Paris, France - 18 oct. 2012: Pour réduire les principaux freins de sécurité auxquels les organisations sont confrontées pour mettre en œuvre les initiatives Cloud, Mobile ou Big Data, IBM annonce aujourd’hui un large ensemble de logiciels visant à sécuriser intégralement les données et les identités.

 

Avec les nouvelles offres logicielles d’IBM, les clients conservent un meilleur contrôle sur la sécurité des appareils mobiles, atténuent les menaces internes et externes, réduisent les risques liés à la sécurité dans les environnements Cloud, accroissent la sécurité des bases de données afin d’obtenir des informations en temps réel dans les environnements de Big Data tels que Hadoop et automatisent la conformité et la gestion de la sécurité des données. En complément des services sécurité d’IBM et de ses capacités de recherche de renommée mondiale, cet ensemble d’offres évolutives soutient une approche globale et proactive pour lutter contre les menaces couvrant les personnes, les données, les applications et les infrastructures.

 

Aujourd’hui, IBM fait l’annonce la plus importante depuis le lancement de la nouvelle division IBM Security Systems, qui a eu lieu cette année, en dévoilant dix nouveaux produits et  améliorations pour aider les entreprises à se protéger en temps réel dans les domaines du Big Data, de la mobilité, mais également du Cloud Computing.

 

Une protection en temps réel pour les environnements Big Data

 

L’annonce d’aujourd’hui positionne IBM parmi les premiers à offrir des solutions de sécurité intelligente approfondies, à la fois pour Hadoop et tout autre environnement Big Data. InfoSphere Guardium fournit désormais une surveillance en temps réel ainsi qu’un rapport de conformité automatique pour les systèmes basés sur Hadoop, comme par exemple InfoSphere Biglnsights et Cloudera. Avec des contrôles réalisés à travers diverses sources de données, les clients peuvent comprendre les modèles d’accès aux données et aux applications, et ainsi empêcher les fuites de données et renforcer le contrôle des flux. L’audit intégré peut être utilisé dans le but de générer des rapports de conformité sur une base programmable et les distribuer aux équipes de supervision, les soumettre à examen avant de les transmettre à la direction et documenter les résultats des mesures correctives. Les entreprises peuvent également automatiser la détection des vulnérabilités et suggérer, par ordre de priorité, les actions correctives dans les différentes infrastructures. Au-delà, IBM propose un système de protection des données permettant de masquer les données critiques lorsqu’elles sont transférées d’un système Big Data à un autre.

 

 

Un framework de sécurité mobile qui améliore la gestion des accès et la protection face aux menaces

 

Avec le lancement de ses nouveaux outils de gestion des accès, IBM offre désormais une meilleure prise en compte de l’environnement, permettant un contrôle plus adapté des accès via les terminaux mobiles. Ces outils offrent aussi une meilleure protection face aux menaces sur les terminaux mobiles et un contrôle renforcé de ces derniers. Avec un large portefeuille de solutions pour la sécurité et la gestion des mobiles – notamment les solutions pour sécuriser les applications mobiles, ainsi que ses outils de sécurité intelligente, IBM aide ses clients à se protéger des failles de sécurité, qu’elles soient malveillantes ou dues à de la négligence (comportement à risque d’un employé qui accède à des données ou des applications) - à tout moment et de n’importe quel terminal.

 

IBM fait de la sécurité du Cloud un facilitateur, non plus un inhibiteur

 

Avec la nouvelle solution SmartCloud for Patch Management d’IBM, les patches sont désormais gérés automatiquement indépendamment du lieu et les cycles de mise en œuvre des correctifs passent de plusieurs semaines à seulement quelques heures, réduisant ainsi les risques liés à la sécurité. De plus, IBM annonce des améliorations de sa plateforme QRadar Security Intelligence (7.1), qui fournit une architecture coordonnée pour collecter, stocker, analyser et comprendre en profondeur les menaces et les vulnérabilités grâce aux données relatives à la sécurité réparties dans le système d’information, le Cloud permet d’obtenir une vision d’ensemble de l’activité de l’entreprise et donc de prendre les décisions métier en toute connaissance de causes.

 

****

 

 

IBM Addresses Security Challenges of Big Data, Mobile and Cloud Computing

 

 

Largest set of security software capabilities announced to date

 

 

ARMONK, N.Y., October 18 2012: In a move designed to reduce the biggest security inhibitors that organizations face in implementing cloud, mobile and big data initiatives, IBM (NYSE: IBM) today announced a broad set of security software to help holistically secure data and identities.

 

IBM’s new software capabilities help clients better maintain security control over mobile devices, mitigate internal and external threats, reduce security risks in cloud environments, expand database security to gain real-time insights into big data environments such as Hadoop, and automate compliance and data security management. Along with IBM Security Services and IBM’s world-class research capabilities, this set of scalable capabilities supports a holistic, proactive approach to security threats spanning people, data, applications and infrastructure.

