Get Ready for Syncsort's New Best-of-Breed Security Solution

Partner Update:
Introducing Assure Security
Becky Hjellming
Senior Director, Product Marketing
Jeff Uehling
Product Management Director

• Security opportunity
• Syncsort’s security strategy
• Introducing Assure Security
• Assure Security rollout plans
• Enablement resources
• Q&A
Topics for Today’s Call
2
Syncsort Confidential –
For Syncsort Staff and Partners Only

Security and Cloud computing
were reported as the top two IT
priorities for the coming year
(42% and 35%, respectively).
Security Is Our Customer’s #1 Priority
Note that respondents were asked for their top 5
priorities so figures will not total to 100%.
Security
Cloud computing
Application upgrades
High availability / disaster recovery
Hardware refresh
Data governance
IT workflow automation
Modernizing internal applications
Reduced IT spending
Big data projects
Document management
Change control
AI / machine learning
Virtualization
Mobile access
BYOD policies
Storage refresh
Expanding visibility into applications/systems across the…
Predictive analytics
Implementing IoT
Outsourcing projects
I don’t know
Other (please specify)
0% 5% 10% 15% 20% 25% 30% 35% 40% 45%
What are your organization’s top 5 overall IT priorities for the coming year?
Source: Syncsort’s IT Security Survey, 4Q2018
4

Growing Regulatory Complexity in
Top 3 Security Challenges
What are your organization’s top 3 security-related challenges?
Adoption of cloud services
Growing complexity of regulations
Insufficient IT security staffing
Increase in sophistication of attacks
Data becoming increasingly distributed
Securing data from new internal/external sources
Insufficient IT security budget
Inadequate end-user security training
Increased network complexity
Ransomware
Lack of an enterprise-wide, 360-degree view of security threats
Inadequate IT security staff training
Increase in number of attacks
Internet of Things/connected devices
Identity and access management
Inadequate tools
Threats attributed to mobile device adoption
Growth of non-sanctioned IT (Shadow IT)
Lack of management support for security efforts
Line of business owned by departments other than IT
Inadequate security-related policies
None
I don’t know
0% 5% 10% 15% 20% 25% 30%
Note that respondents were asked for their top
3 priorities so figures will not total to 100.
20% of respondents said that they
anticipate increased regulatory
complexity as a security challenge
this coming year.
17% noted an increase in
sophisticated of attacked.
5

Compliance Drives IT Security Initiatives
GDPR (General Data Protection Regulation)
HIPAA (Health Insurance Portability and Accountability Act)
SOX (Sarbanes-Oxley – including JSOX, CSOX, etc.)
PCI DSS (Payment Card Industry Data Security Standard)
NIST 800-53 (National Institute of Standards and Technology Security and Privacy Controls)
FISMA (Federal Information Security Management Act)
HITECH (Health Information Technology for Economic and Clinical Health)
STIGs (Security Technical Implementation Guides)
Basel II / Basel III (regulatory framework for banks)
GLBA (Gramm-Leach-Bliley Act)
FERPA (Family Educational Rights & Privacy Act)
23 NYCRR 500 (New York Financial Services Department Cybersecurity Regulation)
None
Don’t know
0% 5% 10% 15% 20% 25% 30% 35% 40%
What regulations must your organization adhere to? Choose all that apply.
Note this was a select all that apply question so
responses will not total to 100%.
• Organizations are subject to a
variety of regulations
• Some are subject to multiple
regulations
• GDPR is a global concern
6

Regulations Call for
Layers of Security
Sarbanes–Oxley Act
Enacted July 30, 2002
United States federal law
Sets requirements for U.S. public companies.
Certain provisions apply to private companies
Requires corporates to assess the
effectiveness of internal controls and report
this assessment annually to the SEC.
Any review of internal controls would not be
complete without addressing controls around
information security including
• Security Policy
• Security Standards
• Access and Authentication
• Network Security
• Monitoring
• Segregation of Duties
Payment Card Industry Data
Security Standard (PCI DSS)
V1 released on December 15, 2004
Information security standard for
organizations that handle branded credit
cards from the major card schemes.
Created to increase controls around
cardholder data to reduce credit card fraud.
Validation of compliance is required annually
Requires security practices including
• Firewalls
• Password security
• Cardholder data protection
• Encryption of data in motion
• Monitoring of network and data access
• Regular security testing
Health Insurance Portability
and Accountability Act
Originally enacted August 21, 1996
Establishes national standards for electronic
health care transactions and national
identifiers for providers, health insurance
plans, and employers.
Requires security practices such as
• Access control
• Electronic healthcare information
protection
• Protection of data in motion
• Monitoring of system access
• Policies for reporting breaches
7

