| |
To comply with government and industry regulations, such as Sarbanes-Oxley, Gramm Leach Bliley (GLBA), and COBIT (which can be considered a best-practices framework), organizations must constantly detect, validate, and report unauthorized changes and out-of-compliance actions within the Information Technology (IT) infrastructure. Using the IBMa® Tivoli Security Information and Event Manager solution organizations can improve the security of their information systems by capturing comprehensive log data, correlating this data through sophisticated log interpretation and normalization, and communicating results through a dashboard and full set of audit and compliance reporting.
In this IBM Redbooksa® publication, we discuss the business context of security audit and compliance software for organizations and describe the logical and physical components of IBM Tivoli Security Information and Event Manager. We also present a typical deployment within a business scenario.
This book is a valuable resource for security officers, administrators, and architects who want to understand and implement a centralized security audit and compliance solution.
About the Authors
Axel Buecker is a Certified Consulting Software IT Specialist at the ITSO, Austin Center. He writes extensively and teaches IBM classes worldwide about areas of software security architecture and network computing technologies. He has a degree in Computer Science from the University of Bremen, Germany. He has 23 years of experience in a variety of areas related to workstation and systems management, network computing, and e-business solutions. Before joining the ITSO in March 2000, Axel worked for IBM in Germany as a Senior IT Specialist in Software Security Architecture.
Jose Amado is a Senior Level 2 Support Engineer and consultant. He is the Tivoli Security Information and Event Manager and Tivoli Compliance Insight Manager Level 2 Technical Team lead. He works for IBM US in Guatemala. Jose has 12 years of experience with IT security solutions, and he has several certifications. For six years he has worked with Tivoli Security Information and Event Manager-related products and has been part of many international deployment projects for Security Information and Event Management (SIEM) solutions. Jose participated in beta testing of various versions of the product and worked on networking infrastructure designs for customers.
David Druker is an IBM Security Architect and works with IBM customers in central and western United States. He is known worldwide as an expert in IBM Tivoli Directory Integrator and has designed many solutions around this product. He has over 20 years of broad technology experience in security, programming, and enterprise architecture. David is a Senior Certified IT Specialist and holds a Ph.D. in Speech and Hearing Science from the University of Iowa.
Carsten Lorenz is a certified Senior Managing Consultant at IBM in the United Kingdom (UK). He manages security solutioning in large and complex IT infrastructure outsourcing engagements for customers throughout Europe, Middle-East and Africa. He has more than 10 years of experience in the security and compliance field, specializing in the areas of Security Management, IT Risk Assessment, Governance, and Operational Risk Management. Carsten performs consulting engagements with IBM customers in various industries, ranging from fortune 500 to small-to-medium sized businesses. Carsten is a CISSP, CISM, and a CISA, and he has a Bachelors Degree in European Studies from the University of Wolverhamption, UK, and a Diploma in Business Science from the University of Trier, Germany.
Frank Muehlenbrock is an IBM Information Security Manager with international experience in IT Security, Data Privacy and Risk and Compliance Management. He has 23 years of experience in the IT industry. Frank developed and implemented many IT security policies, processes, and procedures. He also conducted physical and logical security audits on a European scale. Frank has an Information Management degree from the Fachhochschule Reutlingen, Germany. He has a CISM certification of the ISACA organization and an MCSE and MCT. Frank co-authored three previous IBM Redbooks publications about IBM Tivoli Compliance Insight Manager. He also published technical articles in German journals and a book about implementing security guidelines. He is currently working on another book for the ISACA German chapter about the "Usage of Forensics in an Audit Organization".
Rudy Tan is a Senior IT-Specialist who works as a technical course developer in the IBM Tivoli Lab in Delft, Netherlands. He has 17 years of experience in the IT industry with a focus on security. In the past 12 years, Rudy worked at Consul as a Tivoli Compliance Insight Manager developer, consultant, and trainer. ISBN 9789350230756
|
| |
Pages : 464
|