IBM Announces I/T Security Practice and Services, Including Emergency
Response Service and Global Security Analysis Lab

SOMERS, NY, June 13, 1995 . . . Leveraging over 20 years of experience in
Information Technology (I/T) security, IBM today announced the formation
of its I/T Security Consulting practice and services. The practice
includes a security analysis lab, where consultants offer to infiltrate
customers' networks to assess vulnerability and recommend improvements on
maintaining enterprise integrity.

The announcement complements an array of I/T and Internet security product
and service announcements from IBM, including IBM Internet Connection
secure Web browsers and servers; an anti- virus service; the IBM I/T
Security home page; and a new edition of the preeminent security
architecture book of the I/T security industry.

"As networks have become more critical to the lifeline of businesses,
security has become a more important focus to our customers," said Kathy
Kincaid, director, I/T Security Programs. "IBM has over 20 years of
experience in providing world-class solutions for protecting the global
enterprise. Today's announcements are significant additions to IBM's
ability to protect our customers' most valuable assets."

I/T Security Consulting Practice and Services

The new suite of capabilities offered by I/T Security Consulting is
designed to help customers assess, manage, contain and thwart potential
system and network security problems for businesses. The security
capabilities and services include:

     - Management Systems Consulting to provide security health
     checks, assess security exposures and business risks, reengineer
     policies and processes, and design comprehensive security
     architectures;

     -  An Emergency Response Service for commercial business
     that provides preventive and emergency response to
     network infiltration;

     -  A Global Security Analysis Lab to assess the
     vulnerability of customers' networks and systems;

     -  Technology Design to tailor products such as encryption,
     digital signatures, and voice recognition to the existing
     I/T architecture;

     -  Technology Integration for actual customization and
     implementation of firewalls, information filters, and
     software conversions;

     -  Anti-Virus services for comprehensive virus detection and
     disinfection.

"Securing a company's information and technology assets is fundamental to
protecting its business," said Elisabeth Meriam, vice president, I/T
Consulting, IBM Consulting Group. "A company's use of new technologies,
such as open and shared networks, electronic commerce, and networked
computing, forces a new level of complexity on security management. It is
imperative that processes and technologies keep pace. IBM's I/T Security
Consulting practice is positioned to assist our clients in meeting this
challenge."

The first phase of consultation begins with a Security Health Check to
establish the nature and severity of security risks, and the cost of
exposure to compromised information assets. Types of hazards include
inaccessible information, information falling into the wrong hands, and
wrong information being used to make decisions.

After identifying critical information assets, and documenting the usage of
critical information and its location within the enterprise, IBM
consultants will work with customers to establish which information
requires protection, the types of security needed, how and where critical
information is used, and the owners of sensitive materials.

The second phase of consultation determines how information assets should
be protected. Management philosophy and assessment results act as guides
to modify or create enterprise-wide security policies and procedures. The
customized recommendation serves to address and protect information
systems, networks, physical assets, intellectual assets and personnel.
Recommendations are also made for security products and tools.

The third phase compares current security procedures to the recommended
security processes. Gaps are identified and recommendations are made on
closing these gaps and providing comprehensive security management. IBM
consultants offer overall project and transition management during this
phase.

In the fourth phase, the customer's security architecture is created or
modified to improve overall effectiveness and safety. The security
architecture can include product selection for Internet security,
electronic commerce and I/T systems and networks. This integration of
firewalls, information filters and customized hardware, software and
service solutions into the established system architecture provides a
common security framework across an organization. IBM's consultants manage
migrations and conversions to the system during this phase.

Emergency Response Team to the Rescue

Once a customer has implemented a network security solution, the system
needs to be maintained and tested regularly. In response to concerns about
network infiltrations, IBM has established an Emergency Response Service
for commercial business, chartered to provide swift, expert incident
management skills to clients during and after electronic security
emergencies. As part of IBM's services, the emergency response team
specializes in electronic disasters that affect data processing
capabilities, and is available to customers on a subscription basis.

This global service periodically checks customers' networks and can act as
an extension of clients' I/T staffs. IBM team members, who have extensive
incident management experience, develop an understanding of customers'
networks and system architectures, as well as how their firewalls are
configured and maintained. In the event of a break-in, the team helps
customers detect, isolate, contain and recover from unauthorized network
infiltration. They are on call 24 hours a day, seven days a week around
the world.

Level One, the first line of defense, is executed by IBM help desks and
control centers. Team members access an established IBM technical support
repository on problematic network interruptions, viruses and intrusions
that have occurred. Level One ascertains whether the customer is
experiencing a network, application, or communications problem. If a
customer's circumstance matches the profile of an incident in the IBM
database, Level One will advise callers how to alleviate the problem.
Should callers report that a system has been compromised, and there is no
match to prior incidents, they are referred to Level Two.

