Endpoint Security And Intrusion Detection Remain Top Concern
IBM’s security boss Dave Merrill talks about what threats and challenges are keeping him awake at night
Continued from page 3
“We (IBM) had outsourced our internal network support, but we constantly had new employees joining as we were growing. This meant that internal needs began to blend with the Internet, and therefore our security threats started to increase,” said Merrill, who went on to champion BigFix within IBM.
“I was sceptical to start with, as I see many products, but very seldom does a product meet or exceed our expectations,” said Merrill. “I kicked the tyres (of BigFix) and walked away very impressed. However it was a three year uphill battle to get it adopted by IBM, and thankfully we eventually acquired it. We are currently working on 546,000 endpoint deployments, and the primary attraction was that BigFix gave me security content instantly, which is a really big deal.”
“Its cross platform support was also important, as primarily I run Microsoft Windows, but also run Macs and Linux,” said Merrill. “This all comes down to the IBM layer I referred to earlier. The IBM layer is applicable regardless of what platform the systems run on. Extensibility is important, and it is easy to create your own content, tying that system into broader integrated solutions today. So today I now have a sophisticated intrusion detection system.”
Intrusion Protection
To this end IBM offers its Network Intrusion Protection System (IPS) appliance, which operates at an estimated 20 gigabits per second (GBps) – almost 2x faster than competitive offerings.
“I talk to a number of our clients, as I think they are a fair representation of the industry as a whole,” said Merrill. “They are mostly very concerned about external intrusions right now – that is the thing that concerns them the most, even with their existing security systems in place. That said, social engineering attacks on employees are hard to mitigate against.”
“For a lot of enterprises they cannot afford to overlook their security education, and that has to be part of our defence,” said Merrill. “Defence has to involve employees and the one good thing I am noticing is the spirit of co-operation between competitor organisations who are working together on the best approaches to address this problem. That is really a positive sign.”
Security Policies
“For the smaller business, getting help is the best alternative, and that often means buying services on demand,” said Merrill. “Some of their problems however start with the fact that many small businesses do not have security policies in place, and that is the seed you cannot grow the tree without.”
“In that that scenario small business can easily get help to create the right policies for them,” concluded Merrill. “The beginnings of a good security policy becomes their roadmap for what they should spend their money on going forward. We have to prioritise and focus on the highest risk problem, and identify what risks to address first.”