ibm security systems solutions for banking
TRANSCRIPT
-
EL ASKRI Med EnisSoftware Sales Leader
IBM West Africa & Senegal [email protected]
1
IBM Security Systems Solutions for banking Industry
Hammamet, le 23 Avril 2013
-
2012 IBM Corporation
Service Management for a Smarter Planet
2222
Agenda
Addressing banking industry imperatives through:
Visibility Control Automation
Challenges facing decision makers in the banking industry today
Potential benefits from addressing these challenges
IBM Security Solutions for banking Industry
-
2012 IBM Corporation
Service Management for a Smarter Planet
33
Realities of an integrated world three interwoven issues
Across many industries there is a need to implement bold strategies that provide visibility of how systems are operating, control of IT and fixed asset management and automation of both physical and cloud infrastructures in order to meet the
demands of clients worldwide.
All industries remain focused on controlling
cost while increasing the utilization of everything
Strengthening the supporting infrastructures
to enable industry strategies is required
Business environments in every industry need to adapt and thrive in the
face of change
-
2012 IBM Corporation
Service Management for a Smarter Planet
44
Market forces driving the transformation of the banking industry
Capital inadequacy depressing profit margins
Emboldened customers expect rapidly evolving new services and offerings
Fierce competition for customers spawns industry consolidation, entrance of non traditional firms
Changing business model shifts from product-centric to customer-centric
Enhanced regulation increases government oversight and intervention
Increasing social and government pressurefor financial inclusion
-
2012 IBM Corporation
Service Management for a Smarter Planet
555
VisibilityVisibility ControlControl AutomationAutomation
Real time access to business analytics
tailored to meet the needs of your bank.
Efficient management of cost and optimization of banking processes and
assets.
Streamline banking processes and automate banking infrastructures.
Meeting the service management needs of banking clients worldwide
IBM can help you gather, synthesize, and improve information to help improve the way your bank operates turning mountains of data into real time decisions.
-
2012 IBM Corporation
Service Management for a Smarter Planet
66
Operational IT Risk
RegulatoryAudit
ITTransformation
Payment System Monitoring
Visibility Control Automation project areas for banking
Create a customer-focused enterprise
Increase flexibilityand streamline
operations
Drive innovation while managing
costs
Optimize enterprise risk and
compliance
-
2012 IBM Corporation
Service Management for a Smarter Planet
77
SMART ISIncreasing efficiency and automating audit processes
Banco Mercantil do Brasil, Brazil:The bank reduced the time and cost of managing user access across the entire account lifecycle - 80% reduction in provisioning time , 35% reduction in password-related help desk calls, 7 to 1 reduction in number of managed passwords for each user
SMART ISGaining complete compliance with regulations while reducing costs and processes
A US Financial bank, US:While complying with numerous regulatory requirements, the IBM solution the bank implemented also saved $60,000 per application by centralizing its security policy, in part by reducing the number of help-desk calls by 61%
IBM customer examples of successful regulatory audit processes
-
8IBM Security Framework
-
9Comprehensive Security Solutions
-
10
End to end, IBM has a strong security competitive posture10
HPEDS
CA Symantec McAfee EMC Oracle(Sun)
Cisco Verizon
People and Identity
Data and Information
Application and Process
Network, Server and End Point
Physical Infrastructure
Updated January 2011
-
11
How Does the Framework Map to Our Products? IBM Tivoli Identity and Access
Assurance (TIAA) solution bundleo IBM Tivoli Identity Manager (TIM)o IBM Tivoli Access Manager for
Enterprise Single Sign-On (TAM E-SSO)o IBM Tivoli Federated Identity Manager
(TFIM)o IBM Tivoli Access Manager for e-
business (TAMeb)o IBM Tivoli Security Information and
Event Manager (TSIEM) IBM Tivoli Security Policy Manager IBM Tivoli Key Lifecycle Manager
IBM Security Network Intrusion Prevention (GX series)
IBM Security Server Protection
IBM Virtual Server Protection for VMware
IBM Security SiteProtector System
IBM Tivoli Endpoint Manager for Security and Compliance, built on BigFix technology
IBM Security zSecure suite
Q1 Labs QRadar SolutionsIBM Tivoli Security Information and Event Manager (TSIEM)
-
12
IBM Tivoli Identity and Access Assurance (TIAA) beat out Microsoft, Novell, CA and others to win SC Magazine's 2011 award for the Best Identity Management Application (article found here http://www.scmagazineus.com/best-identity-management-application/article/196008/)
In addition, SC Magazine named IBM Tivoli Access Manager for Enterprise Single Sign-On a finalist for the Best Multi-Factor award (LINK) and IBM Security Network IPS a finalist for the Best Web Application Firewall award (LINK).
