IBM Strengthens Security Portfolio with New Identity Management Software
December 2007 by Marc Jacob
IBM further bolstered its risk management portfolio with the announcement of new security software designed to help clients manage user access to sensitive company information and simplify the process of compliance management.
Currently the worldwide leader in identity and access management revenue, according to analyst firm IDC (1), IBM advances its identity management software with the new availability of IBM Tivoli Identity Manager Version 5.0.
The IBM software takes a risk-based approach to help clients effectively manage user accounts, access permissions and passwords for employees, contractors and customers from creation to termination. It provides a centralized point for administering users, their passwords, business roles, and access rights — helping ensure that business and security policy is set on all systems and applications across the company.
Delivering the most extensive update in its history, new features and enhancements to IBM Tivoli Identity Manager are intended to greatly improve management of business policy compliance, accelerate and simplify set-up and deployment, and enhance productivity of identity management business users and IT administrators. With new “out-of-the-box” instructional wizards, templates and best practices that can speed time for deployments and reduce the learning curve of new users, customers are expected to benefit from an estimated 50 percent reduction in deployment time compared to previous releases.
Today’s computing environments often contain thousands to millions of users and a multitude of databases, applications and systems. Automated identity management helps enterprises ensure the right people can access the right applications and information, such as company financial data or customer and employee information databases, as examples.
IBM Tivoli Identity Manager automates for enterprises the tedious, manual process of setting up new accounts and passwords for its employees and customers that might otherwise require a dedicated response from IT staff. It provides the ability for users to reset and synchronize their own passwords without going through a help desk, saving time for both the users and technical support. The software also can identify unauthorized and malicious changes that would give users access to more applications than necessary to do their jobs, remove the illegitimate access, and alert designated business leaders as these events occur.
The Ottawa Hospital (TOH), which provides care for more patients than any other Canadian hospital, relies on IBM software to manage user access within its portal project, "myTOH." With myTOH, the hospital’s physicians and staff have immediate access, based on defined user privileges, to a wide range of information, such as e-mail, lab results, eHR and PACS images, from anywhere with a secure Internet connection. This has transformed the way TOH cares for its patients since quick access to lab results by a physician on the road or at home can translate into saved lives.
New Features Help Simplify Compliance with Company Policy
Effectively managing compliance continues to be a top concern for businesses, while according to analyst firm Gartner, the number of regulatory requirements directly affecting IT operations are expected to double in the next five years (2). Several new and improved features of IBM Tivoli Identity Manager were developed to help clients better manage and simplify compliance with business and security policies.
To support compliance needs, the software helps enterprises more easily demonstrate who has access to what information and why that access is business appropriate. It provides centralized reports on security policy, access rights and audit events to quickly respond to internal audits and regulatory mandates.
The new software also handles the process of automatically correcting and removing non-compliant access rights through periodic management review and sign-off. In the past, reviewing user access rights to achieve compliance with internal security policies or legal requirements typically involved teams of IT administrators manually producing reams of spreadsheets, emailing those to business managers for review, and logging management responses in reports for auditors – a painstakingly, time-consuming process that usually would repeat each quarter.
The new IBM Tivoli Identity Manager integrates with IBM Tivoli Compliance Insight Manager — IBM’s broad-based solution for enterprise security audit and compliance management — for audit reports that map to regulations and best practices. It also provides intelligence and recommended actions on policy compliance issues, eliminating the need to manually review policies.
IBM’s Tivoli security software helps prevent unauthorized access to valuable customer, employee and business data and facilitates compliance with corporate security policy and regulatory requirements. It is part of IBM’s portfolio of service management software which automates some of the most challenging processes associated with managing a complex IT environment, such as managing storage devices and deploying new software releases and patches. The software helps customers fight rising IT costs, manage constant change and meet the demand to stay competitive in the marketplace.