Maximizing the business value of data means securing it comprehensively
Organizations are gathering data faster than ever before, according to IDC. But as businesses collect and use this data to grow and compete, the consequences to a breach in security can severely damage the reputation and performance of even the strongest organizations. Data Security is IBM’s approach to limiting the threat of internal and external breaches in security while reducing the complexity and cost associated with securing information.
“ Data is a two-sided coin: it creates business value, but it also represents a significant potential liability. Minimizing that liability in a cost-effective way is what Data Security is all about. ”
Ivan Milman, IBM Security and Governance Architect
Data Security is a comprehensive approach to cost-effectively protecting the traditional and digital information businesses and governments collect from clients, employees, research, finance, etc. At its most basic, IBM encourages businesses to follow five best practices to achieve Data Security: 1) understand where your data exists, 2) safeguard your sensitive data, 3) look for sensitive data that exists outside the production environment, 4) adapt your security strategy as circumstances change, and 5) achieve and be able to demonstrate regulatory compliance.
But there are some important considerations organizations must take into account before they can rest assured that they have done everything possible to limit the threat of a security breach. Please read Ivan Ivan Milman's blog post on Data Security to learn more about these key considerations.
The consequences of a Data Security breach are rarely far from a CIO's or CTO's mind. Take one of the most dramatic cases of recent years, for example, when unknown hackers compromised data for more than 100 million Sony gaming and entertainment accounts. The attack left users offline for more than two months while Sony was criticized daily for its security practices. Sony has since created a position for Chief Information Security Officer.
But security events like these are not simply one-off occurrences. Breaches of all scales and types happen daily around the world. And while it is impossible to guarantee that your business will never experience a data compromise, taking the proper steps to safeguard your data can pay large dividends over the long run.
IBM is a leader in Data Security, having helped countless clients protect their information from unwanted compromises. From end-to-end encryption and cryptographic support to security consoles and audit reporting, we offer the hardware and software solutions that cost-effectively minimize the risk of data breaches.
One of IBM’s security options for data security is a feature-rich InfoSphere Guardium, which provides the simplest most robust solution for assuring the privacy and integrity of trusted information in your data center (SAP, PeopleSoft, Cognos, Siebel, etc.) as well as reducing costs by automating the entire compliance auditing process in heterogeneous environments.
IBM z/OS has a huge breadth of security capabilities built into the base of the operating system. IBM z/OS is a highly secure, scalable, high-performance enterprise operating system for organizations seeking a platform on which to build and deploy Internet and Java-enabled applications requiring secure centralized data. The PR/SM hypervisor provides the highest level of isolation for all logical partitions running, providing the same level of protection as when running separate servers. Also, many z/OS security functions such as data encryption, encryption key management, digital certificates, password synchronization, and centralized authentication, access and auditing can be deployed as part of enterprise-wide security solutions. IBM Security zSecure suite provides cost-effective security administration, improves service by detecting threats, and reduces risk with automated audit and compliance reporting. The System z Security Portal is also designed to help customers stay current with security fixes, and improve security planning. IBM features many security capabilities for data protection including hardware-based encryption, TKE workstation, network security, DB2 encryption, key management, InfoSphere Guardium, and other tools to help protect data both at rest and in flight.
IBM Power Systems have always focused on the business needs of data availability and security, enabling your business to achieve outstanding business and compute performance. IBM PowerSC provides a security and compliance solution optimized for virtualized environments on Power Systems servers, running PowerVM and AIX. It ensures high level of trust by displaying the status of all AIX systems participating in a trusted system configuration and also stores AIX virtual machine system logs securely on a central PowerVM Virtual I/O Server, preventing malicious software from tampering with the system and covering up the evidence.
The value of a PureFlex System is clear as it establishes hardware- and firmware-level security for your organization as well as your customers. You can reduce the time required to administer your systems as PureFlex Systems are delivered with the Trusted Computing Base (TCB) level security features installed and configured. PureFlex delivers benefits such as ensuring systems management microcontrollers boot to a correct and trusted state, and prohibits impostor updates from being introduced into the BIOS and key systems management components.
IBM System Storage TS1140 Tape Drive features storage capabilities to help you improve security, establish easy, rapid access to data, provide long-term retention, and help maintain data governance and regulatory compliance. The TS1140 tape drive offers high-performance flexible data storage with support for data encryption and supports Write Once Read Many (WORM) cartridges.
Meet the Data Security expert
Security and governance architect
Ivan Milman is a Senior Technical Staff Member at IBM working as a security and governance architect for IBM's Master Data Management (MDM) and InfoSphere product groups. Ivan co-authored the leading book on MDM: "Enterprise Master Data Management: SOA Approach to Managing Core Information."
On the Smarter Computing Blog: Data Security
Data Security Expert Ivan Milman talks through best practices for securing your data
Resources for Data Security
Expertise. Innovation. Results. June 10-14, Las Vegas
Hear Principal Analyst Brian Hopkins discuss how to leverage analytics to drive profit and attract new customers.
Now available on demand