The document covers IBM's Cloud Security Enforcer, a SaaS solution designed to protect against cloud-related threats, enhance visibility of cloud app usage, and enforce security policies. It addresses challenges faced by IT leaders in managing employee access to approved cloud applications while preventing risky behavior and ensuring compliance. Key features include cloud discovery, identity and access control, as well as integration with QRadar for streamlined security management.

1. IBM Security Webinar
IBM Cloud Security Enforcer
JOHAN LARKSATER
SECURITY SAAS EUROPE – IBM SECURITY
JUNE 2016

2. 2 IBM Security
2© 2016 IBM Corporation
What we will cover
• Introductions
• The cloud is here, ready or not
• Cloud Security Enforcer overview
• Cloud app visibility, Qradar integration, and mobile
• Secure connectivity and IDaaS
• Protection and policies
• Wrap up and Q & A

3. 3 IBM Security
3© 2016 IBM Corporation
Today’s Featured Guest
Sean Brown
Offering Manager
Cloud Security

4. 4 IBM Security
4© 2016 IBM Corporation
Cloud is here to stay, are you ready to move with the business?
EMPLOYEES IT OPERATIONS YOUR BUSINESS
 Look for better ways
to get their jobs done
 Find cloud services
quick and easy to use
 Wants to save money
and reduce complexity
 Wants to automate
and consolidate IT
 Loses visibility
and control over IT
 New risk requires
new safeguards

5. 5 IBM Security
Security and IT leaders face new challenges
CISO / CIO:
 Uncover “Shadow IT”
 Gain visibility of all cloud app usage
 Simplify connecting to approved apps
 Remove mobile blind spots
 Stop risky user behavior
 Quickly react to cloud threats
 Address compliance
and governance concerns
How does my organization?
“My team is not equipped to manage
the increased employee usage
and demand for cloud”

6. 6 IBM Security
IBM Cloud Security Enforcer
PROTECT
Against cloud-related threats
CONNECT
Users to approved cloud apps
DETECT
Usage of cloud apps and actions

7. 7 IBM Security
A new SaaS solution to help securely deploy cloud services
Identity and
Access Control
Threat
Prevention
Policy
Enforcement
Discovery
and Visibility
Cloud Event
Correlation
DETECT CONNECT PROTECT
MOBILE
BYOD
ON PREM
RISKY APPS
APPROVED APPS
EMPLOYEES

8. 8 IBM Security
8© 2016 IBM Corporation
DETECT
App usage and user activity

9. 9 IBM Security
9© 2016 IBM Corporation
 Discover thousands of cloud apps
 View analytics and risk reports
 Chart progress over time
DETECT APPROVED / SHADOW APPS

10. 10 IBM Security
10© 2016 IBM Corporation
 Correlate cloud activity to employees
 Identify suspicious activities and trends
 See and respond to priority alerts
DETECT DETAILED USER ACTIVITY

11. 11 IBM Security
11© 2016 IBM Corporation
IBM Cloud Security Enforcer QRadar Connector
• IBM Cloud Security Enforcer
QRadar Connector offers SOC
operators a view of the top
offense, user, and application data
from IBM Cloud Security Enforcer
within QRadar itself, thus
providing a streamlined view of
security in one pane of glass.
• The application is configured via
an admin plugin where the user
can specify the hostname of the
Cloud Security Enforcer assigned
to them.
• From this point dashboard widgets
are provided to view current day
offense, user, and application
data.

12. 12 IBM Security
12© 2016 IBM Corporation
 Visibility of high risk users and cloud applications
 Covers the “Mobile Blind Spot” that most SIEM tools miss
 Behavioral analysis for mobile users with alerting
Enhances QRadar with:

13. 13 IBM Security
13© 2016 IBM Corporation
Demo
IBM Cloud Security Enforcer QRadar Connector

14. 14 IBM Security
14© 2016 IBM Corporation
IBM Cloud Security Enforcer – Discovery
Cloud, SaaS, &
Private Apps
Secure
Gateway
. . .(plus many more)
Discovery
Enterprise
Employees
Microsoft
Active Directory
Event
Collection
ID
Bridge
Directory
Sync

15. 15 IBM Security
15© 2016 IBM Corporation
IBM Cloud Security Enforcer – Mobile Protection
Home WiFi /
Cellular Data
Network
Cloud, SaaS, &
Private Apps
. . .(plus many more)
Mobile Protection
Client
Gateway
(VPN/Proxy)
Traffic
Inspection

