and the results they may have achieved. Actual environmental costs and performance characteristics may vary by customer.

Information concerning non-IBM products was obtained from a supplier of these products, published announcement material, or other publicly available sources and does not constitute an endorsement of such products by IBM. Sources for non-IBM list prices and performance numbers are taken from publicly available information, including vendor announcements and vendor worldwide homepages. IBM has not tested these products and cannot confirm the accuracy of performance, capability, or any other claims related to non-IBM products. Questions on the capability of non-IBM products should be addressed to the supplier of those products.

All statements regarding IBM future direction and intent are subject to change or withdrawal without notice, and represent goals and objectives only.

Some information addresses anticipated future capabilities. Such information is not intended as a definitive statement of a commitment to specific levels of performance, function or delivery schedules with respect to any future products. Such commitments are only made in IBM product announcements. The information is presented here to communicate IBM's current investment and development activities as a good faith effort to help with our customers' future planning.

Performance is based on measurements and projections using standard IBM benchmarks in a controlled environment. The actual throughput or performance that any user will experience will vary depending upon considerations such as the amount of multiprogramming in the user's job stream, the I/O configuration, the storage configuration, and the workload processed. Therefore, no assurance can be given that an individual user will achieve throughput or performance improvements equivalent to the ratios stated here.

Prices are suggested U.S. list prices and are subject to change without notice. Starting price may not include a hard drive, operating system or other features. Contact your IBM representative or Business Partner for the most current pricing in your geography.

The following terms are registered trademarks or trademarks of IBM Corporation in the United States or other countries or both:

IBM, the IBM logo, ibm.com, Tivoli® , Tivoli (logo)®, Tivoli® Business Partner (logo) and Netcool®, Netcool®/OMNIbus, TotalStorage® , System z, are trademarks or registered trademarks of International Business Machines Corporation in the United States, other countries, or both. These and other IBM trademarked terms are marked on their first occurrence in this information with the appropriate symbol (® or ™), indicating US registered or common law trademarks owned by IBM at the time this information was published. Such trademarks may also be registered or common law trademarks in other countries. A complete and current list of IBM trademarks is available on the Web at http://www.ibm.com/legal/copytrade.shtml

Documents

THE PREMIER SERVICE MANAGEMENT EVENT May 18 - 22, 2008 | Orlando, Florida Business Partner Summit Maximize Your Sales with Business Security Solutions