IT information security has become the foundation and guarantee for the development of enterprises

IT security level fully upgraded to IBM global information escort

Now more and more CIOs have begun to raise awareness and strengthen the security of enterprise IT information, reducing the probability of security problems in the enterprise. In the face of complex and targeted security issues and risk threats, IBM software in the field of security through a series of specialized R & D, acquisitions and product reorganization, the comprehensive upgrade of IT security forces to meet the company's risk management, security and Compliance business needs. This is IBM a more intelligent way to protect the enterprise IT information security out of a crucial step, which also fully demonstrated the IBM software group to enhance the security of enterprises attach great importance to the development of IBM to further deepen and promote software capabilities have a milestone Meaning.

Improving IT information security awareness is the foundation and guarantee for the vigorous development of business intelligence. As a company with over 50 years of history in enterprise security solutions, IBM is committed to proactively developing and delivering industry-leading security technology solutions. Today, IBM has more than 3,000 security and risk patents, managing approximately 9 billion global security incidents daily. In order to enhance IBM's technical advantages in the field of security, IBM has taken into consideration the acquisition and independent development model and launched a comprehensive range of differentiated security solutions to enhance IBM software security in an all-round way to help enterprises deal with risk management, security and compliance businesses Needs, to ensure the safety of the network system of employees worldwide, in the complex state of IT operation without any security issues.

Business challenges - how to deal with security risks

Natural disasters, also known as "force majeure" disasters, usually mean relentless natural disasters. In the IT information, enterprises also face another kind of "natural disaster", that is the threat posed by IT information security. According to the latest industry research shows that one of the most concerned about the business CIO nowadays is the enterprise's IT information security. With the continuous improvement of perception, interconnection and intelligence, various terminals in the world today bring security risks to enterprises, such as the leakage of sensitive information caused by the unauthorized operation of privileged users; the unintentional leakage by enterprise business partners and contractors The security risk posed by malicious software to tamper with internal security operations, thereby stealing sensitive information within the enterprise, are the enterprises are facing more and more complex and targeted security and risk threats.

As a globally integrated company, IBM has 400,000 employees, about 200,000 contractors and 2010 revenues of $ 99 billion. Faced with such a large global workforce, contractors and business operations, IBM CIOs are increasingly focusing on how to manage complex workflows and ensure that internal IBM staff, contractors and suppliers, customers, R & D centers, intellectual property, etc. Security, and how to better manage the privacy, security, and compliance of systems, applications, networks, and key data assets. In response to the internal and external IT information security challenges facing enterprises, IBM CIOs must constantly be vigilant and strengthen the security of IT information to reduce the chances of security problems in the enterprise. Because the enterprise IT information security issues not only involve the normal operation of business users, but also directly affect the performance of enterprises and core competitiveness.

Rekha Garapati, vice president of CIO office at IBM Emerging Markets, said: "In addressing these seemingly disorganized and seemingly disorganized information security issues, enterprise CIOs typically address five major areas including physical-security, data-intelligence Compliance, Identification, Web Server and Workstation Security, Applications, and Process Security. IBM's newest security division in the world incorporates leading security solutions, services and support to better drive product development and accelerate product consolidation and innovation. With superior software security solutions and services, IBM can not only solve all security problems within an enterprise quickly and efficiently, but also provide rock-solid security for enterprise systems. "

IBM's Solution - Security: Rock-solid security

In order to meet the needs of risk, security and compliance management within IBM's enterprise, IBM has set up a comprehensive IT risk management framework and summarized the security practices conducted for the top ten key contents. In addition, through a variety of self-developed and acquired security management solutions such as ISS, Rational App Scan, Tivoli Identity Manager, Tivoli Endpoint Manager and Q1 Lab, IBM conducted a full-scale technical deployment and practical application of top ten security practices To protect the enterprise information security, so as to achieve higher value of the business benefits.

IBM IT Risk Management aims to centrally define, classify and prioritize IT risks and to make informed risk management policies through the management system. Through a professional policy team, IBM can formulate policies and standards based on measuring IT risk; the investment management team implements a series of new initiatives and service projects; the compliance management team can evaluate the latest management project and submit compliance Situation Report; IT Risk Management Strategy Team will draw a risk strategy diagram and develop a risk improvement strategy. Therefore, if we do not understand the policy, we can not define the risk standard, which can not effectively manage the risk. If we can not manage the risk, we can not communicate with the employee well and can not make the compliance measure. Good measurement can not improve IT risk management capabilities. Therefore, the definition, management, measurement, and improvement of the IT risk management trilogy are closely linked, close and indivisible closed-loop, indispensable.

