Systems Management

1
Systems Management
Luke Simmons Luke.Simmons_at_us.ibm.com
2
What is Systems Management?

• Enablement software for Business Applications.
• (It is the Business Application for the IT
  Business Unit)
• Mitigates Risk and increases resource
  availability.
• Processes as well as tools.

The Business Application for IT
3
Systems Management Functions

• Performance Availability
• Business success dependent on IT availability
• Integrated best practices for rapid ROI
• Improve ROI with predictive service level
  management

• Change Configuration Management
• Life Cycle management
• Reduce costs
• Gain automated control
• Improve efficiencies

BusinessImpactManagement
Performance Availability
Change Configuration
Core Services
Security
Storage

• Storage
• Continuance through policy-based automation
• Backup recover information assets
• Enhance business continuity
• Accelerate ROI
• Simplify storage management

• Security
• Align e-business
• and security
• Mitigate risks
• Consistently enforce policies
• Reduce administration costs

4
Performance Availability Concerns

• Growth in the number of managed resources.
• Vs. relative stability of IT Staffing and
  Budgets.
• Complexity of large business applications.
• Visibility and Cost.
• Web-based Applications
• Problems affect REAL customers.
• Increasing Importance of IT to the Business.
• Meeting Service Level Agreements.

5
Goal Show Impact to Business Owners
6
Monitoring e-business Resources

• Identify, localize, and cure at the resource
  level
• Health console shows status of each resource
• Automate corrective actions at the source of the
  problem
• Notify central operations as needed
• Increase the availability of e-business
  infrastructure

7
Management Layers
Business Impact Management cross discipline
analysis, predict, optimize, analyze, account,
report

• Top Level Shows Overall Impact in the context of
  a business application.
• The bottom layer collects the data and takes
  automated action.
• The Middle Layer has the intelligence to take
  action based on multiple events.

Event Correlation and Automation Cross system
domain root cause analysis
Monitor Systems and Applications Discover,
collect metrics, probe (e.g. user experience),
perform local analysis, filter, concentrate,
determine root cause, take automated action
8
The Security Landscape

• Automated Identity Management
• Consistent Access Control
• Privacy Policy Enforcement
• Security Impact Management

9
Two Questions
Do you know who has access to what systems in
your organization?
How long does it take you to find this out?
10
The Problem Space
11
Manual Provisioning

• Today most organizations use manual processes to
  provision user access rights

New Users

• There are many barriers to successful
  provisioning

12
Automated Identity Management

• Automatically provision of user access rights
• Enable user self-service password management
• Delegate administrative responsibility as needed
• Automate identity change management and approval
  process

Automated approval workflow
Change/Suspend
Security Admin
Delegate to local administration
Identity Manager
Collect/Detect Local Changes
Sources of User Information
!
13
Access Management Enables Web Initiatives

• Authenticates Users
• Authorizes Access to Secured Resources
• Provides Single Sign On (SSO) to multiple
  business applications.
• Eliminates Application Specific security models
• Faster deployment and increased revenue

Log-in request
Access Management
Users (inc. wireless)
User authenticated and authorized
14
Security Impact Management
15
July 6, 2002 Free Prozac in the Junk Mail Draws
a Lawsuit By Adam Liptak FORT LAUDERDALE, Fla.,
July 3 The unsolicited Prozac arrived in a
hand-addressed manila envelope. It came from a
Walgreens drugstore not far from here, and there
was a "Dear Patient" form letter inside.
Eckerd Reaches Settlement Over Its Marketing
Practices Dow Jones Newswires Updated July 10,
2002 J.C. Penney Co.'s Eckerd division agreed to
change its marketing policy in a settlement with
the Florida attorney general's office over
complaints that the drugstore chain had violated
patient-privacy laws.
16
Privacy Management Issues

• Manage and Audit privacy policy compliance
• Enforce privacy policies consistently
• Business Drivers
• Lower operational cost through automation
• Comply with Business Policy for auditing purposes
• Maintain customer base and reputation
• Regulation
• Privacy Policy Compliance Audit

• California county opts-in for tougher privacy law
• AUGUST 16, 2002
• WASHINGTON -- In what may be more evidence of
  an emerging national backlash against "opt-out"
  financial privacy laws, California's San Mateo
  County this month approved a law requiring banks
  to get customer permission before sharing their
  data with third parties.
• The federal Gramm-Leach-Bliley law allows
  financial services groups to share customer data
  unless the customer says no. But the law allowed
  states to seta tougher standard, by first
  requiring customer consent or "opt-in." And
  that's what's been happening in other locales. In
  June, voters in North Dakota overwhelmingly voted
  to tighten financial privacy laws. Vermont
  officials have imposed similar restrictions.

