IBM Systems Magazine, Power Systems - November 2017 - 5
A Holistic Approach to Security
ecently, we've seen a significant increase in the number of clients investing
in security-related IT infrastructure. With evolving security threats making the
headlines and damaging or even destroying business, clients want to make
sure they have powerful malware and intrusion-prevention solutions.
Data breaches are costly:
According to the 2017 Ponemon
Cost of Data Breach Study (ibm.
co/2rLVOKR), the average cost of
a data breach is $3.62 million.
The impact of security breaches
goes beyond the direct monetary
component as they can result in
considerable labor cost, disruption in operations and damage
to enterprises' reputation, which
affects customer loyalty and more.
What's more, enhanced security and compliance regulations
arise, forcing clients to implement
additional layers of security. But
with all these standards and
rules, security can seem complicated. And noncompliance can
be painful: For instance, a client
can be forced to take all of the
credit card data off his systems
(e.g., as required by PCI DSS).
And if a breach coincides with
noncompliance, fines can exceed
$500,000 or up to 4 percent of the
annual worldwide turnover of the
enterprise-as is the case of the
upcoming General Data Protection Regulation (GDPR). (For more
information on this new regulation, visit ibm.co/2ygqgMd.)
One of IBM's key values is dedication to every client's success-
and IBM considers security an
important component of success.
At IBM Power Systems*, our mission is to support clients setting
up a secure infrastructure, having
powerful monitoring, implementing prevention and detection
capabilities, and meeting compliance regulations.
The IBM Power Systems
platform designs security into the
system for comprehensive protection, which addresses security at
all layers. PowerSC* security and
compliance leverages and integrates with the security features
of the various layers, providing
enhancements to this solid stack.
See "Demystifying Compliance"
on page 18 for more information
New enhancements such as
Multi-Factor Authentication (MFA)
allows clients to add an extra
layer of security for their most
critical IT infrastructure-whether
required by an industry standard,
federal mandates or just to raise
the overall level of security and
thus decrease the likelihood of
being breached. With PowerSC
MFA, the IBM Power Systems
platform provides a powerful tool
to manage different factors, user
populations and policies in a
networking technologies such
as overlay networks within the
PowerVM* and PowerVC* solutions enable new security capabilities. Overlay networks allow
each client to have an isolated
network, independent of others
on the same system. This reduces
the risk of others interfering with
the networks and lowers the surface area for attacks. Future features such as security groups will
allow administrators to create
policies that let the hypervisor
control what a virtual machine
can communicate with, dropping
all traffic that doesn't meet one
of the policies.
We're constantly enhancing
our Power Systems portfolio,
working on tighter integrations
between related Power Systems
Software products and PowerSC.
For IBM, security isn't just about
implementing products, but
about a holistic approach that
takes into account all the layers
and pieces. Let's work together
for a more secure infrastructure
in order to be prepared for the
security threats that lay ahead.
ibmsystemsmag.com NOVEMBER 2017 // 5