Chapter 5. Overview of scenario, requirements, and approach 195
򐂰 Implement an effective governance, risk, and compliance strategy to improve
the stock value of the company.
򐂰 Increase gross profit by reducing costs in key operational areas, such as IT
and call centers. The financial accounting company plans to increase gross
profit without decreasing the quality of customer service and increasing
operational and security risks.
5.3 Business requirements
Based on this business strategy vision, the financial accounting company wants
to achieve the following short-term business goals, related to the IT environment:
򐂰 Improve worldwide IT services quality and availability. Implement a new
process and tools to improve the automation procedures and the visibility of
the IT environment.
򐂰 Mitigate the exposure of customer-sensitive and confidential information by
increasing the security controls to protect the reputation of the financial
accounting company.
򐂰 Implement auditing processes to manage internal and industry regulation
controls, such as Basel, Sarbanes-Oxley (SOX), and Payment Card Industry -
Data Security Standard (PCI-DSS). The first project phase must address the
internal controls and auditing requirements, to improve the corporate visibility
of the asset and IT environment. In the second phase, the company
implements the industry regulations based on priorities and needs.
򐂰 Implement processes and IT tools for better resilience to support the
geographical expansion strategy. The financial accounting company must
work on the expansion in parallel with the day-to-day operations. The
company must have the processes and tools to support this business
5.3.1 IBM Security Framework mapping to business requirements
Using the IBM Security Framework definitions for business-driven security, the
business requirements discussed in 5.3, “Business requirements” on page 195,
and the current organizational infrastructure discussed in 5.1.1, “Current IT
infrastructure” on page 188, we engage in a discussion with the financial
accounting company to better address the needs and requirements. This
discussion helps us deliver more value when evaluating the functional
requirements, by using the underlying IBM Security Blueprint.
196 Endpoint Security and Compliance Management Design Guide Using IBM Tivoli Endpoint Manager
We look at each of the IBM Security Framework security domains:
򐂰 People and Identity
The financial accounting company uses a mature identity and access
management process and tools that help maintain low costs and mitigate
risks related to this domain. The implementation uses IBM Tivoli Identity
Manager and IBM Tivoli Access Manager software to manage the employee
and contractor identity and access lifecycle and enforce access to the
business applications.
򐂰 Data and Information
The financial accounting company uses a granular information asset
classification scheme paired with a least privilege principle. Access to the
database servers is monitored in real time consistently. The access is
enforced, including privileged users, without causing any of the performance
impact and separation of duties issues of native database logging. The
access is enforced by using IBM InfoSphere Guardium Database Monitoring
and Protection. The solution is integrated with the IBM Security QRadar
security analytics solution in the Security Operation Center.
򐂰 Application and Processes
The financial accounting company follows a rigorous release management
process with a granular promotion-to-production path that specifies security
testing criteria. The company uses IBM Rational AppScan software for testing
during the early development stages through to applications that run in the
production environment. This approach helps with practicing security during
the application development phase, and also helps discover any application
vulnerabilities. The processes of the financial accounting company achieve a
high level of automation and embrace security controls, such as the
separation of duties and creation of auditable records.
򐂰 Network, Server, and Endpoint
The financial accounting company implemented a threat management system
worldwide, based on IBM Security SiteProtector™ and IBM Security Network
IPS. This solution implements an extra security layer for the financial
accounting company network architecture and supports the business
requirement approach of the company.
For network and server management and vulnerability scanning of the entire
IT infrastructure, the company uses an IBM Managed Services solution.
Today, there is no solution to address the endpoint management.
We identified a critical gap related to endpoint security and compliance
management for this environment. The financial accounting company has a
clear strategy to geographic expansion. Currently, the company uses
approximately 120,000 endpoints. There are more than 100,000 potential

Get Endpoint Security and Compliance Management Design Guide Using IBM Tivoli Endpoint Manager now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.