Search results

Cloud computing is a flexible, cost-effective, and proven delivery platform for providing business or consumer IT services over the Internet. Cloud resources can be rapidly deployed and easily scaled, with all processes, applications, and services provisioned "on demand", regardless of user location or device. As a result, cloud computing gives organizations the opportunity to increase their service delivery efficiencies, streamline IT management, and better align IT services with dynamic business requirements. In many ways, cloud computing offers the "best of both worlds", providing solid support for core business functions along with the capacity to develop new and innovative services. In addition to the usual challenges of developing secure IT systems, cloud computing presents an added level of risk, because essential services are often outsourced to a third party. The "externalized" aspect of outsourcing makes it harder to maintain data integrity and privacy, support data and service availability, and demonstrate compliance. The security measures discussed in this IBM Redpapers™ publication represent best practice implementations for cloud security.

In today's dynamic business environments, an organization develops relationships with its customers, contractors, and business partners at a faster pace than ever before. One of the major concerns across all types of organizations is the need to remove access to IT assets as quickly as possible when a relationship with an employee, contractor, or business is ended, especially if the relationship ends on less then congenial terms. In this IBM Redguide™ publication, we discuss processes and procedures for offboarding individuals to help ensure that the access and entitlements are removed in a timely fashion to mitigate risks of data theft and other malicious activity. We also talk about the business risks that drive the need for offboarding processes and the required measurements to prove that the risks are being mitigated. We present several control processes that need to be in place to mitigate the offboarding risks by using the IBM Security Blueprint. These processes are designed for companies who typically divide up offboarding responsibilities between HR, the IT organization, and IT system owners. Since different organizations may accept varying risk levels in regards to offboarding and they may want to investment differently for offboarding control processes, we introduce a maturity model that is designed to accommodate these differences. Finally, we sketch out some of the different products and services that can be applied to each of the maturity levels. This guide is a valuable resource for business an

This document provides information on tuning middleware for IBM Tivoli Identity Manager 4.6. It includes tunings for WebSphere, database servers (IBM DB2, Oracle, and MS SQL), directory servers (IBM Tivoli Directory Server and Sun ONE Directory), IBM Tivoli Directory Integrator, the ITIM application, and ITIM adapters. This edition includes a troubleshooting, best practices, and regular maintenance sections as well. This is a working document and will be updated as more information becomes available.

This document provides information on tuning middleware for IBM Tivoli Identity Manager 5.0 and 5.1. It includes tunings for WebSphere, database servers (IBM DB2, Oracle, and MS SQL), directory servers (IBM Tivoli Directory Server and Sun ONE Directory Server), IBM Tivoli Directory Integrator, the ITIM application, and ITIM adapters. This edition includes a troubleshooting, best practices, and regular maintenance sections as well. This is a working document and will be updated as more information becomes av

In this IBM® Redguide™ publication, we first explore some of the concerns that characterize security requirements of, and threats to, business and information technology (IT) systems. We then identify a number of business drivers that illustrate these concerns, including managing risk and cost, and compliance to business policies and external regulations. We describe how security is a major consideration in the way that business and information technology systems are designed, built, operated, and managed. In the past decades, industry groups and standards bodies have developed frameworks that serve as a baseline for some aspects of security. We discuss two common frameworks: CoBiT and ISO27002. Security for information technology can be complex and confounding. Therefore, IBM has created a pair of complementary views to bridge the communication gap between the business and the technical perspectives of security to enable convergence in thought and process. The IBM Security Framework addresses the business view, and the IBM Security Blueprint addresses the technical view. The IBM Security Framework was developed to describe security in terms of the business resources that need to be protected, and looks at the different resource domains from a business point of view. It divides IT security into the following six resource domains: - People and Identity - Data and Information - Application and Process - Network, Server, and Endpoint - Physical Infrastructure - Security Governance, Risk Management, and Comp

You can use IBM® Tivoli® Security products to build open, flexible, and scalable solutions to address business requirements in the areas of: -- Identity and access management -- Security information and event management One of the many strengths of the IBM Tivoli Security offerings is that they are designed and implemented as cross-platform solutions. This design enables broad adoption of the solutions across the range of disparate platforms typically found in an enterprise. IBM Tivoli Security solutions are, therefore, an excellent choice as organizations move further towards service-oriented architecture (SOA) and the security integration challenges present in SOA. In many enterprises, software solutions from Microsoft® are important components of the IT strategy. In this IBM Redpaper publication, we consider the use of IBM Tivoli Security solutions in Microsoft environments from a number of perspectives. In this paper, we discuss: Architectures and standards that are common to IBM Tivoli Security and Microsoft software. IBM Tivoli Security solutions running on Microsoft operating systems utilizing Microsoft middleware. How to secure a Microsoft software environment with IBM Tivoli Security solutions. IBM Tivoli Security solutions providing improved security and security management for Microsoft operating systems, middleware, and applications through integration.

Customers implement an integrated Identity and Access Management (IAM) solution to address many business requirements. The overall driving requirement is to provide a combination of business processes and technologies to manage and secure access to the information and resources within the organization. Towards addressing this overall goal, the IAM solution first needs to provide a method of granting users access to applications and systems across the enterprise that they need to perform their jobs. Second, it needs the capability to authorize proper access levels to resources based on business policies. Third, for Web-accessed resources, the solution needs to provide a means of authenticating people and only require a single sign-on (SSO) to access resources to which they have been granted access. Finally, there needs to be an audit trail to ensure proper operation of the IAM system. In this Redpaper, we describe several common business use cases for an integrated IAM solution. We then describe how the IBM Tivoli Identity Manager and IBM Tivoli Access Manager products integrate in a typical deployment to address these business use cases.

This document provides best practices on using the IBM Tivoli Identity Manager API with a focus on scale and performance.

This IBM Redpaper is a summary of the coverage of our products (Tivoli Security products) on the mainframe, or System z, both in what runs on System z and what management/security of System z resources we can provide. This paper introduces some of the platforms (and their terminology) for the mainframe, or System z. It then looks at the Tivoli Access and Identity Management as well as risk and compliance solutions and their System z footprint. The paper is broken up into the following parts: - What is all this z? - Directory and data integration on z - Identity and access management products - Risk and compliance products - Conclusion This paper assumes that you are familiar with the Tivoli Security suite but not familiar with the mainframe and the security offerings there. The update from January 28, 2008 fixes a broken Web link.

There is a standard integration provided between IBM Tivoli Identity Manager and IBM Tivoli Access Manager for Enterprise Single Sign-on by provisioning credentials through the IBM Tivoli Access Manager for Enterprise Single Sign-on Provisioning Adapter. A number of Tivoli Access Manager for Enterprise Single Sign-on product manuals cover the installation and configuration of the various components. However, there is no overview of all of the components in the integration and how they interact. This IBM Redpaper looks at the integration from end-to-end and details the components and their interaction.