Endpoint Security And Intrusion Detection Remain Top Concern
IBM’s security boss Dave Merrill talks about what threats and challenges are keeping him awake at night
Continued from page 2
“What we all need is one instance protecting the information, as often we have to protect the confidential information we will share with a client,” said Merrill. “Half of my endpoints exist outside the cloud at any one time, but regardless of where they are if I can protect them, that would be great.”
“I am a consumer of cloud, but I am also an internal security person, as well as being a supplier of cloud to customers,” explained Merrill. “The picture today is that I use the public cloud because it makes sense.”
IBM recently announced a partnership with Juniper Networks to offer security services for leading platforms such as Apple iOS, Android, Symbian, Blackberry OS and Windows through the Juniper Networks Junos Pulse Mobile Security Suite. This offering combines endpoint and security management into a single solution capable of protecting both virtual and physical endpoints.
“We use services such as Junos Pulse where each each enterprise controls the access point,” said Merrill. “It is a public service, but the amount of sensitive information stored there is limited. Despite it being provided by third party, it meets our security requirements, and makes perfect sense for us to do that.”
Buying BigFix
And Merrill believes that in the future businesses will increasingly look at buying in services rather than building their own infrastructure. However in the meantime he stressed the importance of IT managers remaining in control of their existing systems.
“It is all about need, and in the long run it is about on-demand, and buying a service rather than building infrastructure,” said Merrill. “With our BigFix acquisition, it meant that I could get out of the business of creating content as it did all that work for me.”
IBM’s deal to buy BigFix was competed in July 2010, giving it software that identifies which devices are not in compliance with policies and recommends security fixes and timely software updates to up to 500,000 machines in a matter of minutes.
“Our BigFix software means that when Microsoft issues a new Patch Tuesday update, all the patches are ready to deploy instantly in the enterprise,” said Merrill. “That value proposition resonates not only across small businesses, but also enterprises. The story with BigFix is very interesting, as I started out looking for a multi-use configuration agent as our business models were changing.”
Continued on page 4