May. 14, 2004
Background Security Issue & Management Scope of Security Security Incident Security Organization Security Level Security Investment Security Roadmap Security Process Security Architecture Security Solution Architecting Solution User Management Emerging Security IBM Security Service 2
1. Background - Security must be an enabler to e-business 3
1. Background - Security Risk Management 4
1. Background - Security Framework 5
1. Background - 2004 Security Market environment 6
1. Background - CIO Top 10 IT Technology Priorities 2003-2005 7
2. Security Issue,,? (Scope of of Security)? (Security Incident) IT.? (Security Organization)? (Security Level),,? (Security Investment)? (Security Roadmap)? (Security Process)? (Security Architecture) Firewall IDS? (Security Solution)? (Architecting Solution)? (User (User Management)? (Emerging Security) 8
2. Security Issue - Scope of Security Security Infrastructure Security Process Risk Assessment Assess Manage Security Solution Build Managed Security 9
2. Security Issue - Security Incident Disguntled Employees Dishonest Employees Viruses Outsider Attacks Human Errors 10
2. Security Issue - Security Incident 11
2. Security Issue - Security Organization 12
2. Security Issue - Security Level 13 Security Health Check -,, - BS7799(ISO17799) :
2. Security Issue - Security Investment (, 2001) (% ) ROI Risk / Regulatory Compliance Biz./Insurance 14
2. Security Issue - Security Roadmap Security Roadmap (Policy) Best Practice (Architecture) (Principle) (Standard) 15
2. Security Issue - Security Process Business Strategy Security Policy Security Standard Security Process 16
2. Security Issue - Security Architecture Based on ISO7498-2 ISO7498-2 :, * IBM Security Architecture : SC28-8135 * Uncontrolled Zone Controlled Zone(DMZ) Restricted Zone Secured Zone Admin. Zone User ID/ PWD (PKI) Firewall(Stateful Inspection) DM Keyboard (IPS) (IDS) - SecureOS Digital Rights Mgmt Application - Auto Patch Mgmt - SecureOS DB DB - PKI/OTP/Biometrics PC PC 17
2. Security Issue Security Solution Security Solution Solution Hole (IDS) (Firewall) (SecureOS) Internet Network Server Application, Data Client, Infrastructure 18
2. Security Issue Security Solution PKI PKI OTP Biometric SMART USB Crypto 19
2. Security Issue Architecting Solution Solution Outline Macro Design Micro Design Release Build Cycle Deployment Business View Process View Functional View / Operational View 20
2. Security Issue User Management Privacy Management Security Management Firewall, IDS, VPN Operational Security Identity Mgmt Threat Mgmt ESM Access Management EAM, Wireless Privacy Manager Area Value Solutions Identity Threat Access Privacy, e-business,,,, Identity Mgmt Family Risk Mgmt Family Access Mgmt Family Privacy Mgmt Family 21
2. Security Issue Emerging Security : CISCO Network Align Resource Protection Access Control Policy Assurance Resource Protection Protect computers and network Know the connected devices Prevent malicious network access Defend against viruses Respond to attacks Access Control Protect users, applications & data Know the authorized users Control what users can see and do Secure transactions and data Make security transparent to users Policy Assurance Protect privacy and reputation Support regulatory compliance Enforce consistent policies Provide integrated audit trail Manage security risks 22
2. Security Issue Emerging Security : Compliance Manager IBM Tivoli Compliance Manager The Customer Problem Business Issues, Regulations, Standards System User Settings Resource Settings Ports and Services Operating System Application Applications Middleware People Users Processes IT Concerns Slammer, MSBlaster OS patches Password violations IT Security - User Admin. Errors - Misconfiguration - Missing Patches Service additions/deletions Existence of mandatory services Existence of forbidden services Security settings and configuration Patch inventory Mandatory files or forbidden files - Sloppy HTML - Active Content - Coding errors Application configuration files Software patch inventory Check of installed software packages Show application owner /permissions Checks for application-specific executables and content - Poor security practices - Security seen as onerous Non-authorised users/group Privileged users/group Account capabilities Password integrity Inactive Accounts Incorrect weak ACL/Permissions 23
2. Security Issue Emerging Security : Smart Surveillance Engine (SSE) Real Time Video Alerts Automatic Forensic Video Retrieval Low Bandwidth Smart Viewable Index (SaVI) Real Time Video Alerts Query Activity. /. 24
3. IBM Security Service Security Service Data Collection Analysis Recommendations Module 1 Module 3 Americas Europe Asia Module 0 Initialization Business & Strategy Module 2 Information Technology Scan Competitor's Technology Module 4 Module 5 Module 6 Business Alignment Current Information Technology Resources Information Technology Strategy 25
3. IBM Security Service IBM Security Technology 26
3. IBM Security Service Security Solution Partner /VPN IPS PC PKI EIM SSO/EAM /VPN ESM DB OTP HoneyPot 27
3. IBM Security Service Security & SI Partner 28