IBM gets a Big Brother

IBM has…

announced today the acquisition of Consul risk management Inc., a supplier of security and risk management tools. This is a good move from IBM – despite most eyes turning outwards when thinking about security, with the concentration being on identity and access management and control, reports show that the majority of security exposures occur through the activities of trusted personnel with high degrees of authority. Consul delivers software that is designed to monitor compliance – almost like an ‘auditor-in-a-box’.

This ‘Big Brother’ type of functionality is becoming more an more important. With a growing set of government-driven regulations across the corporate world, the inward eye needs to protect not just from internal threats but also the unintentional infringement. Penalties imposed on companies for contravening regulations are becoming increasingly draconian, and therefore risk mitigation is increasing dramatically in importance.

Of course, IBM has chosen a vendor with a strong mainframe offering, integrating well with RACF and Tivoli, but the Consul offerings also offer compliance monitoring and management across the entire distributed enterprise. With the massive interest in technologies such as SOA, more and more applications and processes will be opened up for wider usage and reusage, and this will exacerbate the compliance problem.

One of the neat things about the Consul offering, InSight, is the patent-pending methodology to put compliance event information into a business context. As the Consul site describes,

InSight goes beyond traditional log managers and takes security data (logs, syslogs, SNMPs, NetBios, etc.) from the entire enterprise, consolidates and normalizes it through Consul’s patent-pending W7 methodology whereby Who, did What, When, Where, Where from, Where to and on What is determined based on deep knowledge of the system matched to the information in security alerts and log files. Through best-practice and customizable policy templates, only the essential events are processed to provide urgent, relevant and actionable information.

This continues a very prevalent theme of today, namely expressing technical information in business terms, and is all part of improving the alignment of IT with business strategy.

Good one, IBM.


Posted in Imported, Vendor news.