IBM software bundle targets retail theft, data breaches

IBM is targeting retail security with a package of software and services designed to prevent physical loss of merchandise, protect against electronic threats and comply with credit card industry regulations.

SecureStore, announced Wednesday, combines surveillance and RFID systems with software that protects online and in-store transactions, as well as software that protects databases and applications from network-based threats, IBM said. While SecureStore mainly consists of pre-released products from IBM divisions such as Internet Security Systems (ISS), Tivoli and Rational, Big Blue’s Val Rahmani says it is unique in that it brings together products from various parts of IBM to address one industry segment, and re-architects the products so they fit together and are optimized for retail.

“Retail is at the forefront of all the breaches,” Rahmani, general manger of ISS, said at an IBM security event in Boston Wednesday.

IBM also used the event to pitch its identity management software to HP customers. HP this year said it will stop selling identity management products to new customers and struck a deal with Novell to migrate its customers to Novell’s identity and security management products. Now IBM is trying to grab some of that business by offering migration services and “competitive migration pricing” for HP customers who switch to IBM software such as Tivoli Identity Manager and Tivoli Access Manager.

IBM officials also spoke about how they are embedding security into products across the company’s software lines. Rather than selling only separate security products, the idea is to build antivirus, firewall, identity management and other types of features into products like Lotus Notes, WebSphere and Enterprise Content Management, said IBM software chief Steve Mills.

“The ingredient of security is essential to all the technologies we deliver,” Mills said. “Thousands of IBM programmers are working on a lot of [security] features across our portfolio.”

With SecureStore, Rahmani said IBM is responding to complaints from retailers that it is difficult and costly to comply with industry regulations and prevent theft from both employees and outsiders. Through ISS, IBM is providing assessments to determine compliance with the Payment Card Industry Data Security Standard (PCI DSS).

For in-store security, IBM offers RFID systems and Smart Surveillance software that analyzes surveillance video to uncover potential theft. SecureStore brings together capabilities from ISS, Rational and Tivoli to protect database and applications from malware, viruses and other network-based threats. Finally, SecureStore offers software utilizing a service-oriented architecture to secure electronic transactions both on the Internet and inside stores, IBM said.

SecureStore is available now. The software can be purchased by itself or as part of a services engagement.