HP verknüpft Wissenschaft und Technologie zur Sicherheit im Internet miteinander

Moderne Sicherheitsbedrohungen sind so ausgeklügelt wie nie zuvor. Barrieren einzurichten und auf unbefugte Zugriffe zu reagieren, reicht nicht mehr aus, um kritische Systeme, Daten und Assets zu schützen.

HP verknüpft Wissenschaft und Technologie zur Sicherheit im Internet mit erstklassigen Services, Produkten und Lösungen. Wir bauen von Anfang Sicherheitsfunktionen ein, damit unsere Services nicht nur die Anforderungen der Kunden aus staatlichen Behörden im Hinblick auf moderne IT erfüllen, sondern diese auch beim Schutz ihrer Geschäftstätigkeit unterstützen.

Unser umfassendes und integriertes Konzept für die Sicherheit im Internet bietet Folgendes:

  • Agilität bei Steuerung und Kontrolle
  • Umfassende, automatisierte, situationsbezogene Erkenntnisse
  • Vorsprung vor potenziellen Eindringlingen
  • Unterstützung beim Erreichen der gesetzten Ziele

Unser Fokus liegt auf der Bereitstellung herausragender Serviceleistungen. Wir können dadurch Kunden in staatlichen Behörden und in Branchen mit sehr komplexen Umgebungen und kritischen Infrastrukturen hohe Sicherheitsanforderungen weltweit bieten.


Sicherheitsbedrohungen aus dem Internet sind real und nehmen zu
Die heutigen Versuche, in die Infrastruktur Ihres Unternehmens einzudringen, zeichnen sich durch ein höheres Maß an Raffinesse, Agilität, Komplexität und Koordination aus.

Mithilfe solch hochentwickelter und hartnäckiger Hackerangriffe, die häufig von kriminellen oder staatlicherseits mit Sanktionen belegten Unternehmen unterstützt und finanziert werden, sollen Ihre Informationen beschädigt, getrennt, gelöscht und gestohlen werden. Das Ziel ist, dass Sie Ihre Geschäftstätigkeit nicht mehr durchführen können.

Mit HP als strategischem Partner können Sie Risiken identifizieren und kontrollieren. Sie sind neuen Sicherheitsbedrohungen daher immer einen Schritt voraus.


Das HP Cybersecurity Services Framework
HP bietet eine Reihe von Services, die auf die IT-Sicherheitsanforderungen unserer Kunden im öffentlichen Sektor zugeschnitten sind – z. B. durch Unterstützung bei Konzeption, Implementierung oder Wartung der eigenen Sicherheitsumgebung, beim Outtasking bestimmter Funktionen für das Sicherheitsmanagement oder beim vollständigen Outsourcing der IT-Umgebung.


Application Security Services for U.S. Public Sector

Why is applications security important? Quite simply, because the applications layer is one of the weakest points in our security structure today. More than 70% of successful attacks happen in the applications environment. The blurring of the boundary between work and personal devices, and the citizens’ demand for ubiquitous services, is rapidly expanding the applications that public sector organizations must secure. And governments must still deliver services from old applications that were not designed for this new threat environment while adding new applications that put a premium on the users’ experience over security. Under these new threat and user profiles, public sector organizations need to rethink how they address applications security.

HP Applications Security services help clients improve software assurance by bridging the gap between traditional application development processes and modern security measures. We provide a full suite of applications security services including application testing—with security code review, vulnerability assessment and penetration testing, security consulting services and our Comprehensive Applications Security Analysis (CATA), which provides the ability to design security resilience into the applications architecture.

Gain the following from HP applications Security services:

  • Reduction in breaches and the costs associated with post-incident investigations and mitigation activities
  • Comprehensive services to secure your applications throughout their lifecycle, with a strong emphasis on proactive approaches that avoid rework cost
  • Leverage of proven expertise, security certifications, tools and techniques for securing your applications
  • Knowledge transfer from subject matter experts to provide training opportunities for your staff

Read more

HP stellt seit über 40 Jahren Lösungen für die Sicherheit im Internet bei staatlichen und kommerziellen Kunden bereit, z. B. in den Bereichen Finanzdienstleistungen, Versorgung, Transport und Gesundheitswesen. Wir haben einige der komplexesten Systemumgebungen weltweit entwickelt, integriert, betrieben und geschützt. Wir haben damit die Grundlagen dafür geschaffen, dass die Produktivität im Unternehmen sichergestellt, der Zugriff auf Informationen und deren Austausch geschützt und der Datenschutz für die Bürger gewährleistet ist.