 

“A major shift is taking place in how organizations protect data,” said Brendan Hannigan, General Manager, IBM Security Systems. “Today, data resides everywhere—mobile devices, in the cloud, on social media platforms. This is creating massive amounts of data, forcing organizations to move beyond a traditional siloed perimeter to a multi-perimeter approach in which security intelligence is applied closer to the target.”

 

According to the 2012 IBM Global Reputational Risk and IT Survey, global senior executives identified IT risks -- ranging from data thieves to the use of emerging technologies including cloud, mobile and social media -- as a major cause of concern.

 

Today, in the biggest announcement since the launch of IBM’s new Security Systems division earlier this year, IBM is unveiling ten new products and enhancements to help organizations deliver real time security for big data, mobile and cloud computing.

 

Real Time Security for Big Data Environments

 

As information grows in volume, variety, and velocity, organizations are looking beyond relational data sources to find insights, to make businesses more agile and to answer questions that were previously considered beyond their reach. Today, state of the art technologies including Hadoop based environments have opened the door to a world of possibilities.  At the same time, as organizations ingest more data, they face significant risks across a complex threat landscape and they are subject to a growing number of compliance regulations. Traditional approaches to data protection are often unable to meet these requirements.

 

With today’s announcement, IBM is among the first to offer data security solutions for Hadoop and other big data environments. Specifically, Guardium now provides real time monitoring and automated compliance reporting for Hadoop based systems such as InfoSphere BigInsights and Cloudera. With federated controls across data sources, clients can understand data and application access patterns, help prevent data leakage and enforce data change controls.  Built-in audit reporting can be used to generate compliance reports on a scheduled basis, distribute them to oversight teams for electronic sign-offs and escalation, and document the results of remediation activities. Organizations can also automate the detection of vulnerabilities and suggest prioritized remedial actions across heterogeneous infrastructures. In addition, IBM offers data masking to de-identify sensitive data as it moves into and out of big data systems.

 

In addition to securing data in multi-perimeter environments IBM is announcing improvements to data encryption management that allows organizations to automate key recovery and support the latest version of the Key Management Interoperability Protocol (KMIP) standard.  To learn more about the data security portfolio visit http://www.ibm.com/security/data/products.html

 

Highlighted data security solutions:

·       NEW: IBM InfoSphere Guardium for Hadoop

·       ENHANCED: IBM InfoSphere Optim Data Privacy

·       ENHANCED: IBM Security Key Lifecycle Manager

 

 

Mobile Security Framework Improves Access and Threat Protection

 

Today IBM is announcing risk-based authentication control for mobile users, integration of access management into mobile application development and deployment as well as enhanced mobile device control.  IBM is also announcing a comprehensive Mobile Security Framework to help organizations develop an adaptable security posture to protect data on the device, at the access gateway and on the applications.

With the launch of its new access management capabilities, IBM now offers greater context aware access control for mobile users, improved mobile threat protection, and enhanced mobile device control.  With a broad portfolio of solutions for mobile security and management – including solutions for mobile application security and mobile security intelligence, IBM can help protect against security breaches, whether malicious or unintentional through risky employee access of data and applications - anytime, anywhere from any device.  

 

Furthermore, with the simplicity of these mobile devices making them pervasive and seamlessly integrated into consumers’ everyday lives, new threats are evolving based on popular mobile-based activities such as retail purchases, managing bank accounts and updating social networks.  The ubiquitous nature of mobility across both businesses and consumers requires that securing the smartphone encompass the device, the network and the applications on the device so that employees, consumers and even partners know their transactions are being executed across a secure environment.

To learn more about specific mobile security product attributes, please visit http://www.ibm.com/security/mobile/products.html

 

Highlighted mobile security solutions:

·       NEW: IBM Security Access Manager for Cloud and Mobile

·       ENHANCED: IBM Endpoint Manager for Mobile Devices

 

 

IBM Transforms Cloud Security from an Inhibitor to an Enabler

 

While the cloud can increase productivity with anywhere, anytime information access, it can also introduce additional challenges for enterprise security. To realize the value that cloud computing presents, organizations are looking for integrated security solutions to help address the risks.

 

IBM today is announcing security portfolio enhancements designed to address these new challenges, providing improved visibility and increased levels of automation and patch management to help demonstrate compliance, prevent unauthorized access and defend against the latest threats using advanced security intelligence.

