Close
  • Latest News
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Logo
Logo
  • Latest News
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Cybersecurity
    • Cybersecurity

    New IBM Security System Makes ‘BYO’ Cloud Apps Safe for Work

    By
    Darryl K. Taft
    -
    September 20, 2015
    Share
    Facebook
    Twitter
    Linkedin
      IBM logo

      IBM has produced new cloud security technology that helps protect organizations from risks associated with the increasing use of “bring your own” cloud apps at work.

      Big Blue’s new Cloud Security Enforcer gives companies visibility into all third-party cloud apps used by their employees, provides a secure way to access them, and enables companies to control which corporate data can and cannot be shared with the apps.

      Cloud Security Enforcer helps companies address a potentially significant security exposure, as they currently only have visibility into a fraction of the cloud apps used by their workforce.

      Indeed, new research from IBM found that one-third of employees at Fortune 1000 companies are sharing and uploading corporate data on third-party cloud apps. Employees today are increasingly engaging in risky practices on these tools, such as signing in with their personal email addresses, using weak passwords or re-using corporate log-in credentials.

      IBM’s study of more than 1,000Fortune 1000 employees showed that one out of every three employees is uploading and sharing corporate data to third-party cloud apps, often without the knowledge of their employer. With little or no visibility into these apps, companies have no awareness of the risky activities being performed on them, which the survey also uncovered.

      IBM noted that choosing convenience over security is a growing trend and it is being compounded further with the influx of Millennials into the workforce, who will make up half of the globe’s workers by 2020. The study found that currently, one out of every two Millennials is sharing work data to outside cloud apps.

      The company is working with its partner, Box, and other popular cloud app providers to make these apps safe for work. The new cloud-based technology connects into the most commonly used work apps enabling companies to secure the third-party apps their employees are using out of policy. It also constantly monitors the risks of these apps being breached, based on intelligence of malicious activity happening around the world.

      While the cloud offers greater productivity, security tradeoffs can result in the loss of control of corporate data, and the inability of companies to protect employees’ identities. With the release of Cloud Security Enforcer, IBM is extending users’ control, visibility, security and governance inherent to their hybrid cloud environments.

      “Other vendor technology in the market today manages just the discovery of which cloud apps employees are using,” said Caleb Barlow, vice president of mobile management and security at IBM. “IBM Security Cloud Enforcer goes well beyond just discovery — it actually gives employees a path for using the third-party cloud apps they want as it centrally manages access via secure log-in credentials. No other company in the cloud access security broker space does this identity management. Previously, companies needed several different technologies to do some of these things. Now, however, they just need one SaaS technology in Cloud Enforcer.”

      IBM’s study also showed that one in every four employees is linking cloud apps and services apps to their corporate log-in and password, leaving loopholes through which hackers can gain access to company networks.

      When employees conduct rogue activities on unsanctioned apps, known as “Shadow IT,” companies lose control over and visibility into sensitive data.

      New IBM Security System Makes ‘BYO’ Cloud Apps Safe for Work

      “We decided to take a completely different approach to shadow IT than any company had yet taken before, and innovate around the trend of shadow IT in a whole new way,” Barlow said. “Our idea behind Cloud Security Enforcer is to change the conversation between employees and their IT and security teams – so that there is no more arguing about whether or not they can use a certain app. We want to turn corporate IT teams into ‘Yes Men’ with Cloud Security Enforcer.”

      For example, an employee could use their personal email to set up an account on a third-party, file-sharing cloud app, to which they would then upload their team’s sales contacts in order to see them on their mobile device. While this unapproved use would give the employee flexible access to this data, it presents a major challenge if the person decided to take another position at a competitor. Although they would no longer have access to the data and networks monitored by their former employer’s IT team, they would still have visibility into the data uploaded into that app – presenting a potentially tremendous competitive problem.

      “With the innovation that we’re bringing to the table today, we’re showing the value in third-party cloud apps in terms of convenience and productivity for employees with secure access, total visibility and management for companies,” Barlow said.

