If there’s one thing that can strike terror into a CIO’s heart, it’s the security implications of the cloud. If there’s another, it’s the “bring your own” technology trend. Combine the two, and you have the motivation behind IBM’s new Cloud Security Enforcer.
Thanks to having set up and used a private email server while U.S. Secretary of State, Hillary Clinton has become a poster child for “shadow IT,” or the phenomenon by which employees bring their own technologies into the workplace — but there’s no denying its prevalence. One-third of Fortune 1000 employees share and upload corporate data on third-party cloud apps, according to a recent IBM Security study. One in four link to cloud apps using a corporate log-in and password.
Cloud computing shares resources never shared before, creating new risks and demanding new security practices. Learn those new security measures from Cloud Security Digital Spotlight PDF special report. | Also on InfoWorld:Mobile app development in the cloud | Stay up on the cloud with InfoWorld’sCloud Computing newsletter.
Announced Tuesday, Cloud Security Enforcer aims to help companies safeguard the increasing use of “bring your own” cloud-based apps at work. It combines cloud identity management, also known as Identity-as-a-Service, with the ability to discover any outside apps employees are using, including those on their mobile devices. Equipped with those combined capabilities, it enables companies to make access more secure, IBM said.
Want to publish your own articles on DistilINFO Publications?
Send us an email, we will get in touch with you.
Hosted on IBM Cloud, the tool can scan a corporate network, find the apps employees are using, and provide a more secure way to access them. Four core capabilities help make that happen.
First, companies can detect unauthorized cloud app usage, enabling them to identify and securely configure the apps that employees want to use as well as manage, view, and direct how employees can use them.
Cloud Security Enforcer can also be used to determine and enforce which data owned by an organization can or cannot be shared by employees via specific third-party cloud apps.
The tool can connect employees to third-party cloud apps through security-focused connectors, including automatically assigning sophisticated passwords. That, in turn, can help alleviate security breaches caused by human error, IBM said.
Finally, Cloud Security Enforcer can also help protect against employee-induced and cloud-based threats by analyzing real-time threat data from IBM’s global X-Force Exchange threat intelligence network, which scans the Internet and analyzes more than 20 billion global security events daily.
IBM has built connectors for Cloud Security Enforcer into Box’s cloud-based content management and collaboration platform as well as Microsoft Office 365, Google Apps, Salesforce.com, and other popular enterprise software. Pricing information was not immediately available.
Date: September 22, 2015