 

With IBM’s new SmartCloud™for Patch Management solution, patches are managed automatically regardless of location and remediation cycles are reduced from weeks to hours thereby reducing security risks.  Additionally, IBM is announcing enhancements to its QRadar Security Intelligence Platform that provides a unified architecture for collecting, storing, analyzing and querying log, threat, vulnerability and security related data from distributed locations, using the cloud to obtain greater insight into enterprise-wide activity and enable better-informed business decisions.

 

The new IBM Security Privileged Identity Manager is designed to proactively address the growing insider threat concerns and help demonstrate compliance across the organization. IBM Security Access Manager for Cloud and Mobile which provides enhanced federated single sign-on to cloud applications is now available with improved out-of-the-box integration with commonly adopted SaaS applications and services. To learn more about specific cloud security product attributes, please visit http://www.ibm.com/security/cloud/products.html

 

Working with IBM and SecurIT, a ‘Ready for IBM Security Intelligence’ Business Partner, the Flemish government built a cloud based platform that incorporated IBM Security identity and access management software combined with SecurIT  TrustBuilder® software to help protect assets from unauthorized access.  The Flemish government, offers its 6 million inhabitants digital access to services across more than 100 government websites, but previously had little flexibility to introduce new internal and external applications, or manage how citizens were able to prove their identities.  For example, a person may have only one identity, but multiple titles or 'roles,' such as “citizen”, “public servant” or “notary”. 

“The new infrastructure provides our citizens and employees with simple, secure and fast digital access to all available government resources," said Wim Martens, Strategy Manager, Flemish Government.  "This new platform provides our citizens with seamless access, while giving us context-aware digital identities using multiple authentication means for each individual in accordance with centrally defined security policies.”

 

Molson Coors Brewing Company (MCBC), the second largest beer brewer in the United States with more than 65 global brands, needed to keep up with compliance issues around identity and access management.  The company wanted to provide employees with a single identity for seamless access to web resources, while implementing a new identity management strategy based on three pillars: security, audit and service.  The company turned to a cloud security solution offered by Lighthouse Security Group, a ‘Ready for IBM Security Intelligence’ Business Partner,  that utilizes IBM software at its core, due to the quick start-up time, large estimated savings and need for specialized engineering skills that IBM and Lighthouse were able to provide.

 

"We needed a solution to improve the visibility and transparency of security and audit related data," said Kevin Schmitt, Chief Information Security Officer, Molson Coors Brewing Company.  "This helped us realize a marked improvement in the company’s security maturity score while saving the organization considerable time and money over an equivalent on-premise solution."

 

Highlighted cloud security solutions:

·       NEW: IBM SmartCloud for Patch Management

·       NEW: IBM Security Access Manager for Cloud and Mobile

·       NEW: IBM Security Privileged Identity Manager

·       ENHANCED: QRadar SIEM and QRadar Log Manager

 

In addition, IBM is announcing mainframe security capabilities that enhance enterprise-wide security intelligence based on QRadar security solution integration that provides real time alerts and audit reporting.  The mainframe offers Common Criteria Evaluation Assurance Level 5+ (EAL 5+) certification for logical partitions, providing a platform for consolidating systems, helping protect private clouds, and helping secure virtualized environment.  New IBM Security zSecure improvements help to reduce administration overhead, automate compliance reporting, enforce security policy, and pro-actively detect threats.

 

Highlighted zSecure security solutions:

·       ENHANCED: IBM Security zSecure

 

Through IBM Global Financing, credit-qualified clients can take advantage of 0% interest for 12 months on qualifying IBM Security products and solutions.

 

 

About IBM Security

With more than 40 years of security development and innovation, IBM has breadth and depth in security research, products, services and consulting. IBM X-Force is a world-renowned team that researches and evaluates the latest security threats and trends. This team analyzes and maintains one of the world’s most comprehensive vulnerability databases and develops countermeasure technologies for IBM’s security offerings to help protect organizations ahead of the threat. IBM has 10 worldwide research centers innovating security technology and nine security operations centers around the world to help global clients maintain an appropriate security posture. IBM Managed Security Services delivers the expertise, tools and infrastructure to help clients secure their information assets against attacks, often at a fraction of the cost of in-house security resources. The Institute for Advanced Security is IBM’s global initiative to help organizations better understand and respond to the security threats to their organization. Visit the Institute community at www.instituteforadvancedsecurity.com.  

 

For more information on IBM Security Solutions, please visit: www.ibm.com/security

 

IBM Global Financing offerings are provided through IBM Credit LLC in the United States and other IBM subsidiaries and divisions worldwide to qualified commercial and government clients. Rates and availability are based on a client’s credit rating, financing terms, offering type, equipment and product type and options, and may vary by country.  Interest continues to accrue on deferred payments.  Non-hardware items must be one-time, non-recurring charges and are financed by means of loans. Other restrictions may apply. Rates and offerings are subject to change, extension or withdrawal without notice and may not be available in all countries.