-
13
Tivoli Identity Manager
Identitychange
(add/del/mod)
HR Systems/ Identity Stores
Approvals gathered
Accounts updated
Accounts on 70+ different types of systems managed. Plus, In-House Systems &
portals
Accounts on 70+ different types of systems managed. Plus, In-House Systems &
portals
Databases
OperatingSystems
DatabasesDatabases
OperatingSystemsOperatingSystems
ApplicationsApplications
Networks &Physical Access
Access policy
evaluated Cost
Complexity
Reduce Costs Self-service
password reset Automated user
provisioning
Manage Complexity
Consistent security policy
Quickly integrate new users & apps
Detect and correct local privilege settings
Compliance
Address Compliance
Closed-loop provisioning
Access rights audit & reports
Automate user privileges lifecycle across entire IT infrastructure
Match your workflow processes
Tivoli Identity ManagerAutomates, audits, and remediates user access rights across your IT infrastructure
Know the people behind the accounts and why they have the access they do
Fix non-compliant accounts
-
14
TAM E-SSO Solution Overview TAM E-SSO provides: Enterprise single sign-on Two-factor authentication Automation to get users to
productive point in their apps Multi-user machines (e.g.
kiosks) fast user switching Identity management via TAM
E-SSO or TIM Audit/reporting via TAM E-SSO
or TSIEM with no change to the target applications
-
15
Web Single Sign-On
-
16
Web single Sign-onStrong authentication
Security/protectionHigh AvailabilityScalability
Compliance -- know and show whos accessing what
#1 requirement addressed by TAMeb
Web SSO and More with IBM Tivoli Access Mgr. for e-business (TAMeb)
-
17
Complete SSO Coverage
Web ServersWeb ApplicationsPortals, e.g. WP
Web SSO Targets
Web SSOInternet
Extranet
FederatedSSO
Federated Targets
SOAMulti-Domain
Intranet/Kiosk
Enterprise SSO
Enterprise Targets
WindowsWeb
MainframeJava
-
18
We are recognized by the analysts IBM Tivoli Identity and Access Assurance (TIAA) beat out
Microsoft, Novell, CA and others to win SC Magazine's 2011 award for the Best Identity Management Application (LINK)
IBM named Best Security Company, winning the award for 2010s #1 security company for 2010 by SC Magazine LINK
Gartner Magic Quadrant for Web Access Management IBM is ranked in the leaders quadrant LINK
Gartner MarketScope for Enterprise Single Sign-On IBM is ranked as Strong Positive LINK
Gartner Magic Quadrant for SIEM Q1 Labs is ranked in the leaders quadrant - LINK
IDC Worldwide Identity and Access Management 2009-2013 Forecast Update and 2008 Vendor Shares IDC ranks IBM as the overall worldwide identity and access management security software revenue leader for the third straight year LINK
-
19
-
20
Network Threat Management Business Scenario A manufacturing company has a
large global footprint, with 6 data centers.
They want to have thorough knowledge of what traffic is running on their network, and make sure it is authorized and free from malicious content
They know many application vulnerabilities do not have current patches and are looking for a solution to address this
They want a high performance solution that scales to meet their throughput needs
How does IBM address this scenario? IBM Security Network Intrusion
Prevention (NIPS) appliances provide deep inspection of all network traffic.
