IBM cloud helps you to avoid data breaches and consequences as data theft, intrusions and vulnerabilities in the platform. Cloud can tranform your security practices. Respond to new threats in or out of the oficce, Cloud combines visibility, data protection, threat prevention and access management.

1. 0© 2015 IBM Corporation
Enabling Secure
Use of Cloud
Applications
Dan Wolff,
Program Director, Cloud Security Product
Management

2. 1© 2015 IBM Corporation
Recent Security Timeline
1
614 reported breaches
91,982,172 records
2013
Host
Intrusion
Prevention
Endpoint
Sandboxing
Application
Whitelisting
Web
Filtering
Cloud-based
malware
detection
Network
Sandboxing
Next Gen
FW
Network
Intrusion
Prevention
Secure Web
Gateways
Web App FW

3. 2© 2015 IBM Corporation
Expansion of Cloud Services
2
External StakeholdersTraditional Enterprise IT
Public CloudPrivate Cloud
PaaS
Development
services
SaaS
Business
applications
IaaS
Infrastructure
services
100+ IBM
Offerings
HR,
CRM, SCM
Data
archive
App
development
100+ IBM
Offerings
Online
website

4. 3© 2015 IBM Corporation
Additional Cloud Threats and Vulnerabilities
 Placement (co-tenancy);
exposure to data breach / loss
 Configuration errors
 Malicious insider
 Software
vulnerabilities
Cloud is now integral part of many data breaches

5. 4© 2015 IBM Corporation
The “Secure” Cloud?
4
But isn’t the cloud already secure?
Even the experts can’t agree
Google
Microsoft
Information Week
HIPAA

6. 5© 2015 IBM Corporation
What you can expect from your provider
5
Vulnerabilities in the
platform
Intrusion monitoring
Widespread data theftDenial of service
Cloud Vendor
is Responsible
Network & Application

7. 6© 2015 IBM Corporation
What are you responsible for?
6
You are Responsible
Compliance Threat Prevention &
Visibility
Identity management
Credential theft
Insider misuse of data/
data sharing

8. 7© 2015 IBM Corporation
Customer Imperatives for Improving Security
Detect threats with
visibility across clouds
Govern the
usage of cloud
Protect workloads
and data in the cloud
How can I understand who
is accessing the cloud
from anywhere, at anytime?
How can I fix vulnerabilities
and defend against attacks
before they’re exploited?
How can I obtain a
comprehensive view of cloud
and traditional environments?

9. 8© 2015 IBM Corporation
Cloud is an opportunity to radically
transform security practices
Cloud-enhanced Security
Designed for elastic cloud
environments
Traditional Security
Designed for static devices
behind traditional network
protection

10. 9© 2015 IBM Corporation
Companies are Adopting Cloud Applications
EMPLOYEES IT OPERATIONS CISO
Using Cloud for:
• Cloud Storage
• Collaboration
• Much more
Using Cloud to:
 Save money
 Reduce complexity
 Automate
 Consolidate
 Loses visibility/control
 Risk of data loss
 Web based threats

11. 10© 2015 IBM Corporation
Cloud Applications Mobile Employees
How Can You Protect What You Can’t See?
CASBs are an important
visibility tool for CISOs
CASBs collect cloud app usage
details on traffic going through
corporate gateways
Mobile users can go directly to
cloud apps – creating the “mobile
blind spot”
 Cellular networks
• Both in and out of the office
 Home WiFi or mobile hot spots
 Adds risk of malware, risky behavior,
and corporate policy violations
On-Premise and Remote / VPN Employees
Web gateway,
Firewall, IPS, etc.
CASBs
But “Blind spots” still exist
for mobile usage

12. 11© 2015 IBM Corporation
Security and IT leaders face new challenges
“My team can’t manage
increased employee
usage of cloud”
 Gain visibility of all cloud app usage
 Simplify connecting to approved apps
 Remove mobile blind spots
 Stop risky user behavior
 Quickly detect and react to threats
 Ensure compliance/governance
How does my organization?

13. 12© 2015 IBM Corporation
IT Leaders are telling us they want to…
“We need to streamline the number of cloud
security technologies. My IT analysts need to
be more efficient and cut down on errors.”
State Government
Agency
“I have to simplify employee adoption of
approved cloud apps. It’s critical for us to
integrate identities with cloud discovery and
usage.”
Major
Retailer
“One of our biggest problems is visibility into
mobile device activity. We can’t enforce policy
if we can’t see the traffic.”
Major Financial
Services Organization

14. 13© 2015 IBM Corporation
MOBILE
BYOD
ON PREM
RISKY
APPS
APPROVED APPS
A new SaaS solution to help
securely deploy cloud services
EMPLOYEES
Identity and
Access Control
Threat
Prevention
Policy
Enforcement
Discovery
and Visibility
Cloud Event
Correlation

15. © 2015 IBM Corporation© 2015 IBM Corporation
Managing Cloud Usage
IT Admin view

16. 15© 2015 IBM Corporation

17. 16© 2015 IBM Corporation
 Respond to new threats,
in or out of the office
 Integrated with threat
intelligence from
IBM X-Force
RESPONSE TO THREATS

18. 17© 2015 IBM Corporation
 Block risky or
unsanctioned apps
on mobile devices
 Coach safe employee
usage
PROTECT BY
LIMITING ACCESS

19. 18© 2015 IBM Corporation
Unified Cloud Security Platform
Identity and
Access Control
Threat
Prevention
Policy
Enforcement
Discovery
and Visibility
Cloud Event
Correlation
• X-Force Risk scoring
for 1000’s of apps
• 360 degree,
continuous stream
of cloud activity data
• Mobile integration to
uncover blind spots
• Federated cloud SSO
• Simplified quick
connectors to
popular cloud apps
• No programming
required
• Self-service catalogs
• Delegated
administration
• User activity and
traffic monitoring
• Behavioral analysis
and correlation to
company policies
• Alerting, reporting,
and auditing
• In-line Intrusion
Prevention for all
mobile traffic
• Threat signatures,
network analysis,
and zero-day
threat protection
• User coaching
• Redirection for
out-of-policy usage
• Policy and anomaly
rule implementation

20. 19© 2015 IBM Corporation
Key takeaways
Cloud is an opportunity to do security right
Cloud is an opportunity to increase IT efficiency
Cloud is an opportunity to protect against threats
Combine Visibility, Data Protection, Threat Prevention and
Access Management
1
2
3
4

21. Thank You