Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Introducing IBM Cloud Security Enforcer, CASB, IDaaS and Threat Prevention


Published on

View on demand webinar:

Cloud Security Enforcer is the first solution to combine Cloud Access Security Broker (CASB) functionality with identity services (IDaaS), policy enforcement and dynamic threat prevention intelligence into a single integrated SaaS solution.

Join Daniel Wolff, Program Director Cloud Security Product Management, and Gonzalo de la Hoz, IAM European Segment Leader, as we discuss how IBM Cloud Security Enforcer has integrated multiple technologies crucial to enabling safe adoption of cloud applications in the enterprise:
- Cloud application discovery and risk
- Cloud identity services and application on-boarding
- Closing the mobile device gap
- Policy enforcement and threat prevention

Published in: Technology

Introducing IBM Cloud Security Enforcer, CASB, IDaaS and Threat Prevention

  1. 1. 0© 2015 IBM Corporation Enabling Secure Use of Cloud Applications Dan Wolff, Program Director, Cloud Security Product Management
  2. 2. 1© 2015 IBM Corporation Recent Security Timeline 1 614 reported breaches 91,982,172 records 2013 Host Intrusion Prevention Endpoint Sandboxing Application Whitelisting Web Filtering Cloud-based malware detection Network Sandboxing Next Gen FW Network Intrusion Prevention Secure Web Gateways Web App FW
  3. 3. 2© 2015 IBM Corporation Expansion of Cloud Services 2 External StakeholdersTraditional Enterprise IT Public CloudPrivate Cloud PaaS Development services SaaS Business applications IaaS Infrastructure services 100+ IBM Offerings HR, CRM, SCM Data archive App development 100+ IBM Offerings Online website
  4. 4. 3© 2015 IBM Corporation Additional Cloud Threats and Vulnerabilities  Placement (co-tenancy); exposure to data breach / loss  Configuration errors  Malicious insider  Software vulnerabilities Cloud is now integral part of many data breaches
  5. 5. 4© 2015 IBM Corporation The “Secure” Cloud? 4 But isn’t the cloud already secure? Even the experts can’t agree Google Microsoft Information Week HIPAA
  6. 6. 5© 2015 IBM Corporation What you can expect from your provider 5 Vulnerabilities in the platform Intrusion monitoring Widespread data theftDenial of service Cloud Vendor is Responsible Network & Application
  7. 7. 6© 2015 IBM Corporation What are you responsible for? 6 You are Responsible Compliance Threat Prevention & Visibility Identity management Credential theft Insider misuse of data/ data sharing
  8. 8. 7© 2015 IBM Corporation Customer Imperatives for Improving Security Detect threats with visibility across clouds Govern the usage of cloud Protect workloads and data in the cloud How can I understand who is accessing the cloud from anywhere, at anytime? How can I fix vulnerabilities and defend against attacks before they’re exploited? How can I obtain a comprehensive view of cloud and traditional environments?
  9. 9. 8© 2015 IBM Corporation Cloud is an opportunity to radically transform security practices Cloud-enhanced Security Designed for elastic cloud environments Traditional Security Designed for static devices behind traditional network protection
  10. 10. 9© 2015 IBM Corporation Companies are Adopting Cloud Applications EMPLOYEES IT OPERATIONS CISO Using Cloud for: • Cloud Storage • Collaboration • Much more Using Cloud to:  Save money  Reduce complexity  Automate  Consolidate  Loses visibility/control  Risk of data loss  Web based threats
  11. 11. 10© 2015 IBM Corporation Cloud Applications Mobile Employees How Can You Protect What You Can’t See? CASBs are an important visibility tool for CISOs CASBs collect cloud app usage details on traffic going through corporate gateways Mobile users can go directly to cloud apps – creating the “mobile blind spot”  Cellular networks • Both in and out of the office  Home WiFi or mobile hot spots  Adds risk of malware, risky behavior, and corporate policy violations On-Premise and Remote / VPN Employees Web gateway, Firewall, IPS, etc. CASBs But “Blind spots” still exist for mobile usage
  12. 12. 11© 2015 IBM Corporation Security and IT leaders face new challenges “My team can’t manage increased employee usage of cloud”  Gain visibility of all cloud app usage  Simplify connecting to approved apps  Remove mobile blind spots  Stop risky user behavior  Quickly detect and react to threats  Ensure compliance/governance How does my organization?
  13. 13. 12© 2015 IBM Corporation IT Leaders are telling us they want to… “We need to streamline the number of cloud security technologies. My IT analysts need to be more efficient and cut down on errors.” State Government Agency “I have to simplify employee adoption of approved cloud apps. It’s critical for us to integrate identities with cloud discovery and usage.” Major Retailer “One of our biggest problems is visibility into mobile device activity. We can’t enforce policy if we can’t see the traffic.” Major Financial Services Organization
  14. 14. 13© 2015 IBM Corporation MOBILE BYOD ON PREM RISKY APPS APPROVED APPS A new SaaS solution to help securely deploy cloud services EMPLOYEES Identity and Access Control Threat Prevention Policy Enforcement Discovery and Visibility Cloud Event Correlation
  15. 15. © 2015 IBM Corporation© 2015 IBM Corporation Managing Cloud Usage IT Admin view
  16. 16. 15© 2015 IBM Corporation
  17. 17. 16© 2015 IBM Corporation  Respond to new threats, in or out of the office  Integrated with threat intelligence from IBM X-Force RESPONSE TO THREATS
  18. 18. 17© 2015 IBM Corporation  Block risky or unsanctioned apps on mobile devices  Coach safe employee usage PROTECT BY LIMITING ACCESS
  19. 19. 18© 2015 IBM Corporation Unified Cloud Security Platform Identity and Access Control Threat Prevention Policy Enforcement Discovery and Visibility Cloud Event Correlation • X-Force Risk scoring for 1000’s of apps • 360 degree, continuous stream of cloud activity data • Mobile integration to uncover blind spots • Federated cloud SSO • Simplified quick connectors to popular cloud apps • No programming required • Self-service catalogs • Delegated administration • User activity and traffic monitoring • Behavioral analysis and correlation to company policies • Alerting, reporting, and auditing • In-line Intrusion Prevention for all mobile traffic • Threat signatures, network analysis, and zero-day threat protection • User coaching • Redirection for out-of-policy usage • Policy and anomaly rule implementation
  20. 20. 19© 2015 IBM Corporation Key takeaways Cloud is an opportunity to do security right Cloud is an opportunity to increase IT efficiency Cloud is an opportunity to protect against threats Combine Visibility, Data Protection, Threat Prevention and Access Management 1 2 3 4
  21. 21. Thank You