With intelligence provided by IBM X-Force, these appliances can automatically update themselves, staying Ahead of the Threat.
With IBM Security NIPS appliances protecting the companys websites, they will enjoy the best protection in the industry.
These appliances provide true situational awareness of what is on the network, and with SiteProtector, prioritization of remediation is easily achievable.
The IBM Security Virtual Patch will protect their infrastructure, even if no patch is ever available to fix vendors vulnerabilities.
-
21
IBM Intrusion PreventionThe Lineup21
Network ProtectionIBM Security Network IPSIBM Security Network IPS Virtual Appliance
Virtual Infrastructure ProtectionIBM Security Virtual Server Protection for VMwareIBM Security Network IPS Virtual Appliance
Server ProtectionIBM Security Server Protection & Server Sensor
Security ManagementManaged Security ServicesIBM Security SiteProtector
Transparent, in-line network
appliances (and virtual appliance
versions) block attacks while allowing
legitimate traffic to flow unhindered
Preemptive intrusion prevention
Track user/admin behavior
File integrity monitoring
Host level controls for
compliance
Command and control
Event analysis
Reporting
VMsafe (Security) API integration
Intrusion Prevention & firewall
Rootkit detection/prevention
Inter-VM traffic analysis
And more
-
22
-
23
Customer Value Delivered by Tivoli Endpoint Manager for Security and Compliance, built on BigFix technology
Automated, effective, rapid patch deployment Single agent addresses Microsoft, UNIX, Linux, Mac and 3rd-
party application patches (Adobe, Mozilla, Java, ) Automated or manual network bandwidth throttling based on
network traffic . . . CPU impact
-
24
Tivoli Endpoint Manager for Security and ComplianceCompetitive Positioning
Microsoft SCCM
Symantec Altiris
LANDeskTEM-SCIBM
Asset discovery
Continuous endpoint monitoring
Patch management, incl. 3rd party applications
Security configuration management
Single agent for security, SW distribution, power,
Cross-AV-vendor management
Performance: Manage up to 250K endpoints w/1 svr.
Built on BigFi
x
technology
Endpoint OSs supported Win, Mac, UNIX, Linux, VMwareWindows
Partners for others
Client: Win, Mac, Linux, no UNIX
Server: Win, Linux, UNIX, VMware
Win, Mac, Linux, UNIX (minus AIX)
-
25
Recently Announced/Delivered: TEM for Core ProtectionWhat is it?
Trend Micros cloud-based, endpoint anti-malware & firewall technology, tightly integrated
with TEM (no Trend Console or Servers)
Sales compensation handled same as other TEM: 100% CRev and FRev credit for IBM sales
Previously sold to customers as the BigFix Core Protection Module
Sold as a stand-alone TEM product, similar to TEM for Power Management
IBM delivers L1 and L2 support; Trend handles error correction
Sales ApproachQ: Do I get paid on sales of TEM for Core Protection?A: Yes. IBM sales of TEM for Core Protection qualify as 100% CRev and FRev.Q: Do Trend reps get paid when IBM sells into their accounts?A: Yes. Trend reps get paid on the net royalty revenue paid to Trend.Q: Do IBM reps get paid when Trend sells into our accounts?A: Yes. See the TEM for Core Protection Sales FAQ in the TEM Sales Kit for details.Q: Should I collaborate with Trend account teams in my TEM-CP opportunities?A: Its up to you. Trend reps do receive compensation for IBM sales into their accounts, so
there is incentive for them to support you. Both companies can compete directly in accounts there are no restrictions in this regard.
-
26
TEM-CP . . . Customers love it!
Poor AV signature compliance.
Many systems with systematic AV engine failures.
Performance issues on systems older than three years.
Replaced existing McAfee/EPO system on 4,300 endpoints in 2 weeks with no issues.
