View online
Others who downloaded this publication also downloaded ...
Abstract
Security is a major consideration in the way that business and information technology systems are designed, built, operated, and managed. The need to be able to integrate security into discussions with business functions and operations exists more than ever.
In this IBM® Redpaper™ publication, we explore concerns that characterize security requirements of, and threats to, business and information technology (IT) systems. We identify a number of the business drivers that illustrate these concerns, including managing risk and cost, and compliance to business policies and external regulations, showing how they can be translated into frameworks to enable enterprise security.
Over the last few decades, industry groups and standards bodies have developed frameworks that serve as a baseline for certain aspects of security, and in this IBM Redguide we discuss two such frameworks:
- CoBiT
- ISO27002
To help you with your security challenges, IBM has created a bridge to address the communication gap between the business and the technical perspectives of security to enable simplification of thought and process. The IBM Security Framework can help you translate the business view, and the IBM Security Blueprint describes the technology landscape view. Together they can help bring together the experiences that we gained from working with many clients to build a comprehensive solution view.
This IBM Redpaper is intended to be a valuable resource for business leaders, security officers, and consultants who wish to understand and implement enterprise security by considering a set of core security capabilities and services.
The latest updates (Janaury 2011) include some minor typos and a change in the color representation of the IBM Security Blueprint components to deliver improved black and white prints.
Table of contents
Chapter 1. Introducing the IBM Security Framework and IBM Security Blueprint
Chapter 2. The components of the IBM Security Blueprint
Chapter 3. Business scenario for the People and Identity solution pattern
Chapter 4. Summary