In addition to IT risk management, IBM has introduced ten top priorities for its internal needs. First, establish a risk awareness and management system to enhance communication between management and staff so that all of them can fully understand their safety policies. Second, incident management and response, to strengthen the management of events and the definition of management processes. Third, to create a working environment for the future, that is, to formulate tactics for employees and customers in future mobile terminal applications. Fourth, consider and provide security services in early applications and designs. Fifth, take effective maintenance measures to ensure the safety of infrastructure. Sixth, control network access to enhance intrusion prevention and reduce the risk of digital loss and digital leaks. Seventh, solve the complex challenges brought by cloud computing and virtualization and formulate related strategies. Eighth, ensure global supply chain security and policy compliance. Ninth, protect both structured and unstructured data and ensure that appropriate positions are exposed to the appropriate content. Tenthly, manage the identification lifecycle to ensure and manage the 400,000 IBM internal employees who access IBM's thousands of applications over the life of an effective identity.

The face of the top ten key security practices, IBM introduced a rich and comprehensive solution. E.g:
• TEM Endpoint Manager (TEM: Tivoli Endpoint Manager) has helped IBM achieve a complete increase in workstation compliance and compliance with other security areas, with a very clear chart of malware detection in different regions display.
• The ISS X-force security intelligence product greatly enhances the enterprise's security capabilities to help companies within IBM, as well as helping IBM customers identify network risks and network vulnerabilities, and proactively defend them.
• Rational AppScan scans newly deployed applications and the applications already in use by IBM.
Tivoli Identity Manager, Tivoli Access Manager, and other Tivoli-related products helped IBM achieve single identity in IBM internal employee identity management. IBM employees through a single intranet single identity login, you can find the corresponding access content.
• Q1 Labs, IBM's newly acquired independent integrated security smart solutions provider acquired this year, works with Q1 Labs to bring IBM a next-generation security product that uses advanced correlation technologies and in-depth analysis to more effectively identify and prevent Security loopholes, solve traditional security issues, and safeguard the network, cloud and mobile security.

In addition to a series of security initiatives and practices, IBM has proposed four "Information Technology Security" standards: Infrastructure Security Standards, Employee Security Standards, Third-Party Security and Privacy Standards, Business-Critical Process Criteria, and Data Classification Standards. Based on industry-leading solutions and strong engagement and strict self-discipline by IBM employees and partners, IBM provides the best security services to more than 400,000 employees and contractors worldwide, effectively managing the business risks within the enterprise, The rapid and compliant response to security threats greatly reduced the impact of security risks on the growth of the enterprise business, effectively protected the enterprise system and information security, and successfully enhanced the business benefits.

Program Benefits - IBM Software Pilot Enterprise Security Future

Transforming information into insight, driving product and service innovation, driving business consolidation and optimization, linking and collaboration, managing risk, security and compliance, optimizing the impact of business architecture and services, and delivering enterprise-class mobility are the primary concerns of most businesses Business needs, which is exactly what IBM software has. By combining business requirements with its own capabilities, IBM Software Group can provide organizations with comprehensive "software capabilities" of insight, agility, collaboration, innovation, optimization and security, and mobility to help businesses realize business benefits .

The successful deployment and practical application of technology within risk, security and compliance management within IBM's Enterprise not only embodies the value of IBM software in enhancing the "security" of the enterprise, but also strengthens IBM's leading position in the industry and its technological superiority , Has become IBM software to meet and drive the business of strong demand for proof of force. In addition, through a two-pronged development model of independent research and acquisitions, IBM offers a comprehensive and differentiated portfolio of security solutions that help organizations effectively address the most pressing risk, security and compliance needs of today and ensure enterprise security And enhance corporate value.

Mr. Xu Weili, General Manager of IBM Tivoli Software Greater China Region, IBM Software Group, said: "Security threats are increasingly becoming the top priority for CIOs in the enterprise and we are launching a series of solutions for the security needs of businesses that give us unique Of the technological advantages, has established a solid industry position, has won a high degree of customer trust.We are willing and able to help companies achieve the best level of security business needs, the security risks companies may face elimination of invisible.Future, we will also target Industry needs continue to work hard Innovative development to enhance the 'security' of IBM software, work together with users and partners to create 'smart earth'.