IT Security & Network Security News & Reviews - eWeek



IT Security & Network Security News

IBM Introduces Security Services to Protect Cloud Environments


By: Fahmida Y. Rashid
2010-10-22
Article Rating:starstarstarstarstar / 0


There are  user comments on this IT Security & Network Security News & Reviews story.


IBM offers several hosted security products to enable data integrity, recovery, privacy, and customer isolation in a cloud environment.

IBM unveiled a series of new security products and services for customers struggling with cloud security planning and management on Oct. 20.

IT managers have a multitude of security and privacy concerns about moving their data to the cloud, said Jason Hilling, portfolio manager for the Managed and Cloud Security Service group at IBM Global Technology Services. These security concerns may deter companies from taking advantage of the performance benefits of cloud computing, he said.

In a 2010 Global IT Risk survey by IBM’s Institute for Business Value, 77 percent of respondents said adopting cloud computing makes protecting privacy more difficult. About half were concerned about potential data breaches, and almost a quarter of the surveyed managers were worried about weak network security, according to the survey.

The study surveyed over 600 IT managers and senior executives across multiple industries and regions, in North America, Europe, Asia-Pacific, the Middle East, Latin American and Africa to understand how enterprises are managing IT risks. While respondents generally were confident about their risk compliance and management efforts, they identified security in the cloud as a big problem area.

Hilling described a two-pronged approach emphasizing proper security planning and putting security tools in the cloud instead of dealing with each individual endpoint. The security tools include the rather awkwardly-named IBM Managed Security Services Hosted Security Event and Log Management and the scanning service IBM Managed Security Services Hosted Vulnerability Management. Hilling also said IBM’s security consulting services help organizations with security planning by creating a roadmap, performing an assessment, and identifying application security needs.

Data security doesn’t mean the same thing to everyone, Hilling said. Service providers and users consider security measures that make sense for their business, such as the kind of work being performed and the processes that are in place. Organizations with collaboration tools and e-mail in the cloud should focus on access and policy controls, but healthcare systems should think about data isolation and encryption, the company said.

The Security incident and event management tool moves to the cloud via the IBM Managed Security Services Hosted Security Event and Log Management tool. This enhanced offering consolidates the security event and log data of all the operating systems, applications and infrastructure equipment into a single location for IT managers to assess and respond to real-time and historical traffic. Organizations can also outsource these tasks to IBM’s Security Operation Centers, the company said.

IBM Managed Security Services Hosted Vulnerability Management is a network-based vulnerability assessment tool. It assesses network infrastructure and servers for potential application and operating system vulnerabilities, and scans for Web and database vulnerabilities.

IBM Security Virtual Server Protection for VMware integrates "introspection monitoring," said Hilling, where a virtual doorman scans all traffic outside the virtual machine to detect potential malware attacks, and the operating system inside to confirm it is running properly. The protection checks whether any malicious code is running, such as root-kits, said Hilling. As this is tied to the hypervisor and protects the virtual machines from the ground up, this is available only for VMware hypervisors, said Hilling. The virtual doorman hooks into the security APIs available with VMware vSphere 4, according to Hilling. IBM is exploring adding other hypervisor support, he said.

The IBM Watson and Zurich research laboratories are working on security projects that enable enhanced data integrity, recovery, privacy, and customer isolation in a public cloud environment. While not available as an off-the-shelf product, IBM recently deployed these enhanced services within its own environments, into the IBM Smart Business Test and Development cloud, Hilling said.

The projects provide "infrastructure hardening," or stronger isolation between different workloads, said IBM. Verifying the integrity and correct configuration of each component prevents low-level attacks such as spoofing, IBM said.

IBM is committed to showing that "the cloud can be a completely secure environment, provided the right measures are in place," said Hilling.







 
 
>>> More IT Security & Network Security News & Reviews Articles          >>> More By Fahmida Y. Rashid
 


FEATURED SPONSOR VIDEOS

Benefits of Workload Optimization

What Smart Companies MUST Learn from Gaming

Advances in Authentication

Vertical Markets Benefit from Workload Optimization

View More Videos

Brought to you by
Advertisement

FEATURED SPONSOR MESSAGE

Microsoft Sponsored Resource Center

Increase Your Microsoft Office 365 Knowledge! Dig inside this suite of cloud-based collaboration tools.

Watch the video >>

Brought to you by

Suggested Related Content:

Articles Labs/How-To Multimedia


Advertisement
Contact Us | About | Advertise | Site Map
eWEEK Quick LInks

Security:
Enterprise Networking
Network Security
Infrastructure Security
How To: Data
Security Watch Blog
Storage:
Data Storage
Cloud Storage
Storage Virtualization
Network Access Storage
How To: Storage
Storage Station Blog
Computing:
Apple OSX
Linux Systems
Windows 7
Managed Print Services
Computer Reviews
Microsoft Watch Blog
Google Watch Blog
Communications:
VoIP Solutions
Wireless Technology
Messaging Software
Web Services
Apps & Development:
Application Development
Enterprise Apps
Search Engines
Database Software
Web 2.0
CIOs

Vertical Markets:
Federal Government IT
Health Care IT
Finance IT
Mid-Market
Channel and VARs
Careers Blog
More eWeek Links:
Green Computing Center
Tech Knowledge Center
Tech Newsletters
Tech RSS Feeds
White Papers
Tech Videos
Magazine Subscriptions
Enterprise Websites:
ZDE Home
eWeek
Baseline Magazine
Channel Insider
CIO Insight
eSeminars and Events
Web Buyers Guide
Developer Websites:
DevSource C# and .Net
Dev Shed
DeveloperShed
ASP Free
SEO Chat
Codewalkers
Tutorialized
Scripts.com
Dev Mechanic
Dev Articles
Web Hosters
Dev Hardware
Technology Websites:
Device Forge
Desktop Linux
Linux Devices
Windows for Devices
PDF Zone
Linux Watch
TechDirect
Windows Migration
Smarter Technology

Use of this site is governed by our Terms of Use and Privacy Policy
Copyright ©1996-2012 Ziff Davis Enterprise Holdings Inc. All Rights Reserved. eWEEK and Spencer F. Katt are trademarks of Ziff Davis Enterprise Holdings, Inc. Reproduction in whole or in part in any form or medium without express written permission of Ziff Davis Enterprise Inc. is prohibited.
ZDE Cluster 3
 
Close this advertisement