The BYOD trend remains as strong as ever according to IBM’s recent security study. Their research returned feedback indicating that over 30% of Fortune 1000 employees share and upload corporate data on third-party cloud apps, despite increasing awareness over the last few years of the risks of ‘shadow IT’.
The stubbornness and secrecy of Senate politician and presidential candidate Hilary Clinton in running dual public and private communications systems has certainly thrown the spotlight on cloud security risks – which affect the public sector as much as the private sector. This has been a trigger for IBM to launch their new Cloud Security Enforcer (“CSE”). Added to this, 25% of those surveyed link to cloud apps using a corporate log-in and password.
IBM’s new corporate protection device using their host IBM Cloud, aims to counter this by combining cloud identity management (“Identity-as-a-Service”), with the ability to discover any outside apps employees are using (including those on their mobile devices to make access more secure).
1. CSE enables detection of unauthorised cloud app usage, followed by secure configuration of the apps as well as managing, viewing and directing how employees can use them.
2. Can determine and enforce which data owned by an organisation can or cannot be shared by employees via specific third-party cloud apps.
3. Security-focused connectors can connect employees to third-party cloud apps which include automatically assigned sophisticated passwords to help alleviate security breaches from human error.
4. Finally CSE employs its global X-Force Exchange threat intelligence network to protect against employee-induced and cloud-based threats by analysing real-time threat data. These involve scans of the internet and analysis of more than 20 billion global security events daily as a safeguard.
With connectors into Box’s cloud-based content management; a collaboration platform with Microsoft Office 365, Google Apps, Salesforce.com + other popular enterprise software, IBM’s broad view on seeking to secure and manage the wilder risks from cloud to business should resonate in the marketplace, though as of yet the price point for Cloud Security Enforcer has yet to be published, but it is certainly indicating of intelligent packing for enterprise organisations. As long as users retain the freedom to use their personal devices without interference from their organisations and equally, that enterprise has the ability to securely ringfence company data, then the two can sit comfortably side by side and it’s a good package.