17
Privacy Flow
Data Store
18
Widgets.com Privacy Policy
19
Break Down the Policy Into Key Concepts
From the human-readable policy, start identifying
the Groups, Purposes and PII types
Sharing of information with third-parties
Partners When you buy something from us we may
share your name and mailing address with a few
carefully selected marketing partners, except for
our customers who reside in the states of Vermont
and California. When you place your order you
will be given a clearly labeled opportunity to
opt out of sharing this information. We will
never share any telephone numbers, e-mail
addresses, or financial information you have
given us with any marketing partners. Credit
card companies and Shippers When you buy
something from us we send your credit card
information, name, billing address, and the
amount of your purchase to your credit card
company to verify and authorize your purchase.
Your name, telephone number, and shipping
information must be provided to third party
shippers to deliver your purchase.
In this policy, the Groups are given in
generalized terms, as us and we.
20
Creating Policy Rules From the Key Concepts
After identifying the basic pieces of the policy
statements, we can start to form the policy
statements. We can break the text down into 3-4
policy statements that need to be a part of the
privacy policy we want to implement into Privacy
Manager.
Widget's Billing Department will use credit card
and address information to charge your credit
card for the purchases you made. Widget's
Shipping Department will use your address
information to ship your order. If you opt-in,
Widget's Shipping Department will use your e-mail
address to notify you of your order's shipment
status. Widget's Marketing Department will share
your name and mailing address with selected
marketing partners unless you opt out or if you
live in Vermont or California.
Were now ready to build the policy in Privacy
Manager.. Note EPA Privacy Agreements
Framework can be used to generate these rules as
well.
21
Thank You!Questions?
22
Industry Standard Definition

• Information Technology Information Library (ITIL)
• Defines Systems Management as a set of
  Deliverable Services
• For more information see
• http//www.itil.co.uk

23
ITIL/ITSM Descriptions

• Service Delivery
• Availability Management - Design, implement,
  manage and optimize the availability and use of
  IT services by customers in accordance with
  levels defined and authorized within Service
  level agreements.
• Capacity Management - Ensure IT has sufficient
  resources to meet the defined service
  requirements of the business user community, now
  and in the future, at an optimal an agreed cost.
• Continuity Management - Ensure the continuance of
  defined business operations by minimizing the
  effects of unexpected disruption to, or stoppage
  of IT services.
• Financial Management - Ensure the balance between
  capacity and cost is maintained by identifying
  all costs necessary to provide services to the
  business, and establish a fair means by which an
  agreed percentage is recovered.
• Service Level Management - Negotiation,
  definition, agreement and management of the
  quality, quantity and cost of information
  services in terms understood by the customer and
  measurable by the provider.
• Service Support
• Change Management - Manage the cost effective
  implementation, with minimum risk, of approved
  changes to IT infrastructure components that
  support IT services.
• Configuration Management - Identification,
  control, status accounting, relationship
  management and verification of IT infrastructure
  components.
• Release Management  - Plan, design, build,
  configure and test a release consisting of
  related changes to hardware and software
  components to the production environment in a
  risk free manner.
• Incident Management - Ensure the continuity of
  services by resolving incidents as soon as
  possible, while being the main contact point for
  all questions, complaints or remarks regarding IT
  services.
• Problem Management - Identification, management
  and elimination of problem causes, minimization
  of incidents and stabilization of IT services.

http//www.itil.co.uk/
24
Measurable Productivity Improvements
Customer
Large Financial Services Provider
Need

• Automate the administration of user access rights
  for 65,000 users
• Manage security of access privileges across 100s
  of systems
• Insure security policy enforced across enterprise
  in an auditable fashion for regulation compliance
• Ensure that all private data is adequately
  protected

Automated Identity Management
Solution

• Same staff now manages 3X the user population
• Centralized reporting to insure regulatory
  compliance

Result
25
Return on investment
Large Insurance Company
Customer
Bulletproof availability
Need
Solution
Performance and Availability Management

• 3.4 million ROI in eight months
• Cut outages by 31
• Cut downtime by 40
• Expect to save 40 million in five years

Results
26

Return on investment
Computer Equipment Manufacturer
Customer
Manage large, complex, distributed e-business
infrastructure
Need
Performance and Availability Management
Solution
Results

• Availability of Easy Access online business
  consumer application has increased 4, with each
  percent increase tied to almost 150 million in
  revenue

27
Predictive/proactive today
Customer
Large Consulting Company
Increased effectiveness of applications on the
web with a single sign-on across multiple Web
environments
Need
Solution
Access Management
Result

• Provides single secure sign-on functionality
• Automated identity management across legacy and
  Web environments
• Single security model for Web environments
• Reduced monthly identity administration cost by
  75K
• Reduced time to provision accounts from days to
  less than 5 minutes