Simple and secure mobile cloud access

© 2015 IBM Corporation
Simple and Secure Mobile Cloud Access
IBM Security Webinar
Anar Taori, IBM
Mark Campbell, IBM
IBM Security

2© 2015 IBM Corporation
 Duration – 45 minutes
 Submit your questions to all panelists in the Q&A
box located in the bottom right corner of your
screen
 Recording and slides will be emailed to you
Housekeeping items

Cloud application discovery and risk
The mobile device gap
App deployment for mobile
Mobile management and security
Q&A
What We Will Cover

Cloud Apps – What’s the Big Deal?
1in 3
Fortune 1000 employees
upload corporate data to
cloud apps
1in 4
Fortune 1000 employees
use corporate log-in details for
cloud apps
60%
of employees know
using external apps is a
violation of their
company’s security policy
On behalf of IBM Security, Ketchum Global Research & Analytics (KGRA) conducted an online survey using the services of Ipsos Public Affairs. The
survey interviewed 1,001 full-time employees at Fortune 1000 companies. The survey was fielded from July 27 to 31, 2015.

Cloud is here to stay, are you ready to move with the business?
EMPLOYEES
IT
OPERATIONS
YOUR BUSINESS
 Look for better ways
to get their jobs done
 Find cloud services
quick and easy to use
 Wants to save
money and reduce
complexity
 Wants to automate
and consolidate IT
 Loses visibility
and control over
IT
 New risk requires
new safeguards

Security and IT leaders face new challenges
“My team is not equipped to manage
the increased employee usage
and demand for cloud”
 Uncover “Shadow IT”
 Gain visibility of all cloud app usage
 Simplify connecting to approved
apps
 Stop risky user behavior
 Quickly react to cloud
threats
 Address compliance
and governance concerns
 Remove mobile “blind
spots”
CISO / CIO: How does my organization?

A Growing Problem
46%
say their smartphone
is something they couldn’t live without
Source: “6 facts about Americans and their smartphones”
by Pew Research Center, April 2015
87%
By 2017, mobile devices will make up
of Internet-enabled
technology total sales
Source: Lander Blog, “Five Online Marketing Trends for 2014,
April 2014
Source: “55 US Mobile Facts Every Marketer Needs For 2015” by Heidi Cohen, December 2014
87%
have their smartphone
at their side,
day and night
78%
spend over 2 hours
a day using their
smartphones
68%
consider their
smartphone to be
a personal device
Millennials and their smartphones…
IT Security must protect the business and the employees

Cloud Applications Mobile Employees
How Can You Protect What You Can’t See?
CASBs are an important
visibility tool for CISOs
CASBs collect cloud app usage
details on traffic going through
corporate gateways
Mobile users can go directly to
cloud apps – creating the “mobile
blind spot”
 Cellular networks
• Both in and out of the office
 Home WiFi or mobile hot spots
 Adds risk of malware, risky behavior,
and corporate policy violations
On-Premises and Remote / VPN Employees
Web gateway,
Firewall, IPS, etc.
CASBs
“Blind spots” still exist
for mobile usage

IBM Cloud Security Enforcer
© IDC Visit us at IDC.com and follow us on Twitter: @IDC
A CASB that finally addresses the mobile blind spot
PROTECT
Against cloud-related threats
CONNECT
Users to approved cloud apps
DETECT
Usage of cloud apps and actions

Combining Cloud App Visibility, Identity & Access, and Threat Protection
MOBILE
BYOD
ON PREM
RISKY APPS
APPROVED APPS
EMPLOYEES
Identity and
Access
Control
Threat
Prevention
Policy
Enforcement
Discovery
and Visibility
Cloud Event
Correlation
DETECT CONNECT PROTECT

DETECT APPROVED / SHADOW APPS
APP REPUTATION SCORES

APPROVED APP CATALOG
USER RISK RATINGS

 Respond to new threats,
in or out of the office
 Integrated with threat
intelligence from
IBM X-Force
PROTECT WITH RAPID
RESPONSE TO THREATS