HP Sicherheitslösungen werden mit äußerster Präzision entwickelt, damit sie Schutz vor Hackerangriffen bieten. Mithilfe unseres bewährten, integrierten Portfolios aus Sicherheitsservices für Behörden auf Bundes-, Landes- und Kommunalebene erhalten unsere Kunden die nötigen modernen, situationsbezogenen Erkenntnisse, um Risiken vermeiden und die Entscheidungsfindung bei IT-Investitionen erleichtern zu können.

Wir stellen Services für zwei der umfangreichsten und komplexesten Programme für Verteidigungsinfrastrukturen auf der ganzen Welt zur Verfügung – das U.S. Navy and Marine Corps Intranet (NMCI) und die UK Defense Information Infrastructure.

Sehen Sie sich das Video an, um mehr über das NMCI zu erfahren.

HP beschäftigt über 3.000 Experten für Sicherheits- und Datenschutzservices und bietet ein flexibel einsetzbares Sicherheitskonzept. Auf dieser Grundlage können wir Ihr Unternehmen bei der Umstellung von einem traditionellen, perimeterorientierten Schutz vor Sicherheitsbedrohungen und einem traditionellen Konzept zur Einhaltung regulatorischer Bestimmungen auf eine Systemumgebung unterstützen, die automatisiertes Risikomanagement und den sicheren Austausch kritischer Informationen ermöglicht.


Continuous Monitoring for U.S. Public Sector

Continuous Monitoring (CM) enables agencies to constantly assess their IT security risk posture from all levels of the organization. It provides current security and compliance insights in real-time, to help improve security situational awareness and make cost-effective risk-based decisions.


Maintain situational awareness during inevitable changes

The objective of Continuous Monitoring (CM) is to determine if the required architectural security control, implemented within your information systems, remains effective over time despite inevitable environmental and operational changes. Maintaining visibility into your hardware, software, firmware and threat space is increasingly important as operations continue to evolve. When CM is integrated along with policies and processes, you have a much stronger overall risk management process.

Agencies are responsible for implementing and maintaining individual Information Assurance (IA) programs to assess organizational compliance with laws, regulations, policies, etc. Until recently, these IA programs were based upon periodic checklists – a snapshot in time of your organization’s security posture. In today’s advanced persistent threat environment, this manual approach to compliance reporting does not meet senior leadership needs for timely, decision-quality information.

Today, with a CM service replacing the traditional checklist-based IA approach, you receive:

  • Continuous feedback on the effectiveness of your risk management activities and responses
  • Real-time identification of changes to your information systems and operational environments, and the correlation between those changes and how they affect your risk tolerance
  • Verification of compliance to legislation, executive orders, directives, policies and standards & guidelines
  • Reduced costs with system and application maintenance

Read more


Data Center Security for U.S. Public Sector

Data centers are increasingly becoming vulnerable to security threats. Since government data centers house critical information, agencies must ensure a secure data center infrastructure and citizen privacy in a cost-effective manner.

HP Data Center Security offerings consist of consulting and managed security services for providing security to data center infrastructure including servers, mainframes, storage, virtualized environments, and cloud computing environments. We help government agencies by strategizing cloud computing solutions that have solid value and can provide information security in line with organizational requirements.

With HP Data Center Security services, you can:

  • rotect intellectual property, private data, and your reputation
  • Avoid huge data breach costs
  • Lower deployment risk and costs
  • Minimize security vulnerabilities resulting from super user accounts, password settings, missing patches, incorrect configurations, and other potential vulnerabilities
  • Securely take advantage of cost and flexibility advantages of cloud computing

Read more


Data and Content Security Services for U.S. Public Sector

Federal, state, and local agencies are faced with increased government and industry cybersecurity regulations, increased cost of proving compliance with these regulations, and a lack of control and visibility of critical information.

Agencies increasingly depend on data and content security to:

  • Secure enterprise and client data
  • Avoid huge data breach costs
  • Prevent unauthorized viewing or alteration of critical, sensitive data
  • Avoid reception or distribution of inappropriate or dangerous data

HP Data and Content Security Services focus on encrypting data and/or filtering data content to help protect intellectual property of the government as well as its reputation. These data protection services also allow appropriate exchange of information and services internally and externally, manage and reduce complexity, and assist in demonstrating regulatory compliance while minimizing costs. Services may be delivered individually or as part of integrated solutions.