General Data Protection
Regulation (GDPR)
Enforcement date: 25 May 2018
Regulation in European Union law on data
protection and privacy for all individuals
within the European Union (EU) and the
European Economic Area (EEA)
Applies to all organizations doing business
with EU citizens
Aims primarily to provide protection and
control over their personal data to citizens
and residents, including
• Access control
• Sensitive data protection
• Restricted user privileges
• System activity logging
• Risk assessments
New York Dept. of Financial
Services Cybersecurity Regulation
NYS 23 NYCRR 500
Enforcement date: February 15, 2018
Requires banks, insurance companies, and
other financial services institutions to
establish and maintain a cybersecurity
program designed to protect consumers
Ensures the safety and soundness of New
York State's financial services industry.
Requirements protect the confidentiality,
integrity and availability of information
systems, including
• Risk assessments
• Restricted user privileges
• Automatic logouts
• Antivirus
• Multi-factor authentication
• System activity logging
8
Regulations Call for
Layers of Security

Businesses Plan to Invest in Security
Internal staffing/skills
Compliance auditing and reporting
Malware protection
Data encryption
Virus protection
Patch management
3rd party resources/outsourcing
Configuration change management
Security training for company personnel
Identity management
Intrusion detection and prevention systems
Privileged user management
Database access logging
Secure file transfer
User authentication / two factor authentication
Encryption key management
Data change logging
SIEM solution (security information and event management…
Standardized network configurations and monitoring
Self-service password reset
Predictive analytics
AI/Machine learning
Command line control
None
Don’t know
0% 5% 10% 15% 20% 25% 30% 35% 40%
In the coming year, what security measures will your organization invest in?
Choose all that apply.
IBM i Insights
34% of respondents reported that
they will invest in Internal
staffing/skills in the coming year.
Compliance auditing & reporting and
Malware protection each received
more than 25% response.
Note this was a select all that apply question so
responses will not total to 100%.
9

Syncsort’s security survey revealed mixed results regarding companies’
security environments. Survey findings could be viewed as a glass-half-full
or half-empty scenario, depending upon your perspective.
• 85% are either very or somewhat confident in their security programs.
However, 70% are only somewhat confident or less.
• A significant number of professionals had experienced security breaches.
Many discovered them in less than a day, although some took many
months to detect.
• No breach response metrics were met by 50% of respondents.
• The majority of companies perform security audits only once per year,
although more than half of IBM i respondents audit more frequently.
• Organizations largely lean on internal staff for security and for audits.
Accordingly, many—but not all—are investing in staffing and training.
Survey Conclusions
10

• Our customers’ #1 priority is Security!
• Our customers are impacted by increasing levels of
cybersecurity regulation
• Customers need guidance on how to meet their security
and compliance goals
• Customers need more resources to held them implement
security and compliance measures
• As partners, we have the ability to sell new security
products and services!
Our Opportunity
11

Syncsort’s
Security Strategy

Current Security Brands and Products
Syncsort, through acquisition, has had 4 Security brands
• Cilasoft, Alliance (Townsend), Enforcive and Quick (Trader’s)
Across those 4 brands, we have been selling ~35 different
Security products
• Cilasoft (Controler, QJRN, EAM, RAMI, DVM, Central)
• Alliance (AES/400, Token Manager, FTP Manager, LogAgent,
2FA + 6 legacy products)
• Enforcive (SRA, Enterprise (many capabilities), Cross Platform Audit,
Cross Platform Compliance, Enforcive for Z, Password Self-Service,
AIX Security)
• Quick (Quick-CSI, Quick-Anonymizer)
Each Product, within each Brand, solves a very
unique security use case
13

