Security Services
Does Your Company Suffer From:
Costly Regulatory Requirements
Malware
Hackers
Viruses
Compliance Mandates
Trolling
essextec Expertise
IBM Internet Security Services (ISS) is part of an extensive portfolio of intrusion detection and prevention solutions that blend with the Tivoli family of identity and access management tools. It provides an end to end security offering for the general business client up through the large enterprise.
The malicious and crippling deployment of various malwares has become epidemic as hackers and organized criminal elements troll the internet looking for opportunities to steal data for profitable resale. This poses numerous challenges for clients in terms of liability, lost productivity, and public image. This has led to numerous compliance mandates such as SOX, HIPPA, PCI, and a host of other costly regulatory requirements.
ISS provides a three tier solution environment to include Professional Services, Managed Services, and a product line of ID/IP appliances/software to address these challenges.
Professional Security Services (PSS) includes the evaluation of the customer environment to determine the current security posture versus the client’s perceived or desired level of coverage. These tools can include vulnerability scans, penetration tests, PCI compliance audits, application evaluations, etc.
Managed Security Services (MSS) addresses the alternative to have IBM manage security devices remotely on behalf of the client. This is done through monitoring ISS appliances and software placed on the client premises. MSS can also manage the security products of other major vendors, such as Cisco, in cases where the client has recently made substantial investments in these competitive tools. MSS is a great option for clients who recognize that security is a 24/7 requirement and that having the skilled resources and the depth of training to effectively deploy and manage the complexity of a security environment is challenging.
Proventia Intrusion Detection and Prevention (ID/IP) is the IBM ISS product line of turnkey hardware/software appliances that are deployed in client environments to neutralize the threats posed by increasingly more sophisticated attacks. These offerings address the security challenge at the network, server, or desktop level. Clients are becoming painfully aware that a defense built only around the old paradigm of anti-virus, anti-spam and firewalls is no longer an effective deterrent against the tools being used by professional hackers and organized crime syndicates.
Case Study
Client: A market leader in e-trading of credit derivatives.
Challenge / Problem / Requirements: The client was looking to ensure their online trading applications were secure.
Test / Benchmark: The client selected essextec and IBM Internet Security Services to come in and do an extensive review including penetration tests and application security assessments on three (3) different web-based applications.
Solution / Implementation: We indentified critical business risks, analyzed and documented the ethical attack and prioritized/outlined the security risks and corrective actions. We then identi- fied possible security weaknesses and recommended improvements in application code.
Benefits: We were able to show our client’s customers a simulated intrusion and with ISS, the clients’ applications have withstood outside ethical attacks. This showed that our client’s site has integrity and demonstrated to their customers that they are not only protecting their core data, but also keeping their customer’s information secure, private and confidential.
The Solution
Clients who understand the inherent risks of a compromised data environment prefer a professional and independent audit and evaluation of their security posture.
essextec and IBM Internet Security Services offer a number of security assessment services and tools focused on identifying vulnerabilities and remediating these exposures.
.jpg)