      Hosted on IBM Cloud, IBM’s new Cloud Security Enforcer is a cloud-based tool that scans corporate networks, finding the apps employees are using, and providing a more secure way to access them. Building on IBM’s existing partnership with Box, which offers users strengthened security when sharing files via mobile devices and the Web, IBM has also built secure connectors into Box’s file-sharing cloud app for Cloud Security Enforcer.

      In addition to Box’s app, IBM has built secure connectors for other popular and commonly used work apps, including tools from Microsoft Office 365, Google Apps, Salesforce.com and more.

      This catalog of app connectors is constantly expanding, and features added security checks on their integrity and safety using deep threat analytics from IBM X-Force, IBM’s global threat intelligence network. This intelligence enables security and IT teams to quickly react to emerging threats from cloud apps, blocking and taking action against the ones that may present a risk.

      Built by IBM Security, the Cloud Security Enforcer technology helps organizations reduce the challenges of shadow IT, defend against malicious actors looking to prey on unsafe cloud app usage, and realize the productivity and efficiency benefits of using cloud apps securely.

      The technology delivers four core capabilities. It detects unauthorized cloud app usage among employees, enabling companies to determine and securely configure the apps employees want to use, as well as manage, view and direct how they are securely using and accessing them. It determines and enforces what company data can or cannot be shared by employees with specific third-party cloud apps. It connects employees to third-party cloud apps through secure connectors, including automatically assigning sophisticated passwords, helping to alleviate security breaches caused by human error – 95 percent of all incidents — such as weak passwords. It also protects against employee-induced and cloud-based threats through analysis of real-time threat data from IBM’s X-Force Exchange.

      Darryl K. Taft
      Darryl K. Taft covers the development tools and developer-related issues beat from his office in Baltimore. He has more than 10 years of experience in the business and is always looking for the next scoop. Taft is a member of the Association for Computing Machinery (ACM) and was named 'one of the most active middleware reporters in the world' by The Middleware Co. He also has his own card in the 'Who's Who in Enterprise Java' deck.

      MOST POPULAR ARTICLES

      Cybersecurity

      Visa’s Michael Jabbara on Cybersecurity and Digital...

      James Maguire - May 17, 2022 0
      I spoke with Michael Jabbara, VP and Global Head of Fraud Services at Visa, about the cybersecurity technology used to ensure the safe transfer...
      Read more
      Cloud

      Yotascale CEO Asim Razzaq on Controlling Multicloud...

      James Maguire - May 5, 2022 0
      Asim Razzaq, CEO of Yotascale, provides guidance on understanding—and containing—the complex cost structure of multicloud computing. Among the topics we covered:  As you survey the...
      Read more
      Big Data and Analytics

      GoodData CEO Roman Stanek on Business Intelligence...

      James Maguire - May 4, 2022 0
      I spoke with Roman Stanek, CEO of GoodData, about business intelligence, data as a service, and the frustration that many executives have with data...
      Read more
      IT Management

      Intuit’s Nhung Ho on AI for the...

      James Maguire - May 13, 2022 0
      I spoke with Nhung Ho, Vice President of AI at Intuit, about adoption of AI in the small and medium-sized business market, and how...
      Read more
      Applications

      Cisco’s Thimaya Subaiya on Customer Experience in...

      James Maguire - May 10, 2022 0
      I spoke with Thimaya Subaiya, SVP and GM of Global Customer Experience at Cisco, about the factors that create good customer experience – and...
      Read more
      Logo

      eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site’s focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Advertisers

      Advertise with TechnologyAdvice on eWeek and our other IT-focused platforms.

      Advertise with Us

      Menu

      • About eWeek
      • Subscribe to our Newsletter
      • Latest News

      Our Brands

      • Privacy Policy
      • Terms
      • About
      • Contact
      • Advertise
      • Sitemap
      • California – Do Not Sell My Information

      Property of TechnologyAdvice.
      © 2021 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×