Syncsort’s Security Portfolio in 2018
Syncsort Security
Cilasoft
QJRN/400
QJRN Database & QJRN System
CONTROLER
EAM
RAMi
CENTRAL
Alliance
Alliance
AES/400
Townsend’s Alliance
Key Manager
Alliance Token
Manager
Alliance
FTP Manager
Alliance
LogAgent Suite
Alliance Two Factor
Authentication
Enforcive
Enterprise Security Suite
Security Risk Assessment
Cross-Platform Audit
Cross-Platform Compliance
Password Self-Service
AIX Security
Quick
Quick-CSi
Quick-Anonymizer
Additional Alliance products
• XML/400
• CrossData/400
• Electronic Data Interchange (EDI)
• TCP Toolkit
• Serial Connect
• PGP for z
14

Introducing Assure Security
Complete IBM i Security and Compliance
Assure Security includes
• Best of breed IBM i security capabilities acquired from Cilasoft
and Townsend Security
• A common package for new installs and upgrades
• A common monitoring console with Syncsort’s HA products
• Support for UI location in English, French and Spanish
For Cilasoft and Townsend customers, Assure Security
• Is the next generation product
• Seamlessly supports current capabilities (or more)
• Makes it easier for customers to adopt
new security capabilities
15
MILESTONES
• NOW – Controlled GA
• April 8 – Marketing Launch
• May 2019 – GA (subject to change)

Enforcive Long Term Directions
Directions for Enforcive products
• Enforcive customers on maintenance continue to be fully supported
• Enforcive products keep the Enforcive branding they have today
• Incremental, customer-driven enhancements will continue to be delivered
• Unique capabilities will be added to Assure Security as appropriate over time
• The intent is to provide a seamless migration path from Enforcive into Assure Security
to keep customers whole
Position Enforcive products today for
• Active Enforcive opportunities
• New opportunities that include
• Additional licenses/features for an existing Enforcive customer
• A strong brand preference for Enforcive
• Need for a feature offered in Enforcive but not Assure Security
• Cross-platform security requirements satisfied by Enforcive
16

Enforcive and Quick Enhancements
Release Plans
• Enforcive Enterprise Security Suite (IBM i)
• ~Quarterly Service Packs
• Fixes and enhancements
• Enforcive (AIX & Cross-Platform)
• Monthly Service Packs
• Fixes and enhancements
• Alliance Products (not in Assure Security)
and Quick-CSi
• ONLY fixes or enhancements approved by PM
Enforcive
Enterprise
Security Suite
Cross-Platform
Audit
Cross-Platform
Compliance
Password
Self-Service
AIX Security
Quick
Quick-CSi
Quick-Anonymizer
17

2019 Focus Sales Play:
Sell Assure Security
Segment Security
Products sold under
this play
• Assure Security
• Assure Security bundles
• Assure Security licensed features
Description • Sell Assure Security to current customers and greenfield opportunities and as a competitive replacement
Focus Use Cases • Focus use cases are listed below. Other use cases will also be available in Assure Security to satisfy
additional customer requirements.
• Encryption of sensitive data fields (with key management by Townsend as preferred key manager)
• Access control for ensuring only authorized users can access systems and data
• Multi-factor authentication to strengthen login security
• Security auditing and monitoring of system and database activity
18

2019 Security Base Business:
Sell Products Other than Assure Security
Segment Security
Products sold under
this play
• Townsend products not yet in Assure Security (moving into Assure Security first)
• Enforcive products except Security Risk Assessment (in Assure Security)
• Quick-CSi
Description • Sell Syncsort security products that have not been released as part of Assure Security.
Notes • Examples include –
• AIX security and auditing
• Cross-platform auditing and compliance
• Quick-CSi sales to customers who need to send logs/traces to SQL Server
• Expansion of existing licenses (with Syncsort rep approval)
19

The best-of-breed brands
acquired by Syncsort
are coming together
in Assure Security!
21
Assure Security
Assure
Data Privacy
Assure Encryption
Assure Secure File
Transfer
Assure Monitoring
and Reporting
Assure Db2 Data
Monitor
Assure
Access Control
Assure System Access
Manager
Assure Elevated
Authority Manager
Assure Multi-Factor
Authentication
Security Risk
Assessment
Assure Compliance
Monitoring

