“We decided to take a completely different approach to shadow IT than any company had yet taken before, and innovate around the trend of shadow IT in a whole new way," Barlow said. "Our idea behind Cloud Security Enforcer is to change the conversation between employees and their IT and security teams – so that there is no more arguing about whether or not they can use a certain app. We want to turn corporate IT teams into ‘Yes Men’ with Cloud Security Enforcer.”
For example, an employee could use their personal email to set up an account on a third-party, file-sharing cloud app, to which they would then upload their team’s sales contacts in order to see them on their mobile device. While this unapproved use would give the employee flexible access to this data, it presents a major challenge if the person decided to take another position at a competitor. Although they would no longer have access to the data and networks monitored by their former employer’s IT team, they would still have visibility into the data uploaded into that app – presenting a potentially tremendous competitive problem.
“With the innovation that we’re bringing to the table today, we’re showing the value in third-party cloud apps in terms of convenience and productivity for employees with secure access, total visibility and management for companies," Barlow said.
Hosted on IBM Cloud, IBM’s new Cloud Security Enforcer is a cloud-based tool that scans corporate networks, finding the apps employees are using, and providing a more secure way to access them. Building on IBM’s existing partnership with Box, which offers users strengthened security when sharing files via mobile devices and the Web, IBM has also built secure connectors into Box’s file-sharing cloud app for Cloud Security Enforcer.
In addition to Box’s app, IBM has built secure connectors for other popular and commonly used work apps, including tools from Microsoft Office 365, Google Apps, Salesforce.com and more.
This catalog of app connectors is constantly expanding, and features added security checks on their integrity and safety using deep threat analytics from IBM X-Force, IBM’s global threat intelligence network. This intelligence enables security and IT teams to quickly react to emerging threats from cloud apps, blocking and taking action against the ones that may present a risk.
Built by IBM Security, the Cloud Security Enforcer technology helps organizations reduce the challenges of shadow IT, defend against malicious actors looking to prey on unsafe cloud app usage, and realize the productivity and efficiency benefits of using cloud apps securely.
The technology delivers four core capabilities. It detects unauthorized cloud app usage among employees, enabling companies to determine and securely configure the apps employees want to use, as well as manage, view and direct how they are securely using and accessing them. It determines and enforces what company data can or cannot be shared by employees with specific third-party cloud apps. It connects employees to third-party cloud apps through secure connectors, including automatically assigning sophisticated passwords, helping to alleviate security breaches caused by human error – 95 percent of all incidents -- such as weak passwords. It also protects against employee-induced and cloud-based threats through analysis of real-time threat data from IBM’s X-Force Exchange.