Level Two is a response to complicated breaches of security. Experts on
network hacking detect, isolate, contain and recover from problems.
Specific and detailed assistance is given to immediately stop or control
network break-ins. An example of a response might be to take afflicted
servers offline or modify gateway filtering. In the most critical
situations, clients are referred to Level Three.

Level Three, the last level of defense, is comprised of IBM's leading
experts in security and viruses. They are chartered to respond to the most
extreme cases of intrusion. Levels Two and Three also work closely with
the Global Security Analysis Lab to attack the integrity of customers'
networks to identify and repair weak links in the infrastructure.

The Global Security Analysis Lab

IBM is forming the Global Security Analysis Lab to build world-class
network and system security tools, and to provide assistance in the most
severe cases of infiltration. Based in IBM's Research labs in New York and
Zurich, these experts research advanced hacker techniques for the
Emergency Response team and develop security models that will enhance
IBM's security offerings and provide state-of-the-art solutions to
customers.

IBM experts also conduct preventive threat analysis for customers. Under
client authorization, IBM consultants will use the latest techniques to
attempt to crack customers' network connections via installed Internet
firewalls and connections to gain access to internal networks and systems.
Known hacking techniques will be utilized, as well as those acquired from
actual incidents, to probe for weak links in the system architecture.
Infiltration tests will be documented with weaknesses defined, and
recommendations on improving security will be made. Further infiltration
of host systems can be attempted as part of this service.

Anti-Virus Software and Services

IBM introduced a subscription-based anti-virus service for customers. IBM's
anti-virus software products will be available on the Internet via IBM's
AntiVirus home page and will include updated software and subscription
services for customers. The IBM AntiVirus home page is located at
http://www.brs.ibm.com/ibmav.html.

Currently, IBM AntiVirus software provides comprehensive virus detection
for over 6,000 known computer viruses. Available on DOS*, Windows*, OS/2
and NetWare, it is part of IBM's long-term I/T security commitment.
Developed at IBM's T.J. Watson Research center, these world-class
technologies will become continually more important to networks as new
viruses are developed daily, threatening to destroy information that is
unprotected.

New Resources for the I/T Security Manager

IBM also unveiled its I/T Security home page, located at
http://www.ibm.com/Security. The home page provides a range of valuable
information services on I/T security, including offerings on protecting
the enterprise, news on security issues, information on computer viruses,
and more.

Another resource for the I/T security manager is the latest edition of a
book called Securing the Open Client/Server Distributed Enterprise.
Originally published by IBM in 1993, the book quickly became known as the
authoritative security architecture manual of the industry, and a major
resource that enterprises have consulted for building integrity into their
I/T systems. The newest edition has been updated and extended to include
information on security pertaining to the Internet and the World Wide Web
(WWW).

Secure Web Servers and Browsers

Anchoring IBM's portfolio of security products and services are the IBM
Internet Connection secure Web browsers and servers for the OS/2 and AIX
platforms. They will offer customers security capabilities using the
industry standard protocols Secure HyperText Transfer Protocol (S-HTTP)
and Secure Sockets Layer (SSL). IBM Internet Connection Secure Server
provides several security methods for conducting commerce over the
Internet, including public key technology, data encryption and digital
signatures.

Today's announcements complement a wide range of I/T security offerings
already available from IBM -- from encryption hardware and software,
access control products, firewalls and security management and
administration, to DCE security services, IBM Global Network security
services and implementation services. Additional information on these
offerings can be found through the IBM I/T Security home page, accessible
through the IBM home page.

IBM's security products support the security component of the Open
Blueprint. A white paper with information about security in the Open
Blueprint will be available on June 16, 1995 on the Internet at URL
http://www.torolab.ibm.com/openblue/openblue.html as well as the newest
version of the Introduction to the Open Blueprint: A Guide to Distributed
Computing.

For more information about I/T security, and other products and services
from IBM, see the IBM home page on the World Wide Web, located at
http://www.ibm.com.

 ============================================================
 From the  'New Product News'  Electronic News Service on....
 AOL (Keyword = New Products) & Delphi (GO COMPUTING PRODUCT)
 ============================================================
 This information was processed from data provided by the 
 company or author mentioned. For additional details, please 
 contact them directly at the address/phone number indicated.
 All trademarks are the property of their respective owners.
 ============================================================
 All submissions for this service should be addressed to:
 BAKER ENTERPRISES,  20 Ferro Dr,  Sewell, NJ  08080  U.S.A.
 Email: RBakerPC (AOL/Delphi), rbakerpc@delphi.com (Internet)
 ============================================================