Mapping to Prior Products & Packaging
22
Assure Security
NEW!
Assure
Data Privacy
NEW BUNDLE
Assure Encryption
(Alliance AES/400 and
Alliance Token Manager)
Assure Secure File
Transfer
(Alliance FTP Manager)
Assure Monitoring
and Reporting
(Cilasoft QJRN/400)
Assure Db2 Data
Monitor
(Cilasoft DVM)
Assure
Access Control
NEW BUNDLE
Assure System Access
Manager
(Cilasoft CONTROLER)
Assure Elevated
Authority Manager
(Cilasoft EAM)
Assure Multi-Factor
Authentication
(Cilasoft RAMi)
Security Risk
Assessment
(FULL TOOL FREE)
Assure Compliance
Monitoring
NEW BUNDLE

• Assure Security is the primary go-to-market offering
• Three key bundles are the secondary GTM offerings
• Each bundle contains licensable features which can
be sold individually in order to:
• Address competitive situations
• Address one-off opportunities that only exist for
specific features
• Address narrowly defined customer use cases
Tiered Go-To-Market Offerings
Assure Security
Assure
Data Privacy
Assure Encryption
Assure Secure File
Transfer
Assure Compliance
Monitoring
Assure Monitoring
and Reporting
Assure Db2 Data
Monitor
Assure
Access Control
Assure System
Access Manager
Assure Elevated
Authority Manager
Assure Multi-Factor
Authentication
Content targeted for GA
23

Individually
Licensable Features
Features in the
Data Privacy Bundle
• Assure Encryption
• Assure Secure File Transfer
• PGP option for Assure Secure File Transfer
Features in the
Compliance Monitoring Bundle
• Assure Monitoring and Reporting
• System Module
• Database Module
• System and Database Bundle
• SIEM Add-On
• Assure Db2 Data Monitor
• Assure Core Distribution Services
Features in the
Access Control Bundle
• Assure System Access Manager
• Assure Elevated Authority Manager
• Assure Multi-Factor Authentication
24

Assure Security’s
Marketing-Leading Capabilities

Compliance Monitoring
Gain visibility into all
security activity on your IBM i
and optionally feed it to an
enterprise console
Data Privacy
Protect the privacy of data at-rest
or in-motion to prevent data
breaches
Access Control
Ensure comprehensive control of
system and data access and the
ability to trace any activity,
suspicious or otherwise
Security Risk Assessment
Assess your security threats
and vulnerabilities
26
Assure Security
addresses the issues on every
security officer and IBM i
administrator’s radar screen

Multi-Factor
Authentication
Strengthen login security by
requiring multiple forms of
authentication
Elevated Authority
Management
Automatically elevate user
authority as-needed and on a
time-limited basis and track
elevated activity
Access Control
Secure all points of entry into to
your system including network
access, database access,
command line access and more
Assure
Access Control
27

Assure System
Access Manager
Comprehensive control of
external and internal access
• Network access (FTP, ODBC, JDBC, OLE
DB, DDM, DRDA, NetServer, etc.)
• Communication port access (using ports,
IP addresses, sockets - covers SSH, SFTP,
SMTP, etc.)
• Database access (open-source protocols -
JSON, Node.js, Python, Ruby, etc.)
• Command access
Powerful, flexible and easy to
manage
• Easy to use graphical interface
• Standard configuration provided for out-
of-the-box deployment
• Powerful, flexible rules for controlling
access based on conditions such as
date/time, user profile settings, IP
addresses, etc.
• Simulation mode for testing rules without
impact to the users
• Provides alerts and produces reports
• Logs access data for SIEM integration
Secures IBM i systems and
enables regulatory compliance
• Supports regulatory requirements for SOX,
GDPR, PCI-DSS, HIPAA, and others
• Satisfies security officers by securing
access to IBM i systems and data
• Significantly reduces the time and cost of
achieving regulatory compliance
• Enables implementation of security best
practices
• Quickly detects security incidents so you
can efficiently remediate them
• Has low impact on system performance
28

