Just over a month ago, IBM re-introduced a series of product and services crosscutting the Tivoli and Rational brands dealing with governance, risk, and compliance (GRC). While the initial spate of offerings, which for the most part re-badged existing products, it has one key missing piece: product that tracks compliance.
At the time, IBM stated that IT performance ranked ahead of compliance in the list of CIO concerns.
Now IBM is adding that piece. The new offering, Tivoli Compliance Insight Manager, builds around the Consul acquisition, which IBM closed in January. In essence, it takes Consul's capability for correlating user access patterns and broadening that out to cover a number of areas that Tivoli consoles monitor. It pulls data from log files without need for agents.
That covers areas like user account management, incident response, change management and others. Adapting the acquired Consul technology, which originated with retrieval of mainframe logs to discern patterns and anomalies, the tooling has been broadened to target activity distributed throughout different tiers, form network device to database, OS, applications, and control automation such as identity management systems.
Collecting the data, it is placed in a relational database and modelled using the m7 proprietary language for associating low level data with higher end service objects or events. They could routine events like password resets, which the system would analyse in aggregate to ferret out suspicious patterns that might reveal intrusions.
The initial release of Tivoli Compliance Insight Manager comes with integration hooks to identity management, access management, and the Tivoli CCMDB (change and configuration management database).
It comes with reporting capabilities, providing detailed breakdowns when a Tivoli Identity Manager or Tivoli Access Manager administrator or other privileged user changes the role or authorisation status of individual users. It reports who performed the actions and who are the users whose privileges have been changed in the system, and it comes with higher level graphical reporting tools that can ferret out longer term trends in compliance and budding anomalies.
Tivoli Compliance Insight Manager will be available globally on 6 July, 2007.
Having first announced its GRC offerings last month, we were surprised that this piece did not make the first cut. When we think compliance, our first thought is that we would want reports that illustrate if good or bad things are happening, and what is the trend.
However in the grand scheme of things, a month's delay in a rollout will make scant difference. And of course, the initial offerings targeting identity and access control compliance are likely to be the tip of the iceberg when it comes to reporting compliance.
IBM also has lots of pieces that for now provide individual slices of the picture, covering areas as varying as incident response and portfolio management.
But, as compliance is a many-splendored thing, do not expect one big picture or dashboard in the sky. But synthesising rationalized views of key performance indicators (KPIs) for compliance is likely to represent a rich opportunity for IBM Global Service engagements.