IBM Helps Business Partners Strengthen Client Infrastructures for Looming Government Regulations

Today at its PartnerWorld 2007 Conference, IBM (NYSE: IBM) announced a suite of software solutions to support IBM Business Partners in delivering the industry’s broadest portfolio of solutions for today’s growing compliance management market.

Compliance requirements can be driven by government regulations, industry guidelines, business commitments or even internally driven governance initiatives. Controls to protect the confidentiality, integrity and availability of customer data and applications are frequently a key part of compliance initiatives and must be aimed at prevalent threats. IBM’s Service Management offerings have a strong suite of compliance solutions that help to automate IT controls and then report on the effectiveness of these controls to support compliance initiatives.

“Taking a proactive approach to compliance and governance can give organizations the agility they need to respond to the variety of regulations they face today and in the future,” said Al Zollar, general manager, IBM Software. “IBM’s new compliance program helps provide a centralized and automatic approach to enable clients to effectively control information and rapidly make it available to meet audit requirements.”

IBM is arming its partners with the tools required to better address their customers’ compliance initiatives. With its recent acquisitions of Consul and Internet Security Systems (ISS), IBM is now able to offer the largest breadth of both internal and external security management in the industry today. Instead of taking point products to market that address isolated needs, this new program will help IBM partners address their customers’ needs for a complete compliance management lifecycle.

The program will tie together key steps for partners to create a compliance plan, including collecting information; analyzing this information and its risks; making policy decisions; creating procedures and control decisions based on the policy; and testing those controls to determine the outcomes against policy, including compliance measures. It will then help partners link to the appropriate IBM technology solution.

“IBM’s acquisition strategy to provide a complete portfolio of security and compliance tools clearly puts IBM in the lead,” said Jim Skidmore, Director of Sales and Practice Development, Encode. “The tool set enables vendors to quickly and intelligently meet their customer’s compliance objectives.”

Business partners will be able to leverage these tools to help clients determine where to focus their efforts first, starting simply and then growing their compliance management program to suit their enterprise objectives. Starting points will vary based on the risks and vulnerabilities in the enterprise today. Starting points that business partners can address with the IBM compliance portfolio include:


-Identity management: helping maximize the effectiveness and efficiency of internal controls for provisioning, enforcing, managing and auditing user access to IT systems.
-Vulnerability management: by monitoring system compliance to configuration policy, helping minimize technical risk factors such as security threats.
-Security information and event management: help effectively and efficiently monitor the health of the security environment, monitor and enforce security policies, and detect and respond to security related incidents.
-Threat management: aggregation, correlation, real-time threat and incident handling, security operations centers dashboard and operational reports for ISS or external security management solutions such as Symantec or Cisco.
-Log management and compliance reporting: demonstrating the effectiveness of IT controls relative to compliance initiatives such as ISO 17799, SOX, HIPAA, Basel II, etc.
With new and updated education and enablement material as well as co-marketing materials, technical collateral and demos, IBM business partners will have the tools at their fingertips to better understand their clients’ compliance requirements, determine where to start first and identify the IBM offerings that best suit their clients’ objectives. With a broad portfolio that addresses implementing IT controls as well as reporting on their effectiveness, the partner is well equipped to offer clients solutions for any phase of the compliance management process.