IBM tackles shadow IT with a new cloud security tool

Hosted on IBM Cloud, Cloud Security Enforcer can scan a corporate network, find the apps employees are using, and provide a more secure way to access them

IBM tackles shadow IT with a new cloud security tool
Credit: IDGNS

If there's one thing that can strike terror into a CIO's heart, it's the security implications of the cloud. If there's another, it's the "bring your own" technology trend. Combine the two, and you have the motivation behind IBM's new Cloud Security Enforcer.

Thanks to having set up and used a private email server while U.S. Secretary of State, Hillary Clinton has become a poster child for "shadow IT," or the phenomenon by which employees bring their own technologies into the workplace -- but there's no denying its prevalence. One-third of Fortune 1000 employees share and upload corporate data on third-party cloud apps, according to a recent IBM Security study. One in four link to cloud apps using a corporate log-in and password.

Announced Tuesday, Cloud Security Enforcer aims to help companies safeguard the increasing use of “bring your own” cloud-based apps at work. It combines cloud identity management, also known as Identity-as-a-Service, with the ability to discover any outside apps employees are using, including those on their mobile devices. Equipped with those combined capabilities, it enables companies to make access more secure, IBM said.

Hosted on IBM Cloud, the tool can scan a corporate network, find the apps employees are using, and provide a more secure way to access them. Four core capabilities help make that happen.

First, companies can detect unauthorized cloud app usage, enabling them to identify and securely configure the apps that employees want to use as well as manage, view, and direct how employees can use them.

Cloud Security Enforcer can also be used to determine and enforce which data owned by an organization can or cannot be shared by employees via specific third-party cloud apps.

The tool can connect employees to third-party cloud apps through security-focused connectors, including automatically assigning sophisticated passwords. That, in turn, can help alleviate security breaches caused by human error, IBM said.

Finally, Cloud Security Enforcer can also help protect against employee-induced and cloud-based threats by analyzing real-time threat data from IBM’s global X-Force Exchange threat intelligence network, which scans the Internet and analyzes more than 20 billion global security events daily.

IBM has built connectors for Cloud Security Enforcer into Box’s cloud-based content management and collaboration platform as well as Microsoft Office 365, Google Apps, Salesforce.com, and other popular enterprise software. Pricing information was not immediately available.

Related:
From CIO: 8 Free Online Courses to Grow Your Tech Skills
Notice to our Readers
We're now using social media to take your comments and feedback. Learn more about this here.