HP helps clients manage security operations

New services optimise IT investment decisions, balance security risks and costs.

Johannesburg, 15 Sep 2011

HP today announced new services that will help clients manage their security environments, and drive security transformation programs with flexible sourcing models.

Many enterprises are struggling with a siloed approach to IT management, which includes security operations and controls. This limited view across the security environment increases the threat of viruses, and makes it difficult to measure the value of security initiatives aligned to business strategy.

HP Information Security Management (ISM) offers a combination of people, processes, methodologies and tools to manage security policies and processes.

This comprehensive approach helps to facilitate IT investment decisions and minimise risks. In conjunction with HP Labs, the company's central research facility, HP ISM incorporates advanced modelling techniques that drive rigorous, tested security strategies to improve a client's overall security position.

“As the number of threats to infrastructure and applications continues to increase, organisations need to have a robust information security program in place that helps CIOs make the right decisions regarding investments in security controls,” said Ashton Steyn, Chief Technology Officer and Alliance Executive, Enterprise Services South Africa.

“We put all of the security information our clients need right at their fingertips, so they can react instantly as their organisations evolve.”

Security information management

HP ISM integrated services support the development and management of a transparent security infrastructure that enables clients to improve operational efficiencies and reduce costs.

HP ISM leverages HP Secure Boardroom, which delivers a comprehensive view of the overall security environment, including details of specific security controls, via an online portal. Greater insight and actionable information enables executives and CIOs to rapidly develop effective enterprise security strategies that are aligned to reducing business risk.

Providing a holistic view of security functions, coupled with consolidated compliance information across operational IT services, suppliers and infrastructure, HP Secure Boardroom streamlines information security management.

Security event management

Cyber attacks grow more frequent and complex each day, generating vast amounts of potentially harmful data across networks, servers and other devices.

HP Security Information and Event Management (SIEM) services use advanced technologies in the newly announced HP ArcSight Express 3.0 to rapidly collect, log, sort and filter relevant security events, enabling clients to identify and protect systems against threats.

HP SIEM services also generate predefined reports, enabling clients to demonstrate compliance with policies and regulations.

HP Enterprise Cloud Service (ECS) - End Point Threat Management protects desktops, laptops and servers against viruses, malware, spyware and intrusions.

Available as a pay-per-use model, it uses current, centrally managed virus and malware definitions to block unauthorised communication and prevent installation of unwanted programs. The service requires no software or hardware investments, and can be easily tailored to a client's existing security policy for rapid return on investment.

Application security management

Many companies focus on protecting their networks, infrastructure and data centres with physical security and firewalls. However, an application that sits behind the corporate firewall in a secure data centre is still not safe from attacks.

New research conducted on behalf of HP demonstrates that executives rank applications as the third most dangerous vulnerability to their organisations, behind platform and network vulnerabilities (1).

HP Application Security Testing-as-a-Service combines HP's security testing expertise with software tools, processes and best practices to identify and close security vulnerabilities in the application layer. Code scanning and Web penetration services are delivered using HP Fortify Static Code Analyser and HP WebInspect, key components of the new HP Fortify Software Security Centre suite.

The as a service model reduces risk, time and investment needed to deliver software security assurance.

More information about HP's full enterprise security capabilities is available at

HP's premier client event, HP DISCOVER, takes place from 29 November to 1 December, in Vienna, Austria. The event showcases how organisations can get started on their Instant-On Enterprise journeys.



HP creates new possibilities for technology to have a meaningful impact on people, businesses, governments and society. The world's largest technology company, HP brings together a portfolio that spans printing, personal computing, software, services and IT infrastructure at the convergence of the cloud and connectivity, creating seamless, secure, context-aware experiences for a connected world. More information about HP (NYSE: HPQ) is available at

(1) “HP Research: Enterprise Risk, “Coleman Parkes Research Ltd., July 2011

This news advisory contains forward-looking statements that involve risks, uncertainties and assumptions. If such risks or uncertainties materialise or such assumptions prove incorrect, the results of HP and its consolidated subsidiaries could differ materially from those expressed or implied by such forward-looking statements and assumptions. All statements other than statements of historical fact are statements that could be deemed forward-looking statements, including but not limited to statements of the plans, strategies and objectives of management for future operations; any statements concerning expected development, performance or market share relating to products and services; any statements regarding anticipated operational and financial results; any statements of expectation or belief; and any statements of assumptions underlying any of the foregoing. Risks, uncertainties and assumptions include macroeconomic and geopolitical trends and events; the competitive pressures faced by HP's businesses; the development and transition of new products and services (and the enhancement of existing products and services) to meet customer needs and respond to emerging technological trends; the execution and performance of contracts by HP and its customers, suppliers and partners; the achievement of expected operational and financial results; and other risks that are described in HP's Quarterly Report on Form 10-Q for the fiscal quarter ended April 30, 2011 and HP's other filings with the Securities and Exchange Commission, including but not limited to HP's Annual Report on Form 10-K for the fiscal year ended October 31, 2010. HP assumes no obligation and does not intend to update these forward-looking statements.

(c) 2011 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. The only warranties for HP products and services are set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty. HP shall not be liable for technical or editorial errors or omissions contained herein.

Editorial contacts