When IBM announced in 2011 that it would buy Q1 Labs, a leader in the "security intelligence" realm, it also launched its Security Systems Division, which sought to build on the acquisition to develop a wider range of security intelligence services.

The threat of information breaches is as pressing as ever. While external threats get most of the media attention, executives ought to be keenly aware that insider threats are just as pressing. IBM’s Security Systems Division recently launched its "Security Role and Policy Modeler," which provides a sophisticated approach to managing employee can access to critical information.

eWeek explains: “In most organizations, IT staff relies on various user management tools to assign employees roles, often based on their department or job titles, that define what applications or databases they are allowed to access and what they can't…Security Role and Policy Modeler looks at existing applications, such as Salesforce.com, Oracle Finance and Active Directory, among others, and detects how many permissions each user has. The users are then grouped into roles based on the access permissions they have, and then assigned a ‘blanket’ scheme reflecting the privileges they already have. The roles aren't based on the job title or description, but on what is actually in place.”

The new approach, according to IBM, allows companies to efficiently collect, clean up, correlate, certify and report on identity and access configurations. As a side note, it’s rare when a company can launch a product borne from basic research, which is where this one came from. 

For more:
- here’s the article

Related articles:
IBM wins patent securities pricing
IBM security unit rises at right time
IBM buys Q1 Labs, forms new security division