POWER > Business Strategy > Executive Perspective

A Holistic Approach to Security

By Petra Bührer

Recently, we’ve seen a significant increase in the number of clients investing in security-related IT infrastructure. With evolving security threats making the headlines and damaging or even destroying business, clients want to make sure they have powerful malware and intrusion-prevention solutions.

Data breaches are costly: According to the 2017 Ponemon Cost of Data Breach Study (ibm.co/2rLVOKR), the average cost of a data breach is $3.62 million. The impact of security breaches goes beyond the direct monetary component as they can result in considerable labor cost, disruption in operations and damage to enterprises’ reputation, which affects customer loyalty and more.

What’s more, enhanced security and compliance regulations arise, forcing clients to implement additional layers of security. But with all these standards and rules, security can seem complicated. And noncompliance can be painful: For instance, a client can be forced to take all of the credit card data off his systems (e.g., as required by PCI DSS). And if a breach coincides with noncompliance, fines can exceed $500,000 or up to 4 percent of the annual worldwide turnover of the enterprise—as is the case of the upcoming General Data Protection Regulation (GDPR). (For more information on this new regulation, visit ibm.co/2ygqgMd.)

One of IBM’s key values is dedication to every client’s success—and IBM considers security an important component of success. At IBM Power Systems*, our mission is to support clients setting up a secure infrastructure, having powerful monitoring, implementing prevention and detection capabilities, and meeting compliance regulations.

The IBM Power Systems platform designs security into the system for comprehensive protection, which addresses security at all layers. PowerSC* security and compliance leverages and integrates with the security features of the various layers, providing virtualization-aware security enhancements to this solid stack. See “Demystifying Compliance” on page 18 for more information on PowerSC.

New enhancements such as Multi-Factor Authentication (MFA) allows clients to add an extra layer of security for their most critical IT infrastructure—whether required by an industry standard, federal mandates or just to raise the overall level of security and thus decrease the likelihood of being breached. With PowerSC MFA, the IBM Power Systems platform provides a powerful tool to manage different factors, user populations and policies in a centralized location.

New software-defined networking technologies such as overlay networks within the PowerVM* and PowerVC* solutions enable new security capabilities. Overlay networks allow each client to have an isolated network, independent of others on the same system. This reduces the risk of others interfering with the networks and lowers the surface area for attacks. Future features such as security groups will allow administrators to create policies that let the hypervisor control what a virtual machine can communicate with, dropping all traffic that doesn’t meet one of the policies.

We’re constantly enhancing our Power Systems portfolio, working on tighter integrations between related Power Systems Software products and PowerSC. For IBM, security isn’t just about implementing products, but about a holistic approach that takes into account all the layers and pieces. Let's work together for a more secure infrastructure in order to be prepared for the security threats that lay ahead.

comments powered by Disqus



2017 Solutions Edition

A Comprehensive Online Buyer's Guide to Solutions, Services and Education.


5 Steps to Implementing Cloud


A Holistic Approach to Security

IBM Systems Magazine Subscribe Box Read Now Link Subscribe Now Link iPad App Google Play Store