Enterprise Security
Paradigm Shift in the Security Market
Security: A Major Imperative For A Service-Oriented Architecture (SOA)
Service Oriented Architectures deliver a number of recognized advantages, including more open and efficient access to key enterprise services, applications and information. But the very openness of an SOA also creates unique and significant security challenges for organizations. In this EDS paper, we examine crucial SOA security issues – including confidentiality, integrity and availability – and review the technologies, tools, standards and architectures used to ensure SOA security.
Read more about Security: A Major Imperative For A Service-Oriented Architecture (SOA)
Security should enable an organization to take calculated risks, not just minimize them. With EDS as your business ally, you'll have advanced solutions that let you confidently implement the most forward-thinking possibilities and get better results. You'll also be able to move beyond risk reduction and compliance to plans that enable your enterprise to achieve more, exceed expectations and embrace cutting edge technology. It's time to set business free.
What We Think
For more than a decade, security has been seen across industries and portfolios as a business inhibitor, a necessary but inconvenient weight. Security was an investment based on fear, a need to build fortifications against real and perceived threats to operational viability. And while the walls successfully kept the hazards at bay, they also hindered growth, diverted investments and served as very real barriers to customer and partner interaction.
EDS looks at security in a different way. We think security should enable an organization to take calculated risks, not just minimize them. It's a paradigm shift from protecting the perimeter to safeguarding information in an accessible way. With this in mind, we equip our clients with solutions that allow them to explore results-driven opportunity – embrace technology on the cutting edge, implement innovative changes and confidently move to the forefront of their respective fields.
We're looking at the cutting edge ourselves. EDS keeps a step ahead of security market trends, helping clients understand and adopt new approaches like “software as a service,” a concept in which organizations pay for software services in proportion to use. This fast-growing trend is dissolving boundaries between product, services and consulting and is a fundamental departure from the traditional fixed-price perpetual license of on-premises technology. Analyst firm Gartner predicts that by 2012, “at least one-third of business application software spending will be as service subscription instead of as product license.” EDS is helping our clients navigate this change and others like it.
Of course, we know the dangers are still out there. We work every day to minimize the threats to our clients and help ensure that they are in compliance with legislative safeguards. But we refuse to let those threats immobilize ideas or hold our clients back from exceeding their expectations. And we see the potential in security as a business enabler, not a sequestering limitation. It’s time to set business free.
While security has traditionally focused on mitigating risk and ensuring compliance, EDS extends that focus to also enable business. With this in mind, we strive for a balance of capabilities:
| Capability | Infrastructure | Applications | Business Processes |
|---|---|---|---|
| Enable Business |
|
|
|
| Mitigate Risk |
|
|
|
| Ensure Compliance | — |
|
|
Working with our Agility Alliance partners, we integrate “core” security products into solutions that help you address the business and compliance needs of your organization. In addition, we:
- Apply reasonable security measures that enable business
- Provide service continuity, disaster recovery and business viability
- Address the complexities of compliance issues in multiple geographies, across industries, and within government procedures
- Secure intellectual property and employee, customer and partner information to maintain trust
- Protect an entity's brand and reputation in the marketplace “trust”
- Provide scalable solutions to secure diverse technologies in today's global business environment
Did You Know
- 78 percent of businesses are affected with a virus or a worm
- 37 percent of businesses have unauthorized personnel gain access to company information
- 49 percent of businesses report laptop theft – 2004 CSI/FBI Computer Crime & Security Survey
- Data Breaches and ID Theft have become organized crime's #1 business, costing the US economy over $67 Billion in 2006 – USA Today
- 88 million data records of U.S. residents have been exposed to security breaches since 2005. – Privacy Rights Clearinghouse
- If you experience a security breach, 20 percent of your affected customer base will no longer do business with you, 40 percent will consider ending the relationship, and 5 percent will be hiring lawyers – CIO Magazine, 15 May 2006
Security Is Not About Fear, It's About Results-driven Opportunity
The old way of managing security was to build a strong perimeter and hide from the threats. But this approach also kept out customers, vendors and other constituents who needed easy access to your organization. The EDS approach is to create an environment that enables interactions but still protects the information: you control who gets access to each piece and part, while opening the enterprise to a dynamic and flexible exchange.
Security Should Allow Access To Information
Security should allow the right people to access appropriate information and services anywhere, anytime, securely – including Internet and wireless security and customer access to personal data.
Security Needs Vary by Industry
EDS has worked in the IT business for more than 45 years and understands that security needs vary greatly from industry to industry. We adjust our solutions to address these disparate concerns, balancing risk reduction, cost and usability in a way that best works for your business.
One Size Does Not Fit All
EDS provides multiple models for delivery of high-end security, all in tune with industry variances and geographic deviations. Agile delivery models are required to deliver the security services of tomorrow.
- Risk tolerance and spend on security vary greatly. EDS understands the variances
- Take advantage of EDS' “Snapshot Assessment” capability to get a comprehensive security review
- EDS has proven offerings with industry relevance co-developed and branded by EDS and key Agility Alliance Partners
- Our customer-centric security development utilizes market intelligence to help you find solutions from your perspective
Services
- Governance, Risk & Compliance Management Services
- Governance, Risk and Compliance Management is the starting point for minimizing risk, and safeguarding people, assets and intellectual capital by implementing compliant enterprise security policies, standards and systems.
- Information Security Management Services
- Information Security Management protects enterprise information and data as it is used, shared, stored, archived or transmitted, both inside and outside of the enterprise. Protection of the data provides a secure operational foundation.
- Threat & Vulnerability Management Services
- EDS’ Threat and Vulnerability Management Service identifies threats and points of vulnerability, implements countermeasures to mitigate the likelihood of a successful breach, and responds quickly to security incidents.