As I have written about previously, IBM and Box are working together to make cloud file sharing more secure. IBM recently announced another piece of the puzzle, IBM Cloud Security Enforcer, which combines Identity as a Service (IaaS) with the ability to scan and detect cloud offering. Once detected, IBM will attempt to use one of the connectors to improve the security of the connection to the application.
At almost every client I visit, cloud file sharing is an issue, the client thinks it is an issue or is completely blocked, forcing end users to find additional work around solutions. The need is very clear and the growth in this category reflects that need. I encourage you to read the link or at the least watch the video in the above link. What I find appealing about the application is the focus on turning data into information. Clients today can report on hits to cloud applications URLs but this goes a step further. Enforcer distills user identity, application catalog and usage in a way that is easy to consume; information that is actionable. Other highlights of the solution are below.
Built by IBM Security, the technology helps organizations reduce the challenges of “Shadow IT”, defend against malicious actors looking to prey on unsafe cloud app usage, and realize the productivity and efficiency benefits of using cloud apps more securely. This is achieved by four core capabilities which:
Detect unauthorized cloud app usage, enabling companies to determine and securely configure the apps that employees want to use, as well as manage, view and direct how employees are using and accessing them.
Determine and enforce which data owned by an organization can or cannot be shared by employees with specific third-party cloud apps.
Connect employees quickly to third-party cloud apps through security-rich connectors, including automatically assigning sophisticated passwords, helping to alleviate security breaches caused by human error (95% of all incidents), such as weak passwords. IBM’s research found that one in every four employees is linking to cloud apps with his or her corporate log-in and password, leaving vast loopholes for hackers.
Help protect against employee-induced and cloud-based threats through analysis of real-time threat data from IBM’s X-Force Exchange.
Let me know how your firm is responding to the challenge of cloud applications and storage and whether this approach is appealing.