IBM PureApplication ™ System Encryption

1. IBM PureApplication™ System Encryption

2. Today’s CIO’s Challenges: • Consolidate and Simplify the Infrastructure • Cybersecurity • Access • Integrity • Control • Privacy-Consumer Data Protection • Confidentiality • Intellectual Property Protection • Theft Prevention • Compliance • Supporting a multitude of differing EU & North American Consumer Privacy, Financial and Healthcare Regulations • Private & Public Cloud Enablement • Foreign Government and/or Corporate Espionage • AND….Reduce Costs!!

3. Costs of Cybercrime • From the Ponemon Institute • (conducts independent research on privacy, data protection and information security policy) • Interviews with 60 large U.S. Companies: • Average annualized cost of Cybercrime rose 26% in 2013 to $11.6 million per company • Loss or theft of information • Disruption of Business Operations • Revenue Loss • Destruction of property, plant and equipment • Detection, Investigation, Incident Response, Containment Recovery • Average 122 successful attacks per week, up 18% from 2012 • Invest in Adequate Cybersecurity Resources • Monitor systems for early detection • “Many attacks are subtle, stealthy and probably will beat your system” Solutions – Bringing Costs Down

4. Worldwide Regulatory Environment No single standard for “what/how much to encrypt” Best Practice:ENCRYPT ALL DATA!

5. Customer Environments Geographic Redundant Data Centers & Communications • Enterprise Characteristics • East / West or NY / Jersey (Financial Markets) • Real Time or Delayed Take-over depending on Cost Parameters • Multi-Nationals require Business Recovery • Fully Operational Facilities, not stand-by “cold” environments • SMB Characteristics • Meet HIPPA ex: Doctor’s Office • Solve Compliance Issue • Provide Secure Entry Level High Availability Solution Redundant Equipment Configurations • Reduce Op-Ex via • Vendor Standardization • Repeatable Configuration • Deployment & Operational Guidelines • Remote Management from a single Control Center • High Data Availability via Data Replication (acceptable lag/transaction loss)

6. SPx (SecureParser) Encryption Pattern Differentiators • SPx is an OEM IBM Part Number (D10N0LL), not an ISV third party solution • Provably Secure Data at Rest Protection • FIPs 140-2 Certified • AES 256; HIPPA and FISMA data compliance at start up • No External Key Management System • No additional Cost • No additional Personnel • Integrated with the PureApps Management System • Scales with the PureApps System • Software only • 2 clicks, 1 drag and drop to secure any directory • Virtually NO System Overhead Tax • <8% CPU utilization for encryption, randomization and authentication of the data (most software encryption solutions require up to 30% additional CPU utilization) • No additional storage requirement with SPx encryption • Enables Secure Multitenancy for Enterprise Environments • Consolidate and optimize the Infrastructure without compromising privacy and confidentiality

7. Encryption Solution Decision Maker Criteria Decision Maker’s Criteria: CIO : Regulatory i.e. SARBOX, HIPPA, Provably Secure CFO’s : Costs Cap-Ex & Op-Ex(3) CTO’s : Meeting Internal Customer Requirements Operations: Solution Time to Operation & Complexity of Support

8. Encryption Feature Comparison IBM, NetApp and EMC

9. Case Study #1: Encryption Solution Pricing* for SAN (FCoE) • None of these comparisons account for any additional gap with respect to scalability e.g. additional competitive equipment due to scaling not accounted for. • Prices are MSRP • Pricing for Hardware and Software only. Does not include additional administrative and operational requirements for the NetApp and EMC solution.

10. Case Study #1: Encryption Solution Components