Category Archives: IBM

Taking advantage of the human factor

Guest post from IBM Security Systems

IBM is Gold Sponsor at Identity and Access Management, taking place in London on 22nd October. Enterprise IT professionals can claim a complimentary pass for the event, here.

IBM Security Logo

No one doubts that social media is a valuable tool for business.  Unfortunately it is now a top asset for cyber-criminals too, playing a pivotal role in the way in which they reach their targets.  Initially seen as a rich source for gathering the intelligence required for more sophisticated attacks, nowadays attackers are using the psychology behind social media to gain and exploit users’ trust.

  • A single attack can influence the actions of millions of people in real-time as shown when a compromised trusted account sent out false information about explosions at the White House causing a “flash crash” of the US stock market.
  • If a Twitter account with millions of followers sends a link to an infected site the odds of some of those recipients clicking on the link are greatly increased.
  • By compromising a central site and using it to serve malware attackers are able to reach more technically savvy victims who might not be fooled by phishing attempts.

The only effective defence is awareness and education to understand the latest security risks and stay ahead of emerging threats.  Join the IBM experts at Ovum Identity & Access Management on 22nd October to find out what you can do to help keep your organization secure.

Advertisements

“IAM technologies are becoming threat-aware”: Executive Interview with Ravi Srinivasan, Director, Strategy and Product Management, IBM Security Systems

Executive Interview with Ravi Srinivasan, Director, Strategy and Product Management, IBM Security Systems who will be presenting in the keynote at Ovum Identity & Access Management Forum on 22 October.


Ravi Austin picIs the traditional use of Identity and Access Management (IAM) technology changing within an enterprise?

Yes.   With the rapid adoption of mobile, social and cloud-based services to expand the businesses and to collaborate with partners and consumers alike, the traditional use of IAM technology is changing to securely enable these transformations.  Traditionally, IAM technologies are deployed as operational management tools to help IT demonstrate compliance and support the internal risk programs.    Now, IAM technologies are viewed as key security controls, to help businesses improve assurance and strengthen the context in which access controls are determined and enforced across the enterprise.

How are IAM technologies evolving to safeguard the cloud, mobile and social interactions?

IAM technologies are becoming threat-aware. Cyber attackers target the weakest link within an enterprise – its people.  As organisations rollout new mobile apps or increase use of cloud-based services, they need to implement context and risk-based access to minimize the use of passwords to control access to business resources.   Organisations are also increasingly under pressure to not only authorise user access, but also inspect and block malicious content for affecting the business critical web applications and services.

Insider threat is on the spotlight.  What can organisations do to address the threats from insiders?

This is a challenging security issue for organisations around the world. Insiders are more than just administrators and root users with shared access. They can be employees with high risk access.  To tackle the insider threat, organisations are investing in privileged identity management that can manage and govern shared access and privileged user passwords, while auditing and recording the high risk session activities to address the growing insider breach and threats.

Continue reading

Image

Infographic: How are you embracing innovation in spite of IT risks?

2013 INFOGRAPHIC-How-are-you-embracing-innovation-in-spite-of-IT-Risks

Safeguarding mobile, cloud and social interactions across the enterprise

Guest post from IBM Security Systems

IBM is Gold Sponsor at Identity and Access Management, taking place in London on 22nd October. Enterprise IT professionals can claim a complimentary pass for the event, here.

IBM Security Logo

The line between work and personal technology continues to merge as smartphones, tablets and other mobile devices proliferate. Although mobile employees can be more productive by working anytime and anywhere, doing so means they are accessing resources from outside the traditional network perimeter.  Traditional access and authentication controls are now no longer sufficient to safeguard the organisation. As cyber criminals become more sophisticated in their attack methods, so organisations need to be more diligent and proactive in protecting resources in a mobile environment. IBM has developed a portfolio of mobile security solutions that emphasize an adaptive approach to security that can help drive down costs, is secure and can keep up with today’s business climate.

The latest addition to the portfolio is IBM Security Access Manager for Mobile (ISAM for Mobile)

ISAM for Mobile protects access to enterprise resources by authenticating and authorizing mobile users and their devices. Available as either a virtual or hardware based appliance, ISAM for Mobile enables organisations to safeguard access points into the corporate network and enforce context-based access policies that define who and what can access protected resources. Highly scalable and configurable, the solution is designed to deliver a quick time to value and a lower total cost of ownership (TCO).

ISAM for Mobile provides a variety of capabilities for strengthening mobile security:

  • Enables secure user access to mobile and web applications with single sign-on, session management and context-based access control.
  • Improves identity assurance with flexible authentication schemes, such as one-time passwords and RSA SecurID token support ensure single sign-on is available from all access points in the network.
  • Enforces context-aware authorization using device fingerprinting, geographic location awareness and IP reputation scores.
  • Delivers seamless user and application security through integrations with IBM® Worklight
  • Provides actionable insights for reducing risks and demonstrating compliance through integration with the IBM® QRadar® Security Intelligence Platform

For more information on ISAM for Mobile visit our web site at http://www-03.ibm.com/software/products/us/en/access-mgr-mobile

To learn more about protecting the organisation in a multi-perimeter world, come and hear Ravi Srinivasan, Director, Strategy and Product Management, IBM Security Systems, present on Threat-aware Identity and Access Management during the keynote at Ovum Identity & Access Management on 22nd October.