IBM Wins Award for Best Security Company

On Tuesday March 2, IBM Corporation was named Best Security Company for 2010 by SC Magazine in recognition of IBM’s outstanding achievement in risk management and its comprehensive family of security solutions.

This is particularly impressive given that SC Magazine is the single most influential periodical for security professionals today. Published since 1989, the magazine is the longest-running, best-established monthly publication in the IT security space -- and the one with the largest readership.

And as the industry’s preeminent awards program, the annual SC Awards (link resides outside of ibm.com) has recognized security’s key contributors and outstanding products for more than a decade.

How did IBM beat out the competition? IBM Security Solutions comprise the broadest and deepest portfolio of end-to-end offerings addressing compliance, applications, data, identity and access management, networks, threat prevention, systems security, email, encryption, virtualization and cloud security.

Consider these statistics:

• 7,000,000,000+ security events are managed by IBM solutions every day
• 48,000+ vulnerabilities tracked in the IBM X-Force® research
• 15,000 IBM researchers, developers and subject matter experts on security initiatives
• 4,000+ IBM customers managed in security operations centers around the world
• 3,000+ IBM security and risk management patents
• 40+ years of proven success with security and virtualization on IBM System

Furthermore, the IBM solution portfolio is broader and deeper than any competitive suite. And organizations of any size, in any business sector, will find that IBM security offerings can help them get a better business outcome both today and tomorrow.

Identity and Access Assurance

Consider, for instance, how fundamentally important to IT services it is to ensure that only the right people get access to services and data. Keeping track of the complete range of users, groups, and their associated access rights and privileges is an area where no organization should compromise.

IBM Tivoli Identity and Access Assurance offers a complete package of modular identity management tools that can simplify and enhance overall management through both a central point of command and intelligent policies that can be applied over the complete user identity lifecycle. This package also delivers an exceptionally swift and consistent response via automation in areas such as monitoring, problem investigation, and user activity reporting (should activity be found to conflict with policies). And should high-end or unusual forms of authentication be required for a business purpose, such as smart cards or tokens, the package can integrate seamlessly with them.

Tivoli Identity and Access Assurance also delivers a superior experience for end users, not just IT. Thanks to single sign-on features, which apply to applications inside, outside, and between organizations, users need only sign on once to any given application, despite the fact that the application may in fact span multiple systems and identity pools. And that implies a second benefit: it eliminates the need for users to keep manual lists of accounts/passwords that could easily compromise organizational security, should they be lost.

Intrusion Detection/Prevention

How can security administrators know when intruders have breached their security -- or proactively prevent that from happening in the first place? Two key offerings from IBM are designed to accomplish exactly that.

The first is an intrusion detection appliance, the IBM Proventia IPS GX116, which serves as an intrusion detection core capable of continually evaluating network packets and looking for signs that a breach has occurred. Thanks to its easy setup and management, extraordinarily high processing rate, and intelligent analytics, this appliance helps deliver peace of mind to today's harried security administrators.

Ideally coupled with it is the IBM Proventia Network Security Controller, which extends IBM's best-of-breed intrusion prevention technology to super-fast networks and high-end network services with IP traffic as high as 10 GBits/sec., by integrating with the IPS GX116 and other appliances and performing deep-packet inspection.

Managed Security Services

Organizations in an unpredictable economy will often want to focus on proven, revenue-generating core competencies. That, of course, implies they may need to out-task the hassles of IT security to a proven provider.

IBM ISS Managed Security Services represent a great way to do just that. Thanks to SLA-ensured performance, and an impressive money-back guarantee, IBM clients can rely on IBM for 24/7/365 security monitoring and management -- thus not just securing their data, applications, systems, and services, but more easily achieving compliance with government regulations and substantially reducing overall cost of ownership.

Information/Event Management

How secure, really, is the total security architecture?

IBM Tivoli Security Information and Event Manager can help organizations answer that question in both a holistic sense and in as much detail as may be needed. This tool’s centralized log management and analysis, drawn from IT assets ranging from firewalls to databases to operating systems, helps determine the overall security posture.

Furthermore, the results can be reported in a variety of ways, including a real-time dashboard (to reflect performance against business and IT targets) as well as a wide array of customizable reports (particularly helpful in the event of a government audit).

And because of the solution's lightweight design, which generates no significant impact on business services, it can transparently reflect the user activity of even privileged insiders -- effectively mitigating this growing form of business risk.

Software Development

Any organization that develops software in-house needs to verify that its application security is a primary consideration baked into all of its source code -- right from the start.

Directly on point here is IBM Rational Software for Ounce 6, a result of IBM's acquisition of software-analysis vendor Ounce Labs in 2009. This tool can scan source code in languages such as Java, C, and C++, looking for likely vulnerabilities. Then, via its generated reports, it gives software developers the information they need to proactively secure their applications from as many threats as possible.

• Press Release
• SC Magazine: Best Security Company
• IBM Security Solutions
• Tivoli Identity and Access Assurance
• Proventia Network Security Controller
• IBM ISS Managed Security Services
• Tivoli Security Identity and Event Manager
• IBM Rational Software

Recent Articles

• IBM Delivers Unified, Enhanced Data Recovery Management

  Mar 09

• Integrated Service Management: The Operating System for a Smarter Planet

  Mar 02

• Track and Eliminate Internal Threats with IBM Tivoli

  Feb 23

• Get a Spectacular ROI from Pulse 2010

  Feb 16

• Pulse Industry Solution Demos: See Problem, Solve Problem

  Feb 09

• IBM Updates Key Maximo Offerings

  Feb 02

• Tivoli Live Monitoring Services: Customized Monitoring as an Online Service

  Jan 26

• IBM Tivoli Security Solutions Generate Higher ROI from IT

  Jan 19

• Pulse 2010: A Service Management Smorgasbord

  Jan 12

• Pulse 2010: Drive Business Value via Cross-Domain Integration

  Dec 22

• Browse full Tivoli Beat archive

Leverage and contribute to the collective wisdom around Tivoli

Engage the community