Read more


Endpoint Security Services for U.S. Public Sector

HP Endpoint Security Services assists governments to proactively avoid security incidents occurring at network endpoints such as servers, PCs, mobile devices, and printers. These services:

  • Protect against threats such as viruses, worms, malware, spyware, intrusions, malicious code, and unauthorized access
  • Ensure endpoint data loss prevention
  • Minimize the financial, operational, technical, legal, and public relations impact of a security incident
  • Use centralized configuration, standardization, and automation to replace manual security activities

HP's integrated services for endpoint network security:

  • Detect and quarantines 45 million malware annually
  • Support over two million mobile handheld subscribers

The HP endpoint security solutions include:

  • Endpoint Threat Management (EPTM)
  • Host Intrusion Detection Services/Host Intrusion Prevention Services (HIDS/HIPS)
  • System Hardening Services
  • Mobile Security Services
  • Image and Print Security Services

Read more

Endpoint Security Services - At-a-glance (PDF, 149 KB)


Identity and Access Management for U.S. Public Sector

Few challenges are more difficult for leaders in the public sector than delivering government services that rely on and are enabled by a secure environment that spans cyberspace and government facilities. Budget cuts continue and compliance regulations mount while security threats and the costs of identity fraud increase. HP can help.

HP’s Assured Identity is a highly scalable enterprise class solution that provides a comprehensive approach to the critical identity, credentialing and access management challenges facing its public sector clients. We bring deep experience in implementing identity management solutions in U.S. public sector organizations. We can integrate Assured Identity with your existing identity management investments and amplify the value of the services you provide to your constituents.

HP’s proven Assured Identity solution includes: Identity Management, Federation, Credential Management, Access Management and Audit and Reporting. It joins processes and technologies to assure identities—effectively and efficiently.

With HP Assured Identity, you can:

  • Improve citizen services, satisfaction levels and government responsiveness
  • Reduce costs associated with identity fraud and management of resources
  • Better protect against threats and unauthorized user access to applications, data and facilities
  • Improve efficiency of government business processes and enable sharing of resources
  • Maximize the use of resources in support of national security
  • Comply with HSPD-12, OMB M-11-11, FICAM Roadmap requirements
  • More easily meet regulations such as HIPAA

Read more


Network Security Services for U.S. Public Sector

HP offers a comprehensive suite of services that enable clients to protect sensitive network resources. These network security services deliver secure solutions—from design and deployment to monitoring and maintenance—to provide:

  • Proactive threat detection
  • Superior security analysis
  • Prioritized network operations responses
  • Data security
  • Regulatory security compliance

Our secure network services include Network Security Assessments, Network Security Services, and Managed Network Security Services.

HP has proven experience in developing and implementing network security solutions that help government agencies meet the challenges of the 21st century as we:

  • Collect, store and process 3.5 billion events daily - writing and storing over 24.7 terabytes of event data monthly
  • Secure more than 1 million applications & 2.6 billion lines of code for clients
  • Support more than 3.8 million smartcards, 1.3 million tokens, 13 certificate authorities, 59 million usernames & passwords
  • Detect and quarantine 45 million malware annually

Read more


Risk Management and Services for U.S. Public Sector

HP provides a set of security risk management and compliance services to:

  • Identify vulnerabilities and threats
  • Quantify and manage risk in line with mission objectives
  • Define appropriate security controls and governance
  • Support compliance requirements
  • Train personnel in security awareness
  • Reduce complexity
  • Minimize costs

Our risk management and compliance services:

  • Allow for prioritization of security investments based on identified risks and an organization's risk tolerance
  • Provide a basis for reducing complexity and cutting costs through integration of controls and elimination of redundant controls
  • Provide a means to redirect security and compliance investments from over-investment areas to under-investment areas
  • Ensure compliance to mandates including Sarbanes-Oxley, PCI DSS, HIPAA, Basel II, EU DPD, FISMA, and frameworks/standards such as ISO 27001/27002, CoBIT, and NIST
  • Maintain and improve risk management in the face of IT, personnel, and business process changes

Read more


Security Operations for U.S. Public Sector

HP Security Operations services help minimize government agency security vulnerabilities resulting from:

  • Super-user accounts
  • Password settings
  • Missing security patches
  • Incorrect security configurations
  • Other potential security operations vulnerabilities

Our security operations services add value to government agencies by:

  • Proactively avoiding security incidents
  • Consolidating the monitoring, logging, correlation, mitigation, reporting, and handling of security events
  • Providing a unified means of viewing and handling security
  • Managing complexity of the millions of security events occurring daily
  • Correlating events to determine issues of significance and root cause
  • Handling significant security events through a process of escalation, triage, technical assistance, and executive notification
  • Providing an archive of security events that is required for compliance and forensics

HP has more than 40 years of experience in delivering managed security services and more than 20 years of delivering IT security operations consulting.


Read more

For information on HP’s Cybersecurity Solutions for U.S. Public Sector:

A-DA-D
E-LE-L
M-RM-R
S-ZS-Z