Complete, automated control
of elevated user authorities
• Administrators can manually grant user’s
requests or rules can be configured to
automatically manage them
• Rules can be defined for source and target
profiles based on group profiles,
supplemental groups, user lists and more
• Rules determine the context in which
authority can be granted, such as time of
date, job name, IP address and more
• *SWAP or *ADOPT methods are supported
to elevate authority
• Handles processes connecting via ODBC,
JDBC, DRDA and FTP
• Monitors elevated users and duration of
elevation from GUI or 5250 displays
• Maintains an audit trail of elevated
activity using job logs, screen captures,
exit points and journals
• An option is available to simply log user
activity without changing authorities
• Produces alerts on events such as
exceeding authorized time
• Generates reports in a variety of formats
• Allows integration with ticketing systems
Enables regulatory compliance
and security best practice
• Generates an audit trail of actions by
elevated profiles for compliance auditors
• Makes it easy to manage requests for
elevated authority on demand
• Enforces segregation of duties
• Satisfies security officers by reducing the
number of powerful profiles and
maintaining a comprehensive audit trail
• Produces necessary alerts and reports
• Significantly reduces security exposures
caused by human error
• Reduces risk of unauthorized access to
sensitive data
Comprehensive monitoring of
elevated profiles
Assure Elevated
Authority Manager
29

Assure Multi-Factor
Authentication
Full-featured multi-factor
authentication for IBM i
• Enables you to require two or more
factors for authentication:
• Something the user knows
• Something the user has
• Something the user “is”
• Relies on codes from authentication
services delivered via mobile device,
email, hardware token, etc.
• Enables self-service profile re-
enablement and self-service password
changes
• Supports the Four Eyes Principle for
supervised changes
• RSA certified (See DOC-92160
on RSA’s community site)
Powerful, flexible deployment
options
• Allows multi-factor authentication to be
enabled only for specific users or situations
• Rules engine makes it easy to configure
when multi-factor authentication is used
• Supports multiple authenticators
• Free Syncsort authenticator
• RADIUS-based servers
• RSA SecureID (on-prem or cloud)
• Options to initiate from the 5250 signon
screen or on-demand (manually or from a
program)
• Options for multi-factor or two-step
authentication
Strengthens login security and
enables compliance
• Adds an authentication layer above and
beyond memorized or written passwords
• Reduces potential for the cost and
consequences of data theft and
unauthorized access to systems and
applications
• Lowers risk of an unauthorized user
guessing or finding another user’s
password
• Addresses regulatory requirements and
recommendations in PCI DSS 3.2, NYDFS
Cybersecurity Regulation, Swift Alliance
Access, GLBA/FFIEC, and more
30

Secure File Transfer
Securely transfer files across
internal or external networks
using encryption
Tokenization
Remove sensitive data from a
server by replacing it with
substitute values that can be used
to retrieve the original data
Encryption
Transform human-readable
database fields into unreadable
cypher text using industry-
certified encryption & key
management solutions
Assure Data
Privacy
31

Assure
Encryption
The only NIST-certified solution
for IBM i encryption
• Automatic encryption for Db2 data using
IBM i Field Procedures (IBM i 7.1 or greater)
• AES encryption algorithms are optimized for
performance
• Built-in masking of decrypted data
based on user or group
• Built-in data access auditing
• Includes encryption commands for Save
Files, IFS, and much more
• Extensive encryption APIs for RPG & COBOL
• Easily addresses issues of encrypted indexes
in legacy RPG programs
• Includes tokenization to replace sensitive
data with substitute values or “tokens”
Supports multiple key
management options
• Encryption keys must be protected since
encryption algorithms are public
• Compliance regulations require proper
key management
• Assure Security supports multiple key
management options
• Local key store provided
• Built to integrate with Townsend
Security’s FIPS 140-2 compliant
Alliance Key Manager, available as:
• VMware appliance
• Hardware Security Module (HSM)
• Cloud HSM (AWS, Azure)
• Other OASIS KMIP compliant key
management solutions
• Encrypts data without impacting
applications
• Protects data from unauthorized access by
internal staff, contractors and business
partners – as well as criminal intruders
• Meets requirements of regulations that
mandate sensitive data protection such as
HIPAA/HITECH, PCI-DSS, state privacy laws
and more
• Builds your customer’s confidence in doing
business with you through NIST validation
32

