The PC business at Hewlett-Packard Co. (NYSE: HPQ) might not know where it's headed, but the enterprise business does. HP wants to provide an end-to-end security framework built around filling the gaps between existing security solutions.
HP Enterprise Security Solutions rolled out more than a dozen products and services Monday targeting threats and potential liabilities resulting from the rise of mobile services, cloud computing, and social media. (See: Is Social Networking Increasing Cyberthreats?)
"Some of these are products, and some are services related to the cloud," Rebecca Lawson, director of worldwide cloud service initiatives for HP, said in a phone interview. "What we have done is recast our portfolio into a framework that eases customers' posture from what it is today to where they need to go."
HP research finds that companies are becoming more vulnerable to hackers as they expand their horizons through mobile applications and social networking.
"What we are seeing in both our internal and third-party research is the current approach to security is not working well," Lawson said. "Mobility and the enterprise are coalescing and causing a lot of vulnerabilities that are being managed through a patchwork of legacy systems. Most enterprises have been adding security measures as an afterthought. Hackers are smart, and they know how to exploit the fact that many products and systems were not designed to work together. So our portfolio has been designed to help solve those problems."
HP has pulled together the capabilities of its ArcSight, Fortify, and TippingPoint businesses as the foundation of a unified approach to enterprise security. Within big organizations, security systems have evolved into disparate silos that address the specific needs within a division -- finance may focus on transactional security, while operations focuses on facilities management. "When we take executives from across all disciplines and put them in one room, they all have the same problem, but no driver that helps them plot a roadmap to create an end-to-end plan for securing all information assets," Lawson says.
HP's Enterprise Security Discovery Workshop (PDF) brings executives together to identify such gaps, she said. "All these companies have a lot of security, but they don't think about whether there are holes between the systems. We help them take what they have and make it work together."
Though EDI systems are not specifically targeted in the latest rollout, HP provides products and services such as encrypted key management. Industry experts expect the supply chain to increasingly move functions such as EDI to the cloud as a low-cost alternative to these largely proprietary protocols. (See: Managing Business Relationships in the Cloud.)
Lawson says companies must take the view that every external link contributes to or detracts from the overall security of the enterprise. "It's all about raising the awareness that the technology is there. It's putting the right things in place, plugging security holes, and making the right security decisions."