16. 16 IBM Security
16© 2016 IBM Corporation
CONNECT
Users to approved cloud apps

17. 17 IBM Security
17© 2016 IBM Corporation
September 30, 2015
GitHub Connecter
GitHub Connecter for NA Dev Team
 On/Off toggles for cloud access
 Correct out of policy application usage
CONNECT THE BUSINESS TO
APPROVED APPS, DISABLE OTHERS

18. 18 IBM Security
18© 2016 IBM Corporation
 Display approved app catalog
 Enable self-onboarding
 Find and use apps faster
CONNECT USERS TO CLOUD APPS

19. 19 IBM Security
19© 2016 IBM Corporation
IBM Cloud Security Enforcer – Single Sign-On & Launchpad
Microsoft
Active Directory
Cloud, SaaS, &
Private Apps
Secure
Gateway
. . .(plus many more)
Event
Collection
ID
Bridge
Directory
Sync
SSO
[Service
Provider] Launchpad
& Catalog
SSO
[Identity
Provider]
Enterprise
Employees

20. 20 IBM Security
20© 2016 IBM Corporation
Protect
Against cloud-related threats

21. 21 IBM Security
21© 2016 IBM Corporation
 Understand cloud app reputation
 Prioritize apps based on past threats
 Limit interaction with unsafe apps
PROTECT AGAINST RISKY APPS

22. 22 IBM Security
22© 2016 IBM Corporation
 Establish user risk ratings
 Address “rogue” cloud app usage
 User risk score calculated by aggregate usage
 Send alerts when there’s risky behavior
PROTECT AGAINST RISKY BEHAVIOR

23. 24 IBM Security
Key takeaways
First solution to combine cloud discovery, identity & access,
and threat prevention
Focused on securely enabling the business for cloud apps
Protects against cloud threats using IBM’s network
of threat intelligence
ibm.com/security/cloud-enforcer

24. 25 IBM Security
25© 2016 IBM Corporation
130+ countries where IBM delivers
managed security services
25 industry analyst reports rank
IBM Security as a LEADER
No. 1 enterprise security software
vendor in total revenue
12K+ clients protected
90% of the Fortune 100
companies
Visit our web page
ibm.com/security/
Watch our videos
IBM Security YouTube Channel
View upcoming webinars & blogs
securityintelligence.com
Follow us on Twitter
@ibmsecurity
Join IBM X-Force Exchange
xforce.ibmcloud.com

25. ibm.com/security
securityintelligence.com
xforce.ibmcloud.com
@ibmsecurity
youtube/user/ibmsecuritysolutions
© Copyright IBM Corporation 2016. All rights reserved. The information contained in these materials is provided for informational purposes only, and is provided AS IS without warranty of any kind, express
or implied. IBM shall not be responsible for any damages arising out of the use of, or otherwise related to, these materials. Nothing contained in these materials is intended to, nor shall have the effect of,
creating any warranties or representations from IBM or its suppliers or licensors, or altering the terms and conditions of the applicable license agreement governing the use of IBM software. References in these
materials to IBM products, programs, or services do not imply that they will be available in all countries in which IBM operates. Product release dates and / or capabilities referenced in these materials may
change at any time at IBM’s sole discretion based on market opportunities or other factors, and are not intended to be a commitment to future product or feature availability in any way. IBM, the IBM logo, and
other IBM products and services are trademarks of the International Business Machines Corporation, in the United States, other countries or both. Other company, product, or service names may be trademarks
or service marks of others.
Statement of Good Security Practices: IT system security involves protecting systems and information through prevention, detection and response to improper access from within and outside your enterprise.
Improper access can result in information being altered, destroyed, misappropriated or misused or can result in damage to or misuse of your systems, including for use in attacks on others. No IT system or
product should be considered completely secure and no single product, service or security measure can be completely effective in preventing improper use or access. IBM systems, products and services are
designed to be part of a lawful, comprehensive security approach, which will necessarily involve additional operational procedures, and may require other systems, products or services to be most effective.
IBM DOES NOT WARRANT THAT ANYSYSTEMS, PRODUCTS OR SERVICES ARE IMMUNE FROM, OR WILL MAKE YOUR ENTERPRISE IMMUNE FROM, THE MALICIOUS OR ILLEGAL CONDUCT
OF ANY PARTY.
FOLLOW US ON:
THANK YOU