Assure Secure
File Transfer
Secures data transferred with
trading partners or customers
• Secures data moving across internal or
external networks by encrypting it before
transfer & decrypting it at the destination
• Encrypts any file type including Db2
database files, flat files, IFS files, Save
Files, and spooled files
• Supports common transfer protocols
• Secure Shell (SSH SFTP)
• Secure FTP (SSL FTPS)
• Records all encryption and file transfer
activity to meet compliance requirements
• Offers a PGP option to encrypt data at the
source and destination location
• PGP encrypted files can be received from
any other system including Windows,
Linux, and UNIX
Enables centralized
management and automation
• Automatically enforces data protection
with centrally managed policies
• Intelligently negotiates firewalls
• Configurable in a hub-and-spoke
configuration to automatically manage all
your file transfer needs
• Provides email, SNMP, message
notifications and alerts
• Supports email confirmation of transfer
with distribution list
• Provides APIs and commands for
integration with RPG, COBOL applications
and CL programs
• Supports encrypted ZIP and PDF
• Protects data from being seen in clear text
when transferred across networks
• Meets requirements of regulations such as
PCI, HIPAA and others that require
encrypted transfer and logging of transfer
activity
• PGP option provides cross-platform,
standards-based encryption that works
with all other PGP solutions
33

SIEM Integration
Integrate IBM i security data with
data from other platforms by
transferring it to a Security
Information and Event
Management console
System & Database
Auditing
Simplify analysis of IBM i journals
to monitor for security incidents
and generate reports and alerts
Assure
Compliance
Monitoring
Db2 Data Monitoring
Monitor for views of sensitive
Db2 data and optionally block
data from view
34

Assure Monitoring
and Reporting
35
Comprehensive monitoring of
system and database activity
• Simplifies the process of analyzing complex
journals
• Monitoring for system and database
changes available separately or together
• Powerful query engine with extensive
filtering enables identification of deviations
from compliance or security best practice
• Out-of-the-box, customizable models
supplied for common ERP solutions and
GDPR compliance
• Application modifications not required
Produces clear, easy-to-read
alerts and reports
• Provides security and compliance event
alerts via e-mail popup or syslog
• Enables easy creation of customized reports
that can be generated continuously, on a
schedule or on-demand
• Supports multiple report formats including
PDF, XLS, CSV and PF formats
• Distributes reports via SMTP, FTP or IFS
• Add-on available to send security data to
SIEM consoles such as IBM Qradar, ArcSight,
LogRhythm, LogPoint, and Netwrix
• Integration of security data into Splunk for
security monitoring or IT operations
analytics available via Syncsort’s Ironstream
product family
Benefits of monitoring and for
compliance & security
• Quick identification of security incidents
and compliance deviations
• Monitors the security best practices you
have implemented
• Enables meeting regulatory requirements
for GDPR, SOX, PCI DSS, HIPAA and others
• Satisfies requirements for a journal-based
audit trail
• Provides real segregation of duties and
enforces the independence of auditors

Assure Db2
Data Monitor
Gives you complete control
over sensitive data access
• Monitors Db2 data to inform you of who
has viewed sensitive records in a file,
when and how
• Rich set of rules enable fine tuning of
read-access detection and alerts (e.g.
specific access of a specific file)
• No need to change existing applications
• Generates reports in multiple formats and
real-time alerts
• Blocking mode prevents users from
reading specified information in a file
• Simulation mode available for testing
rules to ensure blocking doesn’t disrupt
normal activities before deployment
Produces clear, targeted
reports on data views
• Reports could show on views of:
• Manager salaries
• Medical data
• Credit information
• Reports can include information on how
data was accessed, such as:
• IP address
• Current user
• Call stack
• And more
• Specify only the fields you need to see in a
report, not the entire record, to keeps your
confidential data truly confidential
Meets even the most stringent
compliance and security needs
• Meets the most stringent regulatory
requirements for confidential data
• Reduces the risk of accidental data
disclosure
• Deters illicit or criminal activity
36

Security Risk
Assessment Service
Let Syncsort’s team of security
experts conduct a thorough risk
assessment and provide a report
with remediation guidance
Security Risk
Assessment Tool
Thoroughly check all aspects of
IBM i security and obtain detailed
reports and recommendations
Risk
Assessment
37

Security Risk
Assessment
What It Is
• A security risk assessment is a thorough
check of all aspects of system security,
including (but not limited to):
• Security settings in the OS
• Default passwords
• Disabled users
• Command line users
• Distribution of powerful users
• Library authorities
• Open ports
• OS exit points
• Risk assessments tools or services
provide detailed reports on findings,
explanations and recommendations for
remediation
• Assessment summary for non-technical
management summarizes findings
Benefits
• Helps to satisfy the requirement for
annual risk assessments found in
regulations such as PCI DSS and HIPAA
• Results in reports that inform
management and administrators about
security vulnerabilities and remedies
• Saves time by automating (tool) or
offloading (service) the process of
conducting as assessment
• Using a service or tool that encapsulates
extensive experience can fill skillset gaps
• Provides separation of duties between
administrator and auditor
38

