Securing the Data Center

Download PDF
0 downloads 181 Views 225KB Size Report
Comment
specialists in charge of the data center. Lenovo® is committed to helping ... Facilities validated by a Tier 3 U.S. Cus
SECURING THE DATA CENTER AGAINST AN EVOLVING THREATSCAPE

LENOVO-OWNED MANUFACTURING Once designed and sourced, Lenovo products are manufactured by Lenovo-badged employees inside Lenovo-owned facilities.

• Facilities validated by a Tier 3 U.S. Customs and Border Patrol

Lenovo: Your Trusted Security Partner



C-TPAT certification

• Developed with code that is compiled, stored, signed, and tested

THE BIG CONCERN Technology empowers businesses to improve both the reach and impact of their work — but those rewards carry risks. More users, more information, and shifting regulatory requirements present a huge challenge to the IT specialists in charge of the data center. Lenovo® is committed to helping our customers with solutions that move their business forward while keeping users, information, and assets secure.

The average consolidated total cost of a data breach is

$3.8 million

1

BUILDING PRODUCTS AND SERVICES YOU CAN TRUST Protecting businesses against rapidly evolving security threats is about more than just the technology. Lenovo takes a comprehensive, holistic approach to security to address this through secure server and storage product development, carefully managed manufacturing, a trusted supplier list, and a responsive internal security organization.

by carefully screened Lenovo employees across U.S.-based networks and in labs secured to U.S. government standards

• Manufactured and tested inside facilities protected by state-of-the-

art physical and electronic defenses

LENOVO SECURITY OFFICE AND PRODUCT SECURITY INCIDENT RESPONSE TEAM Through our Lenovo Security Office and Product Security Incident Response Team (PSIRT), we maximize our own internal information security and focus on helping our customers manage their unique technology needs and risks. Our Chief Security Officer, Gerald R. Fralick, was hired due to his extensive experience helping leading businesses and government agencies respond to the realities of today’s cyber threats. He leads the Lenovo Security Office charged with strengthening corporate information security and compliance by:

• Ensuring policies and processes are based on prevailing

international standards, including ISO 27000 and government guidance on data security and privacy (NIST, the EU)

• Continuously monitoring and reporting on compliance

SECURE PRODUCT AND FIRMWARE DEVELOPMENT



We integrate security into product development from the start, ensuring our technology is always up to the challenge of keeping your information protected. All of our products are:

• Reporting to both Lenovo and government executives through

• Created to the highest government and industry security standards

including NIST, FIPS, TCG, and EU directives



with risk-control frameworks independent committees

Additionally, our Product Security Incident Response Team works with customers to identify potential new threats to our technology and creates response and mitigation plans.

• Made for Trusted Platform Assurance that secures from the chip level up

• Responds to incoming information about potential threats

• Developed using a Secure Firmware/Software Development

• Collaborates with customers to develop risk remediation plans



Lifecycle process

• Designed and architected in the U.S.

• Publishes and updates Lenovo Product Security Advisories

to our customers and partners

• Secured by firmware designed and embedded by U.S. engineers TRUSTED SUPPLIER LIST

THE LENOVO DIFFERENCE

We match our secure product design with certified, industry-standard components and features sourced across a trusted network of suppliers that ensures:

Optimizing your business with technology creates new opportunities and risks. Rely on Lenovo’s comprehensive solutions portfolio and data center hardware powered by Intel® Xeon® processors to bring strength and simplicity to your most important security challenges. We build for security from the ground up, giving you more ways to compute with confidence.

• All our business partners meet our high ethical and security standards

for business and are carefully audited, assessed, and managed

• Each and every component is carefully verified for quality and

then tracked in real-time across the manufacturing process

• An inherited trusted supplier list (TSL) from IBM 1. Ponemon Institute LLC. (2015). 2015 Cost of Data Breach Study: Impact of Business and Continuity Management. Web.

Intel® Inside. Powerful Solution Outside.

© 2015 Lenovo. All rights reserved. Lenovo is not responsible for photographic or typographic errors. Lenovo and the Lenovo logo are trademarks or registered trademarks of Lenovo. Intel, the Intel Logo, and Xeon are trademarks of Intel Corporation in the U.S. and/or other countries. All other trademarks are the property of their respective owners. Version 1.00, December 2015

For more information on Lenovo security contact your Lenovo business partner.