 Block risky or
unsanctioned apps
on mobile devices
 Coach safe
employee usage
PROTECT BY
LIMITING ACCESS

CASB and EMM – BFFs

Complete mobility management and security
Advanced Management
Visibility & Control
Secure Productivity Suite
Trusted Workplace
Secure Document Sharing
Content Collaboration
Mobile Threat Management
Malware Protection
Mobile Enterprise Gateway
Enterprise Access

Unleashing end-user productivity
Secure PIM
App Security &
Management
File Sync,
Edit & Share
Secure
Browser
Trusted Workplace
Separates work &
personal data with
anytime access to
corporate resources
Works across iOS,
Android, & Windows
Phone platforms with a
native user experience
Supports Microsoft,
Google, IBM, Box, &
other collaboration tools,
apps & containers

Mobile Application Management
 App security &
compliance management
 Enterprise App Catalog
 Distribute & update apps
 Selectively remove
managed apps
 Volume Purchase
Program management
 App Cloud for hosting &
distributionIT administrator uses the enterprise app catalog to distribute
the Cloud Security Enforcer application

On-device App Catalog
 Self-service App Catalog
– Native-like user experience
– Keeps app info up-to-date
with public app store
 Simplify discovery of
relevant apps
– Intuitive search, sort, filter,
multiple tabs
 Promote key apps for users
– Featured Apps & Bundles to
draw users’ attention
 Install/Update All apps with
one touch

 Visibility into the mobile blind spot
 Network protection for mobile users
– IPS, zero-day, anti-malware
 Provides identity services
– Single login to most apps
 User notifications and coaching
 Policy enforcement
 Cloud event correlation
IBM MobileFirst Protect
 Manage and secure mobile devices
 Increase productivity with secure apps,
docs, and email
 Enterprise app catalog for distributing
approved 3rd party & in-house apps
 Data leak prevention controls to
restrict sharing, copy/paste, & more
 Enables routing to Cloud Enforcer
global network of proxies
Summary: IBM Cloud Security Enforcer and IBM MobileFirst Protect

Key Takeaways
Cloud app visibility, identity & access, and threat
prevention
Address the “mobile blind spot”
Protect against Cloud threats using IBM’s
network of threat intelligence
Speed cloud adoption, making your employees
more productive
1
2
3
4
ibm.com/security
Cloud Enforcer and MobileFirst Protect

Questions or call to action
Mark Campbell
Portfolio Marketing, Cloud Security
IBM Security
Anar Taori
Senior Director of Product Management
Cloud-based Enterprise Mobility Management Services
IBM Security

133 countries where IBM delivers
managed security services
20 industry analyst reports rank
IBM Security as a LEADER
TOP 3 enterprise security software
vendor in total revenue
10K clients protected including…
24 of the top 33 banks in Japan,
North America, and Australia
Learn more about IBM Security
Visit our web page
IBM.com/Security
Watch our videos
IBM Security YouTube Channel
View upcoming webinars & blogs
SecurityIntelligence.com
Follow us on Twitter
@ibmsecurity

© Copyright IBM Corporation 2015. All rights reserved. The information contained in these materials is provided for informational purposes only, and is provided AS IS without warranty of any
kind, express or implied. IBM shall not be responsible for any damages arising out of the use of, or otherwise related to, these materials. Nothing contained in these materials is intended to, nor
shall have the effect of, creating any warranties or representations from IBM or its suppliers or licensors, or altering the terms and conditions of the applicable license agreement governing the use
of IBM software. References in these materials to IBM products, programs, or services do not imply that they will be available in all countries in which IBM operates. Product release dates and / or
capabilities referenced in these materials may change at any time at IBM’s sole discretion based on market opportunities or other factors, and are not intended to be a commitment to future product
or feature availability in any way. IBM, the IBM logo, and other IBM products and services are trademarks of the International Business Machines Corporation, in the United States, other countries
or both. Other company, product, or service names may be trademarks or service marks of others.
Statement of Good Security Practices: IT system security involves protecting systems and information through prevention, detection and response to improper access from within and outside
your enterprise. Improper access can result in information being altered, destroyed, misappropriated or misused or can result in damage to or misuse of your systems, including for use in attacks
on others. No IT system or product should be considered completely secure and no single product, service or security measure can be completely effective in preventing improper use or access.
IBM systems, products and services are designed to be part of a lawful, comprehensive security approach, which will necessarily involve additional operational procedures, and may require other
systems, products or services to be most effective. IBM DOES NOT WARRANT THAT ANY SYSTEMS, PRODUCTS OR SERVICES ARE IMMUNE FROM, OR WILL MAKE YOUR ENTERPRISE
IMMUNE FROM, THE MALICIOUS OR ILLEGAL CONDUCT OF ANY PARTY.
THANK YOUwww.ibm.com/security

