196 Endpoint Security and Compliance Management Design Guide Using IBM Tivoli Endpoint Manager
We look at each of the IBM Security Framework security domains:
People and Identity
The financial accounting company uses a mature identity and access
management process and tools that help maintain low costs and mitigate
risks related to this domain. The implementation uses IBM Tivoli Identity
Manager and IBM Tivoli Access Manager software to manage the employee
and contractor identity and access lifecycle and enforce access to the
business applications.
Data and Information
The financial accounting company uses a granular information asset
classification scheme paired with a least privilege principle. Access to the
database servers is monitored in real time consistently. The access is
enforced, including privileged users, without causing any of the performance
impact and separation of duties issues of native database logging. The
access is enforced by using IBM InfoSphere Guardium Database Monitoring
and Protection. The solution is integrated with the IBM Security QRadar
security analytics solution in the Security Operation Center.
Application and Processes
The financial accounting company follows a rigorous release management
process with a granular promotion-to-production path that specifies security
testing criteria. The company uses IBM Rational AppScan software for testing
during the early development stages through to applications that run in the
production environment. This approach helps with practicing security during
the application development phase, and also helps discover any application
vulnerabilities. The processes of the financial accounting company achieve a
high level of automation and embrace security controls, such as the
separation of duties and creation of auditable records.
Network, Server, and Endpoint
The financial accounting company implemented a threat management system
worldwide, based on IBM Security SiteProtector™ and IBM Security Network
IPS. This solution implements an extra security layer for the financial
accounting company network architecture and supports the business
requirement approach of the company.
For network and server management and vulnerability scanning of the entire
IT infrastructure, the company uses an IBM Managed Services solution.
Today, there is no solution to address the endpoint management.
We identified a critical gap related to endpoint security and compliance
management for this environment. The financial accounting company has a
clear strategy to geographic expansion. Currently, the company uses
approximately 120,000 endpoints. There are more than 100,000 potential