HP Enterprise Security Services (ESS) today announced new services and solutions that enable customers to manage the security of their data and infrastructure—from the device through the network and extending to third-party suppliers.
As the IT landscape moves toward a mix of cloud, mobile and social technologies, information is flowing everywhere. The extended enterprise not only includes multiple devices and locations, but also a vast network of vendors and suppliers. As a result, organizations are faced with a dynamic and relentless threat environment spanning both internal and external risks.
“Resource-strapped IT teams are seeking simple, yet comprehensive solutions to address the complex security threat landscape they are facing,” said Susanta Bhattacharya, Director, Infrastructure Technology Outsourcing (ITO) Portfolio, Enterprise Services, HP India. “Combining HP’s leading technology with expert security counsel, HP Enterprise Services is enabling organizations to manage their risks and expand protection for their extended enterprise.”
Enabling secure mobile access in the extended enterprise
End users are demanding access to the information they need, when they need it and on whatever device they choose. While supporting user-owned devices in the workplace can increase productivity and employee satisfaction, it also can bring risks to an organization’s data and reputation, as well as increased costs. Faced with the need to balance user demands against security controls, many organizations lack the understanding and internal resources to implement an effective security strategy for mobile solutions.
HP Security Risk and Controls Advisory Services for Mobility help organizations understand, identify and implement an effective security strategy, enabling them to better manage the security of user-owned devices. The service guides organizations through critical processes in the move to a mobile enterprise, including:
·Defining a strategy to govern adoption of a user-owned device policy.
·Identifying gaps in current infrastructure to support the influx of new, unknown devices.
·Recommending necessary enhancements to security controls to address the inherent risks and close those gaps.
As a result, clients can eliminate the guesswork and complexities associated with enabling a mobile enterprise.
Disrupting advanced DDoS attacks
Distributed Denial of Service (DDoS) and web application attacks pose some of the greatest threats to enterprises today, depriving organizations of critical applications and services by slowing web traffic, overloading servers and restricting traffic from legitimate users. The resulting losses can be significant, including revenue, reputation, financial and legal damages.
HP DDoS Protection Services combine crucial technology with 24/7 security event monitoring by skilled security analysts, helping organizations detect DDoS attackers faster and take immediate action to disrupt the adversary, reducing losses from system downtime.
HP DDoS Protection Services leverage the capabilities of leading security tools and HP Managed Security Services to deliver both cloud-based and on-premises DDoS protection. Real-time monitoring is available through HP’s eight global security operations centers, running HP ArcSight to identify and block network as well as application-layer DDoS and web application attacks. The service reduces the complexity of managing DDoS attacks, alleviating pressure on over loaded security teams and freeing resources for other security initiatives.
Managing supplier risks
Enterprises today rely on vast networks of suppliers to ensure their customers’ needs are met. To remain successful, they must be open to connectivity with suppliers. This extension of the potential “attack envelope” represents enormous risk, as breach incidents frequently originate from supplier connections, rather than within the target organization itself.
The HP Supplier Security Compliance Solution helps enterprises manage this risk by optimizing security and compliance strategies across suppliers. HP security consultants leverage global knowledge of legal, regulatory and standard developments along with local expertise, equipping enterprises to improve their risk posture and lower compliance costs. The solution includes three services:
·HP Compliance Management Advisory Service: HP security experts deliver organizations impact and security risk assessments to help organizations define key compliance metrics and reporting structure.
·HP Managed Security Compliance Service: This fully managed service designs, imposes and reports against a tailored security compliance framework across multiple service providers, including regular monitoring and review.
·HP Managed Security Audit Service provides thorough auditing of suppliers’ security controls and processes in relation to an organizations regulatory requirements, contractual obligations and risk profile.
Through the development and implementation of customized security processes and monitoring across the supplier network, organizations can gain control of their data and reduce the chance of losing money, trade secrets and customer trust that can be lost as the result of a data breach.
Availability
HP DDoS Protection Services, HP Security Risk and Controls Advisory Services for Mobility and HP Supplier Security Compliance Management Services are available immediately worldwide.