Information concerning non-IBM products was obtained from the suppliers of
those products, their published announcements or other publicly available
sources. IBM has not tested those products in connection with this publication
and cannot confirm the accuracy of performance, compatibility or any other
claims related to non-IBM products. Questions on the capabilities of non-IBM
products should be addressed to the suppliers of those products. IBM does not
warrant the quality of any third-party products, or the ability of any such third-
party products to interoperate with IBM’s products. IBM EXPRESSLY
DISCLAIMS ALL WARRANTIES, EXPRESSED OR IMPLIED,
INCLUDING BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
The provision of the information contained herein is not intended to, and does
not, grant any right or license under any IBM patents, copyrights, trademarks or
other intellectual property right.
Other company, product, or service names may be trademarks or service
marks of others. A current list of IBM trademarks is available at “Copyright and
trademark information” www.ibm.com/legal/copytrade.shtml
Copyright © 2015 by International Business Machines Corporation (IBM). No
part of this document may be reproduced or transmitted in any form without
written permission from IBM.
U.S. Government Users Restricted Rights – Use, duplication or disclosure
restricted by GSA ADP Schedule Contract with IBM.
Information in these presentations (including information relating to products
that have not yet been announced by IBM) has been reviewed for accuracy as
of the date of initial publication and could include unintentional technical or
typographical errors. IBM shall have no responsibility to update this information.
THIS document is distributed "AS IS" without any warranty, either express or
implied. In no event shall IBM be liable for any damage arising from the use of
this information, including but not limited to, loss of data, business interruption,
loss of profit or loss of opportunity.
IBM products and services are warranted according to the terms and conditions
of the agreements under which they are provided.
Any statements regarding IBM’s future direction, intent or product plans are
subject to change or withdrawal without notice. Performance data contained
herein was generally obtained in a controlled, isolated environments. Customer
examples are presented as illustrations of how those customers have used IBM
products and the results they may have achieved. Actual performance, cost,
savings or other results in other operating environments may vary. References
in this document to IBM products, programs, or services does not imply that
IBM intends to make such products, programs or services available in all
countries in which IBM operates or does business.
Workshops, sessions and associated materials may have been prepared by
independent session speakers, and do not necessarily reflect the views of IBM.
All materials and discussions are provided for informational purposes only, and
are neither intended to, nor shall constitute legal or other guidance or advice to
any individual participant or their specific situation.
It is the customer’s responsibility to insure its own compliance with legal
requirements and to obtain advice of competent legal counsel as to the
identification and interpretation of any relevant laws and regulatory
requirements that may affect the customer’s business and any actions the
customer may need to take to comply with such laws. IBM does not provide
legal advice or represent or warrant that its services or products will ensure that
the customer is in compliance with any law.
Legal notices and disclaimers

Simple and secure mobile cloud access

Recommended

Recommended

More Related Content

What's hot

What's hot (20)

Viewers also liked

Viewers also liked (13)

Similar to Simple and secure mobile cloud access

Similar to Simple and secure mobile cloud access (20)

More from AGILLY

More from AGILLY (20)

Recently uploaded

Recently uploaded (20)

Simple and secure mobile cloud access