IBM Adds Security To Its IT Services Menu With ISS Buy
The deal lets IBM offer security services as part of a more complete outsourcing package.
Last week at McIntosh's, a clubby steak house popular with the executive set in Charlotte, N.C., IBM services chief Mike Daniels was looking to close a deal with a customer who has several million dollars to spend. In addition to footing the bill for a couple of prime filets, Daniels was able to throw in an appetizer--earlier in the day, he signed off on an agreement to acquire Internet Security Systems for $1.3 billion, adding an enticing range of new security offerings to his own menu of tech services.
ISS is largely a software company, but it's moving into IBM's $47 billion Global Services division, not the software group. That's because IBM wants to sell middleware that keeps finicky business apps like those from Oracle and Siebel running smoothly, and it also wants to operate, host, and maintain that middleware for customers. IBM's betting that adding a layer of security services will make its outsourcing offerings more appealing.
Libenson looks to unload some work.
Photo by James Leynese
Ingersoll-Rand CIO Barry Libenson, Daniels' dining companion that evening, says he just might go for it. The company, which makes Bobcat construction vehicles and other industrial equipment, pays a small staff to do nothing but monitor its networks for signs of hackers, worms, and other threats. Turning the job over to IBM would cut labor costs and provide access to top-notch pros that Libenson says are in short supply. Part of Daniels' pitch between courses: "We'd have the guys that created the technology managing it and running it on our behalf," Libenson says.
ISS's offerings include its Proventia network protection software and RealSecure server security system. IBM says the products complement its Tivoli security and infrastructure management products, which focus primarily on end-point security such as user authentication. IBM hasn't decided whether it will continue to sell ISS's security software and appliances as standalone products carrying the ISS brand.
Most big security vendors offer standalone products that lack a strong services component. They could take a hit if customers decide they'd rather let IBM monitor and defend their networks. Given the growing complexity of the threats, there's a good chance the market will turn in that direction, says Jon Oltsik, an analyst at the Enterprise Strategy Group. "Companies are looking to outsource security, and it's just the tip of the iceberg," he says. And specialized sellers of managed security services also could find themselves outflanked because they lack IBM's full range of IT services offerings. Few businesses want a different outsourcer for each task.
Ingersoll-Rand protects its networks with technology from Cisco Systems that it maintains in-house. But Libenson is intrigued by IBM's plans for security services. "It would be nice not to have to have five guys on staff for that and have security be a component of our broader outsourcing relationships," he says.
Through a spate of recent acquisitions and internal development, IBM is compiling a stable of software that it plans to use to automate and remotely manage many mundane but vital IT tasks--network monitoring, server administration, desktop provisioning, and the like--that keep many tech staffers busy and cost businesses millions in overhead and salaries.
It's a services push, but IBM's software unit is a key part of the plan. For years, the group has existed as a silo within the company, churning out products primarily designed for customers to buy and use in-house. Now its focus has shifted to building systems that can be deployed as a service, on demand and remotely manageable. "They're doing a lot of things that traditionally would have been implemented as software by the customer and moving it to an on-demand type service," says Cindy Shaw, an analyst at investment bank Moors & Cabot.
To that end, IBM is designing more of its software with a services environment in mind. "The services business is solving problems for customers and they're using our software assets to do that," says Deborah Magid, director of strategy for IBM's venture capital group. "There's a lot more cross-talk" between IBM groups, she says.
Software that automates processes and is delivered as a service sounds simple, but IBM says the market for such "information on demand" technology will reach $69 billion by 2009. Security will be a big part of that.
[Interop ITX 2017] State Of DevOps ReportThe DevOps movement brings application development and infrastructure operations together to increase efficiency and deploy applications more quickly. But embracing DevOps means making significant cultural, organizational, and technological changes. This research report will examine how and why IT organizations are adopting DevOps methodologies, the effects on their staff and processes, and the tools they are utilizing for the best results.
Digital Transformation Myths & TruthsTransformation is on every IT organization's to-do list, but effectively transforming IT means a major shift in technology as well as business models and culture. In this IT Trend Report, we examine some of the misconceptions of digital transformation and look at steps you can take to succeed technically and culturally.