By Jorge Araujo
When I heard about the announcements on security that HP was preparing to launch on September 10th, I felt an enormous expectation. That is because, as Security Focal Point of the HP Cloud Committee in Latin America, I am very enthusiastic about the great opportunity this area represents. The market has a great need of integral solutions in this segment and you, as a CIO or member of an IT team, experience increasingly more pressure for incorporating innovation in your company; your business is asking for that. The challenge is that innovation surely leaves the door open to risk.
For instance, when CIOs are asked “What is the main factor that inhibits your adoption of cloud computing?” their first response always is data security. Besides, if the company lets its employees bring their own mobile devices, not managed by IT (BYOD), it gets increasingly harder to manage; all you can do is to have security solutions in place allowing to face this new reality. In this new reality, too, you can’t prevent bank clients, for instance, from accessing their accounts, no matter where they are and which equipment they use. The larger the number of sensible databases becomes (Big Data), the more severe the consequences of unauthorized access are for their owners.
HP recently commissioned a survey* carried out by Coleman Parkes Research and targeted at 550 senior business and technology executives worldwide, 75 of them in Latin America. These senior managers indicated that their organizations are becoming more proactive regarding security strategy, governance, and intelligence. 61% of the respondents said their security leader has a place at the decision-making table, together with the other executives of the company. However, less than half of them, 34% stated having a risk management strategy established. Approximately 44% recognized that they currently manually consolidate their risk management reports, and cannot measure this type of information. When asked about cloud service security, 51% estimated that they can be as secure as their own datacenters. However, about 55% mentioned that business people, not IT people, do not take into account security when choosing cloud services. Other conflicting themes mentioned were identity management, fulfillment, data protection and privacy, and print security.
Of course there are many providers offering security solutions. But in general, they present niche solutions or solutions focused on specific aspects of a problem. Traditional security does not target the whole security issue; instead, it’s typically focused on the perimeter and on individual transactions. But current challenges and vulnerabilities require more proactive contextual and functional elements. They need to be related to the same logic of applications and business needs. This requires a holistic vision of security as a mean to minimize risks for the company's assets.
Security cannot only improve and strengthen the “gates of your house”. -- What happens when the threat comes from internal sources? How do you handle a threat that comes from an individual with permission to pass through the gate? Today, attacks are very complex and may do not involve only one transaction from an individual; sometimes they involve a well thought mesh of transactions and actions that originate from an entire organization dedicated to cybercrime.
In the face of that situation, you can turn to HP. The solutions that we have just announced offer a set of coherent security services that will allow you, as a CIO, to focus on business innovation and requirements, while minimizing risks and building a contextual and proactive security that allows you to defend your company, in some cases, even before attacks happen.
I invite you to further explore our new HP Services offerings. You will find these @ Security services for datacenters
But don’t stop your search there. The value that HP security solutions bring to your business span offerings from our entire company.
- Security for the public sector
- ArcSight Enterprise Security Manager 6.0c
- HP TippingPoint NX (NGIPS)
- HP TippingPoint NX Next Generation Intrusion Prevention Systems (NGIPS)
- Mobile monitoring application Information Security Pulse
- Access, fulfillment and automation security solutions for imaging and printing systems
- Security Software-as-Service (SaaS) HP Fortify on Demand (FoD)
It would take too long to summarize the entire proposition here, but I’ll say that the intention is to make security part of your overall IT infrastructure design. HP is the only provider in the market who protects the network, the datacenter and the application. The network is protected by our HP TippingPoint NX Platform Next Generation Intrusion Prevention Systems (NGIPS) solutions. HP Data Center Protection Services will help you to transform your datacenters, integrate your environmental security to mitigate risks, optimize threat management, and reduce costs associated to implementation (Look for this theme in my next blog).
HP ArcSight Enterprise Security Manager 6.0c can deploy and orchestrate a powerful and flexible monitoring platform that allows detecting threat standards across your entire business activity. By doing so, it can amplify the value of security information of an event by adding contextual information to the transactions.
I believe HP’s announcement transforms the vision of IT security in the marketplace. I anxiously look forward to the time when this approach becomes part of our Latin American regional portfolio, so you can protect what matters the most in your company in a proactive and integral manner.
I'll keep you posted!
And -- I would love to know your thoughts. What are the security challenges you face daily when your company adopts innovation?
Jorge Araujo leads strategic sales projects for multiple business units with the HP Enterprise Group in Latin America (except for Mexico and Brazil). He is the Security Focal Point of HP Cloud Committee for the region. He is an expert in value consulting services in the HP portfolio, which includes complete IT infrastructure projects for core business applications, as well as cloud computing.