• New graphical dashboard will provide a view
of status across all Assure products
• MIMIX for IBM i 9.0.9 (released January 24)
• Quick-EDD/HA coming soon
• Assure Security at GA
New Enterprise Monitor
• Delivered as a VSP portlet, but uses its own email-based
communication method
• Ideal for monitoring status for:
• Users who could not use VSP due to firewall issues
• Users with access restrictions that prevented VSP use
• Products that don’t yet have VSP interfaces
39

Assure Security delivers innovative capabilities that lead the
market in multiple facets of security:
✓ Comprehensive control of both legacy and modern IBM i system
access points
✓ NIST-certified encryption, including integration with FIPS-
compliant, off-platform key management from Townsend Security
✓ Powerful, flexible multi-factor authentication with RSA certification
✓ Unique and innovative new solution for monitoring views of highly
confidential data
✓ Ability to forward IBM i security data to leading SIEM solutions,
including QRadar certification
✓ Integration with Syncsort HA solutions via monitoring dashboard
and failover scripting
Assure Security Advantages
40

Assure Security is in Controlled General Availability
• Product has been tested and is ready for use in production environments
• Features will be added in monthly releases up to General Availability
• Customers must upgrade to the GA release
When can I sell Assure Security?
• You can tell the Assure Security story today
• Customers who purchase Assure Security now, but need features to be
delivered in a subsequent CGA release, will receive existing products that
will seamlessly upgrade to GA
Where do I find the pricing and packaging?
• You can sell the whole suite, feature bundles or individual features
• Pricing is available for subscription and perpetual license options
• Subscription is the lead pricing model for Assure Security
Selling Assure Security
42
MILESTONES
• NOW - Controlled GA 1
• Security Risk Assessment
• Cilasoft modules in one install
• Controlled GA Follow-Ons
• Townsend modules added
• Marketing Launch – April 8
• GA – May 2019
• All planned functionality
(subject to change)

• As part of the rollout of Assure Security, Syncsort will stop marketing the
Cilasoft and Alliance branded modules that are being rebranded and
repackaged as Assure Security.
• April 8, 2019
• Cilasoft and Alliance products removed from website navigation
• Resources remain on the site, but pages will point to Assure Security
• Delivery of sales enablement resources on the partner portal will end
• This does not impact support of the products. Current products continue
to be supported.
• Sales of Cilasoft and Alliance products currently in the pipeline will be
accepted for a period of time.
Sales and Marketing Transition
43

Security Services
from Syncsort

Flexible services offerings for security
• Security risk assessment
• Quick start services
• Quick check services
• Security update services (installing hot fixes, PTFs, new releases, etc.)
• System update services (ensuring security solution is properly configured
after system changes to IP addresses, OS versions, etc.)
• Auditor assist (supporting internal or external auditors)
• Managed security services
• A la carte consulting
Leverage Syncsort’s team of seasoned security experts!
Global Professional Services
Add Value to Your Investment
45

Managed Security Services
Protect your business with the highest levels of security
through Syncsort’s exclusive Managed Security Services.
Let the experts in Syncsort’s Global Services team handle
monitoring, optimization, software updates and auditing
of your security solution so that staff can focus on other
IT priorities.
• Reduce the chances of a security breach or
compliance violation
• Free your IT staff to work on other important projects
• Benefit from the vast experience of Syncsort experts
• Enjoy the latest security features through automated
software updates
• Choose the level that meets your needs
Receive all of the Gold Level services plus Daily Monitoring
of your Syncsort Security solution which includes Intrusion
Detection and we provide auditor assistance services.
PLATINUM
We conduct daily monitoring of your security settings,
manage your security configuration, and provide weekly
status reports. Plus, we’ll install hot fixes of your Syncsort
Security solution, PTFs and version upgrades.
GOLD
Our experts perform security health checks every day,
review the findings, and make approved adjustments as
needed providing a weekly report.
SILVER
We double check your security environment daily and
provide a monthly report on the health of your security
settings.
BRONZE
46

Customer Training
Customer training courses for Assure Security
will be available in
Summer 2019
47