A/V signature compliance went from 60% to 95%+ since the migration to CPM.
Older systems ran like new once TEM-CP was installed.
No centrally managed AV solution for Macs No cross-platform AV solution Need to manage/report on machines outside the internal network
No additional hardware
Centralized AV management for Macs
Web reputation in Mac environment
Easy installation; only had to package uninstall of existing AV solution
-
27
SIEMRisk ManagementLog ManagementNetwork behavior analyticsSecurity event managementUser behavior analyticsCompliance reporting
-
28
Solving Customer Challenges with Total Security Intelligence
Discovered 500 hosts with Here You Have virus, which all other security products missed
DETECTING THREATS OTHERS MISS
2 Billion log events per day reduced to 25 high priority offenses
CONSOLIDATING DATA SILOS
Caught an employee sending out internal designs
DETECTING INSIDER FRAUD
Automate the policy monitoring and evaluation process for configuration changes in the infrastructure
PREDICTING RISKS AGAINST YOUR BUSINESS
Real-time monitoring of all network activity, in addition to PCI mandates
ADDRESSINGREGULATION MANDATES
-
29
Solutions for the Full Compliance and Security Intelligence Timeline
-
30
Fully Integrated Security Intelligence
Turnkey log management SME to Enterprise Upgradeable to enterprise SIEM
Integrated log, threat, risk & compliance mgmt. Sophisticated event analytics Asset profiling and flow analytics Offense management and workflow
Predictive threat modeling & simulation Scalable configuration monitoring and audit Advanced threat visualization and impact analysis
Network analytics Behavior and anomaly detection Fully integrated with SIEM
Layer 7 application monitoring Content capture Physical and virtual environments
SIEM
Log Management
Risk Management
Network Activity & Anomaly Detection
Network and Application
Visibility
-
31
Broadest, most complete log and audit trail capture capability
Enterprise audit logManagement full life cycle
W7 log normalization & unique ability to monitor user behavior
Compliance management modules & regulation-specific
reports
TSIEM Addresses Customers Audit Log Management and Reporting Needs
-
32
Tivoli Security Information and Event Manager provides a single,integrated product that delivers insider threat, audit and compliance
Assessing compliance: Tivoli Security Information and Event Manager 2.0Manage logs and monitor privileged users for insider threat
and compliance initiatives
Single, integrated product Log Management Reporting Unique ability to monitor user behavior Enterprise compliance dashboard Compliance management modules and
regulation-specific reports Broadest, most complete log and audit trail
capture capability W7 log normalization translates your logs into
business terms Easy ability to compare behavior to regulatory
and company policies
Highlights
-
33
Audit log management & reporting multiple levels
Applications (Rational AppScan)
Virtualized Resources (VSP)
Network (Network IPS) Hosts (Host IPS)
Tivoli Identity Manager TAMeb Tivoli Federated ID Mgr. Tivoli Security Policy Mgr. Tivoli Security Operations
Manager
Mainframe Data and
Applications NW Ops Ctr.
devices System Ops
Ctr. devices
DB2 (Host/Distributed) DB2/z Sybase Oracle Database Teradata SQL Server
Manager of Managers Level: Netcool Omnibus, Tivoli Service Request Mgr., TEC,
Business Automation dashboards.
TSIEM: Tivolis Enterprise security audit management and reporting system
Long-term storage/ archiving
TSIEM
Guardium SiteProtector IAM Others
e.g. IBM Information
Archive
Archive
-
34
Addressing Customers Virtualization Security Needs TodayAddressing Customers Virtualization Security Needs Today
Cloud Ready, Cloud Capable Security Solutions
-
35
Take advantage of IBMs unique security expertise and approach
21 billion events monitored per day
4,000+ managed services customers
10 security development labs 9 security operations centers 6,000+ technical experts 20+ leadership recognitions 2010 Security Company of
the Year
SECURITY APPROACHUNIQUE EXPERTISE ABILITY TO DELIVER
-
36
-
37