HP Expands Enterprise Security Solutions for Cloud, Social Media
Modernizing Authentication — What It Takes to Transform Secure Access
Hewlett-Packard combined its security products and technology from recent acquisitions to unveil an expanded Enterprise Security Solutions portfolio designed to help businesses deal with persistent security threats from cloud applications and social media. This new offering reflects the company's desire to move more into the security and services markets.
The new security portfolio provides organizations with the necessary tools to combat threats arising from mobile computing, consumerization of IT, the increased adoption of cloud services and the prevalence of social media in the workplace, HP officially announced Sept. 12. The technology the company acquired from ArcSight, Fortify Software and TippingPoint have been integrated into a comprehensive risk-management platform.
Traditional IT security focused on establishing strong perimeters around the network and systems to keep bad guys out and define policies on what the good guys can do inside, Tom Reilly, vice-president and general manager of HP enterprise security products, told eWEEK.
"Organizations have to stop worrying only about the perimeter," Reilly said, especially with recent trends changing how people access the data.
Organizations have to deal with a "whole new set of security challenges" with the consumerization of IT and the growing popularity of mobile devices, Reilly said. Employees increasingly expect to be able to access data even when not at work, and IT departments have to start thinking about home computers and other non-corporate-issued devices regularly connecting to the network. The cloud "poses its own challenges" because data lives on some virtualized server in a data center under someone else's control, Reilly added. Social media breaks down traditional notions of enterprise security because the bad guys can trick the good guys to let them in.
Businesses often wind up implementing security products from various vendors in order to handle different types of threats, and the various components are often unable to work together, Reilly said. The new Enterprise Security portfolio would help businesses and IT departments establish and execute a security strategy that addresses threats and potential liabilities in a unified manner, Reilly said. The platform consists of security technology from acquisitions--including ArcSight, which HP acquired in 2010 for $1.5 billion; Tipping Point, which was part of the $2.7 billion acquisition of 3Com in 2009; and Fortify Software and SPI Dynamics.
Instead of selling new security products to companies for a specific problem, HP is positioning the new portfolio to offer customers a service that can fill in the gaps in their security strategy. The service-based approach allows HP to provide customers with information about new threats while working with existing infrastructure.
HP announced new tools and services, such as the Information Security Management services, Enterprise Cloud Service threat-management software and Application Security Testing-as-a-Service to find vulnerabilities in the application layer. ArcSight Express 3.0 would detect and prevent cyber-threats. HP Reputation Security Monitor lists and identifies malicious IP and DNS addresses. HP has integrated the reputation service, provided by TippingPoint's DV Labs, into ArcSight Express, Reilly said.