Assure Security
Sales Enablement

Assure Security
Enablement Plan
Getting Started
Get your foundational sales knowledge
by taking L100 Assure Security Training
on the Partner Portal. Content
includes:
• Introduction to Assure Security
• Security Monitoring and Reporting
• Encryption
• Secure File Transfer
• Access Control
• Multi-Factor Authentication
• Elevated Authority Management
Coming Soon:
• Db2 Data Monitoring
Foundational Sales
Knowledge
eLearning
Sales Play Campaign Kit
Marketing Assets
Level 200 Training: Coming
Summer 2019
Level 300 Training: Coming
Summer 2019
Workshop on Request
through Syncsort Account
Executive1
2
3.
3
49

Assure Security Sales Education
Accessing L100 Sales Training
Start here by selecting Syncsort
University L100 to the complete your
Sales Training. The first time you try to
access, you will be asked to confirm.
Each time thereafter Single Sign On will
take you straight in.
50
Questions?
Debbie Shingler,
Partner Enablement Manager
debbie.shingler@syncsort.com

Search for Content
Use the search box to quickly
find assets by name or
keywords
Filters
Use filters for Topic, Product,
and Asset Type to quickly
locate materials of interest.
Resources
Go to the Resources are for
sales tools and marketing
assets
Assure Security Sales & Marketing Assets
51

Sales Reference Guides
Available Now
• Sales Reference Guide: Monitoring and Reporting
• Sales Reference Guide: Access Control
• Sales Reference Guide: Multi-Factor Authentication
• Sales Reference Guide: Elevated Authority Management
• Sales Reference Guide: Encryption
• Sales Reference Guide: Secure File Transfer
Coming at Launch
• Sales Reference Guide: Security Risk Assessment
• Sales Reference Guide: Db2 Data Monitor
52

Presentations
Available Now
• Assure Security Sales Overview
Coming at Launch
• Access Control
• Multi-Factor Authentication
• Elevated Authority Management
• Data Privacy
• Reporting and Monitoring
• Managed Security Services
53

Data Sheets
Available Now
• Assure Security
Coming at Launch
• Assure Security Risk Assessment
• Assure Multi-Factor Authentication
• Assure Elevated Authority Manager
• Assure System Access Manager
• Assure Encryption
• Assure Secure File Transfer
• Assure Reporting and Monitoring
• Assure Db2 Data Monitor
54

White Papers and eBooks
Support Assure Security Today
• “Causes and Effects of Data Breaches”
• “The Essential Layers of IBM i Security”
• “Five IT Security Best Practices Derived from 23 NYCRR 500”
• “Four Powerful Ways to Use Exit Points to Secure IBM i Access”
• “Multi-Factor Authentication for IBM i”
• “Encryption, Tokenization, and Anonymization for IBM i”
Refreshed Papers Coming at Launch
• “GDPR and IBM i Security”
• “The Essential Guide to Secure File Transfers”
• “IBM i Encryption with FieldProc and Assure Encryption”
• “The Ultimate Guide to IBM i Machine Data”
55

Webinars
The New Assure Security:
Complete IBM i Compliance and Security
• Customer webinar
• April 18, 11AM Eastern Time
• Speak to your Syncsort marketing manager if
you are interested in sharing the invitation with
your customers or prospects
56

Recap
• Syncsort is delivering on its best-of-breed convergence strategy
• Continuing enhancements to Enforcive products
• Assure Security is in Controlled GA
• Watch for April 8 announcement and May GA
• Assure Security positions you for success selling a complete IBM i
compliance and security solution or meeting specific needs
• Sales training is available online today
• Sales and marketing assets are in progress
• Security is the #1 priority of IBM i IT professionals
58
Syncsort Confidential - For Staff and Partners Only
Do Not Copy or Distribute

Get Ready for Syncsort's New Best-of-Breed Security Solution

Get Ready for Syncsort's New Best-of-Breed Security Solution

Recomendados

Recomendados

Más contenido relacionado

La actualidad más candente

La actualidad más candente (20)

Similar a Get Ready for Syncsort's New Best-of-Breed Security Solution

Similar a Get Ready for Syncsort's New Best-of-Breed Security Solution (20)

Más de Precisely

Más de Precisely (20)

Último

Último (20)

Get Ready for Syncsort's New Best-of-Breed Security Solution