This script includes openWin function
Jump to content United States-English Home Products and Services Support and Drivers Solutions How to Buy
» Contact HP home
Newsroom > Feature stories

Enterprise security: Open the business, close the gaps


Company information

» Newsroom home
» News releases
  » Online press kits
  » Media relations contacts
  » Executive leadership
  » Newsroom archive
  » Videos
  » Podcasts
  » Blogs
  » RSS feeds
Company info
  » Fast facts
  » Financial information
  » Global citizenship
  » HP Labs
  » Company history
More info
  » In the news
  » Awards
  » Student inquiries
  » Recalls and replacement programs
  » Trademarks

Content starts here
HP Halo
By Susan Twombly, October 2009

While traditional security solutions focus on prevention and managing risks, they often inhibit the operations they seek to protect. Today, security must be a business enabler – empowering you to open up the enterprise to customers, suppliers and partners – yet in a way that helps you manage risk and ensure compliance.

But the very thought of “opening up” your enterprise – and the multiple points of vulnerabilities that can occur as a result – may cause you to employ a “more is better” security strategy. In fact, some large companies may work with hundreds of security vendors to ward off an ever-increasing barrage of security threats.

This approach isn’t just expensive, it’s exhaustive. To close the security gaps between these solutions that could leave you vulnerable, you must devote time and money to integrate them into your solutions. It’s also frustrating that, while all of these defensive actions can help make the business more secure, they may do little to move the business forward.

That’s why we created HP Secure Advantage, a pre-integrated portfolio of hardware, software and services from HP and HP partners, designed to help you defend resources, protect data and validate compliance – from desktop to data center to cloud.

Here are just a few examples of how we’ve worked with our Secure Advantage Alliance partners to do the integration work for you – to help you close security gaps, open the business for new opportunities and free your resources for more value-add activities that advance the business.

Assess your risks

Security gaps can be like a leaky roof: You often don’t know where the holes are until it rains. All too often, companies find their security holes only after a virus or worm has wiggled through.

With an HP Information Security Risk Assessment Service, you can understand where the gaps are across your enterprise, the associated risks and where you’re over or under spending on security, to get a better handle on costs.

This “soup to nuts” service includes an assessment of the IT resources you use to deliver services; your data at rest, in use and in motion inside and outside your enterprise; and your compliance requirements. With HP, you don’t have to buy separate consulting and evaluation services for each area, because your assessment extends across your operations.

Using a standards-based HP Information Security Service Management (ISSM) reference model, HP security experts help you build a plan to manage and mitigate risks by deploying highly operationalized security controls throughout the business.

We help reduce the time and cost required for risk management and regulatory compliance by mapping each of these security controls into controls for people, policy, process, product and proof (auditability). By correlating these control points, we can help eliminate redundancies and highlight areas needing additional controls.

To reduce complexity, we’ve also integrated the breadth of our services portfolio with the breadth of security products from HP and partners. So, it’s much easier to select the exact solutions you need to address specific security gaps and priorities. Knowing precisely where to devote security dollars can also help you avoid a “more is better” approach to security for better cost control.

Capture for compliance, analyze for action

The sheer volume of event log data – and the variety of sources it comes from across the enterprise – makes it difficult to manage for compliance and security. That’s where the HP Compliance Log Warehouse (CLW) appliance comes in as a way to automate and simplify compliance reporting and to transform activity log data into actionable information to help prevent security breaches.

Part of the HP Secure Advantage Portfolio, the CLW collects, retains, correlates and analyzes event log data from across your infrastructure for enterprise-wide risk and compliance visibility.

HP improves that view by integrating the CLW with security solutions from our Secure Advantage partners, such as McAfee’s ePolicy Orchestrator (ePO) software, a security management platform used by many companies today. Here’s how it works:

In a two-way exchange of event log information, CLW continuously collects raw log data from a variety of McAfee solutions. In a “daily news” style, ePO requests the latest summary data from CLW, which displays reports on the ePO dashboard for ad-hoc analysis and investigation. By improving risk visibility into actual events happening on the network, such as credit card activity, the CLW can also help simplify Payment Card Industry (PCI) compliance.

By pre-integrating security solutions like these, HP helps reduce the cost and complexity of do-it-yourself integration projects, as well as the risks of security gaps.

Simplify application security

Application security isn’t just about catching security defects in the development cycle or in isolated operational areas. And, it’s not about buying multiple tools that only complicate security management for today’s web applications.

That’s why we offer the HP Assessment Management Platform (AMP), part of the HP Application Security Center portfolio, as a more integrated approach to controlling application security.

This scalable, distributed scanning and enterprise application security platform is designed to extend web application security across the complete application lifecycle, so you can better manage application security risks across the enterprise.

As a foundation for security testing and scanning throughout application development, quality assurance and pre- and post-production environments, the AMP solution can greatly increase your visibility into the state of application security at any point in time.

By integrating AMP with your overall application lifecycle management process from the start, AMP can help you identify and address risks before they impact product release schedules and costs. In the production environment, AMP can continue to help maintain security by managing and automating regular scans of your entire web application environment, as well as the web services they provide, to uncover security vulnerabilities and deliver the remediation knowledge you need to protect your organization.

As the integration point for managing application security data across the business, the AMP platform can help you discover trends, understand problems and make more informed decisions about application risks that could threaten the business. Further, an enterprise-wide view of application risks can help you set, control and mandate security policies and regulatory compliance to increase accountability.

All this can help you decrease the risk, cost and complexity involved in protecting your applications, while helping to increase your application ROI.

Take the integration advantage

Let the security experts at HP help you focus less on defending your enterprise and more on differentiating your business. With an integrated approach to security, HP Secure Advantage can help you open your business to opportunities, while you close security gaps.

Why HP for enterprise security?

  • An integrated approach to security, based on more than 50 years of experience building security into HP products and forging partnerships with leading security technology vendors

  • More than 40 years of experience delivering managed security services

  • More than 20 years experience delivering IT security consulting

  • Leadership on international security standards committees

  • A holistic, standards-based HP Information Security Services Management reference model

  • More than 3,000 security and privacy professionals worldwide

  • 4,000 ITIL-certified consultants

    HP Secure Advantage
    » Take advantage now

    See HP Secure Advantage in action
    » Watch the demo

    Start identifying your security gaps today
    Learn about HP Security and Risk Management Services
    Get enterprise-wide security visibility
    Read more about HP Compliance Log Warehouse
    See the flash demo
    HP and McAfee: Transforming Enterprise Security
    Watch the video
    Help safeguard PCs and printers
    Learn about HP ProtectTools
    HP security solutions for imaging and printing

    Amp up your application security

    See how with HP Assessment Management Platform
    HP Application Security Center
    Join the conversation in the HP application security blog

    Printable version
    Privacy statement Using this site means you accept its terms Feedback to webmaster
    © 2012 Hewlett-Packard Development Company, L.P.