Feeds

IBM beefs up security in global services

Good news for big business, but what about SMBs?

Secure remote control for conventional and virtual desktops

Comment Last week IBM announced that it was acquiring US-based Internet Security Systems (ISS) for $1.3bn.

ISS's specialty has been the proactive security for the enterprise through automation and focusing on vulnerabilities in the ever-evolving IT infrastructure.

IBM believes the acquisition, its largest since it acquired PWC, will advance IBM's strategy to use IT services, software and consulting expertise to automate labour-based processes into standardised, software-based services for its clients.

IBM also believes it will help advance its position in Managed Security Services, which addresses issues ranging from data theft to implementing regulatory requirements.

ISS is one of the largest providers of security products and managed security services in the industry, with more than 11,000 customers worldwide, including many of the largest banks, public insurance companies, and national governments. ISS will join IBM as a business unit within IBM Global Services' Security organisation.

ISS has been admired for a while for its approach to security. While many are still trying to protect objects or systems, ISS has been evolving a holistic approach that respects that the environment is ever-changing, and that looks at automating systems as the way to respond in a proactive manner.

In this respect its philosophy is close to that of IBM which has also embraced a holistic approach and has had a self-healing approach for its systems and software along with other automated capabilities for years. Both companies understand that evolving IT security requires an architectural, big-picture approach rather than a point-product, perimeter-centric approach.

In that sense, the combination of the two should bode well for both vendors' customers. IBM customers will see the inclusion of a strong security vendor's products and services beefing up IBM's offerings, which have not been as strong as those of some of its competitors.

For ISS, IBM's scope gives it access to a greater number of customers than it could have reached alone, and adds credibility to both companies' reputations as trusted corporate advisors. Customers of either company should feel secure that IBM and ISS are committed to proactive, automated security and managed security services.

Next we will be waiting to see what the company does with identity management, a hot topic on its own that is tightly connected to many other security issues.

In some ways, it is sensible for IBM to place ISS within Global Services. The product would be awkward in any other part of IBM, even if it is largely a software capability. However, that said, putting ISS within Global Services also makes us uncomfortable.

Global Services is the biggest part of IBM, and it is important, in that frequently Global Services acts like a laboratory where large customers with specific needs can work with IBM to make solutions that solve specific problems, and then that intellectual property can be shared internally within IBM to help productise it for a larger market or share it in some way with services partners who can offer it in appropriate form to the SMB market.

This is a nice idea in theory, but the problem is that we haven't really seen that happen. For many reasons, most of them quite sensible, Global Services is unable or unwilling to deal with entities smaller than roughly 1,000 employees.

In the grand scheme of IT, this leaves an awful lot of the market open. Global Services' business model is not designed to deal with the mid-market, nor should it necessarily do so, but IBM still does not have a way to capture the extensive IP it is building within Services to leverage it across the company or the market.

We fear that ISS's products and approach will continue to benefit large companies but that an awful lot of the mid-market will not have access to those capabilities. While this may not seem terrible from a near-term revenue viewpoint, from a security viewpoint it should be viewed with alarm.

Organisations interact, especially within supply chains, and partners need to be inculcated in the same methodologies, approaches, and philosophies as the larger players. IBM has a significant partner organisation although it is essentially a tactical unit for helping partners navigate IBM.

However, we strongly urge IBM to work with its product groups, Global Services, and the partner organisation to figure out ways to take the great ideas in Global Services and bring them out of the ivory towers of the consultants and academicians and down to the larger masses of IT managers worldwide.

Copyright © 2006, IT-Analysis.com

Website security in corporate America

More from The Register

next story
Phones 4u slips into administration after EE cuts ties with Brit mobe retailer
More than 5,500 jobs could be axed if rescue mission fails
JINGS! Microsoft Bing called Scots indyref RIGHT!
Redmond sporran metrics get one in the ten ring
Driving with an Apple Watch could land you with a £100 FINE
Bad news for tech-addicted fanbois behind the wheel
Murdoch to Europe: Inflict MORE PAIN on Google, please
'Platform for piracy' must be punished, or it'll kill us in FIVE YEARS
Phones 4u website DIES as wounded mobe retailer struggles to stay above water
Founder blames 'ruthless network partners' for implosion
Found inside ISIS terror chap's laptop: CELINE DION tunes
REPORT: Stash of terrorist material found in Syria Dell box
Sony says year's losses will be FOUR TIMES DEEPER than thought
Losses of more than $2 BILLION loom over troubled Japanese corp
prev story

Whitepapers

Secure remote control for conventional and virtual desktops
Balancing user privacy and privileged access, in accordance with compliance frameworks and legislation. Evaluating any potential remote control choice.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
Intelligent flash storage arrays
Tegile Intelligent Storage Arrays with IntelliFlash helps IT boost storage utilization and effciency while delivering unmatched storage savings and performance.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Beginner's guide to SSL certificates
De-mystify the technology involved and give you the information you need to make the best decision when considering your online security options.