Hewlett-Packard is wielding the strength gained from its $13.9 billion acquisition of EDS in creating an extensive package of security services that touches on everything from hardware to cloud computing to applications.
The HP Security, Compliance and Continuity Services portfolio, announced Jan. 25, is aimed at helping businesses and government agencies create a comprehensive security strategy that protects data, reduces risks and increases compliance, according to Chris Whitener, chief strategist for HP's Secure Advantage program. The portfolio of more than 90 offerings includes existing HP services as well as new ones.
"What we're trying to do is tie the loose ends [of HP's substantial security offerings] up together in a very large portfolio," Whitener said in an interview.
HP's acquisition of EDS in 2008-which is now HP Enterprise Services-gave the technology vendor a greater range of services capabilities, making HP the second largest enterprise services vendor outside of IBM.
The new security services portfolio is based on a common reference model that the more than 10,000 HP services professionals will use when working with customers. The services are aimed at both traditional and cloud environments.
The features within the Security, Compliance and Continuity Services-including third-party offerings-are tightly integrated to make it easier for businesses to adopt and manage them, George Ferguson, product marketing manager for security, compliance, and continuity for HP Enterprise Services, said in an interview.
"The idea is that we want to help businesses and governments reduce complexity, reduce risks and reduce costs," Ferguson said.
In addition, the services are offered to customers in several ways, Whitener said. HP services can help a business design and implement its security strategy, which the business can then run itself. In addition, HP can manage certain security functions, or a business can outsource the whole security environment to HP.
New to the portfolio is the Cloud Computing Security Assessment service, which can be used with HP's existing Cloud Discovery Workshop and Cloud Assure. Through these services, HP helps businesses decide that workloads they should move into a cloud environment, assess the security requirements of both public and private clouds, manage the cloud security services on an ongoing basis.
In addition, HP's new Application Security Center of Excellence service is aimed at preventing attacks on Web applications. The service includes a workshop and assessment help for organizations looking to create a strategy. The service also helps businesses prioritize their security requirements and build processes using best practices.
Through the Software as a Service Project Services for Application Security Center, HP will help organizations implement their application security initiatives in a solution that is managed by HP.
Ferguson said that while the offerings in the security services portfolio work best with those solutions that have been tested and tightly integrated, it can also work well with tools that haven't been preintegrated.
The announcement of the portfolio is an indication in HP's aggressive approach in building out its security services offerings, Whitener said. He conceded that IBM is the largest security services vendor, but added that "we intend to close that gap as fast as we can."