Security for the Cloud and on the Cloud

Organizations are moving to the cloud space. Naturally, as cloud adoption increases, businesses leaders are laser-focused on ensuring security controls are in place. This is particularly true for corporations extending their existing enterprise systems and data to the cloud. How can cloud security be achieved without adding complexity and risk?

You must make sure that security does not get in the way of the enormous benefits that cloud adoption presents for customers. Companies must be able to extend their security controls from the enterprise to the cloud without adding complexity. Cloud-native services must be integrated with enterprise security solutions. The cloud should be leveraged to deliver security services.

Consistent Protection Against Threats: On-Premise or in the Cloud?

To enable this shift, IBM is excited to announce IBM Dynamic Cloud Security, a comprehensive suite of products and services designed to help secure cloud environments. This new portfolio helps customers extend their existing security investments to the cloud while using new analytics and controls to protect a mix of traditional IT and private, public and hybrid clouds.

IBM Dynamic Cloud Security was designed around the following four key areas of defense:

  1. Manage Access: Multiple users spanning employees, vendors and partners require quick and safe access to cloud services regardless of where they’re located. IBM’s new cloud identity services provide seamless access between cloud and traditional IT resources, while the new Cloud Access Manager and Privileged Identity Manager solutions help ensure only authorized users have access to cloud-hosted applications. IBM has also introduced a cloud sign-on service that allows IBM Bluemix users to incorporate authentication into their cloud-developed applications via application programming interfaces.
  2. Protect Data: As organizations move data and applications to the cloud, it’s important to defend them against threats. Sensitive data must be identified and monitored, which is why IBM is introducing cloud data activity-monitoring capabilities for IBM SoftLayer and Amazon Web Services. IBM has also built new application scanning services, available directly on IBM Bluemix, so developers can find vulnerabilities before attackers do.
  3. Gain Visibility: Cloud services must not introduce blind spots. To remain ahead of attackers, security teams must understand security threats happening within cloud services and correlate those events with activity across traditional IT infrastructures. This cloud security intelligence is delivered with new IBM QRadar Security Intelligence capabilities to gain security context from popular cloud services.
  4. Optimize Security Operations: Running a security operations center (SOC) has changed significantly over the past 10 years. The days of managing perimeter firewalls and antivirus are over as modern security practices must take into account an IT shift to the cloud. With new security operations consulting services, managed security services for IBM SoftLayer and a significant new investment in big data analytics and threat intelligence capabilities within its global network of SOCs, IBM is ready to help clients modernize their approach to security in the world of the cloud.

IBM Dynamic Cloud Security

IBM Dynamic Cloud Security represents a significant investment to pivot its entire security portfolio toward the cloud. Across security analytics, identity and access management, data security, application security, consulting and managed services, the company is extending its enterprise-grade security capabilities to the cloud in a big way. The goal is simple: Instead of cloud security being a challenge, security leaders can use it as an opportunity to regain the control they need to protect their enterprises.

Cloud Security Stats from IBM CISO Assessment 2014

IBM Unveils Industry's First Intelligent Cloud Security Portfolio for Global Businesses

Largest Enterprise Security Management Vendor Debuts Proven Tools to Protect People, Data and Applications in the Cloud

ARMONK, NY – 05 Nov 2014: IBM (NYSE: IBM) today announced it has built the industry’s first intelligent security portfolio for protecting people, data and applications in the cloud. Built on IBM’s investments in cloud, security and analytics software and services, the new offerings are designed to protect a business’s most vital data and applications using advanced analytics across their enterprise, public and private clouds and mobile devices — collectively known as the hybrid cloud model.

This rapid adoption of cloud is taking place as businesses still struggle to safeguard their existing IT systems against attackers who are becoming increasingly sophisticated and more difficult to detect. Currently, 75 percent of security breaches take days, weeks or even months to be discovered, significantly increasing the damage inflicted by attackers.

“Customers are now moving critical workloads to the cloud and they expect enterprise grade security to move with it,” said Brendan Hannigan, General Manager, IBM Security Systems. “We have pivoted our entire security portfolio to the cloud to help customers lock down user access, control data and maintain visibility. With the right visibility into threats, enterprises can more securely connect their people, data and processes to the cloud.”

IBM’s new cloud security tools use proven analytics to give companies a clear line of sight into the security status of their entire business—from private data centers, to the cloud—even to an individual employee’s mobile device. This unprecedented “single-pane-of-glass” view shows exactly who is using the cloud, what data individuals are accessing and from where they are accessing it.

Designed to be used with different users, whether it be a developer or line-of-business executive, the portfolio also includes analytics and security intelligence for public cloud services such as IBM’s SoftLayer. In addition, the offering features IBM’s Managed Security Services platform, which can help secure the cloud for IBM clients as well as clients of companies like Amazon Web Services and Salesforce.com.

Customers can also take advantage of the intelligence from more than 20 billion daily security events that IBM’s Managed Security Services team monitors in more than 130 countries. With this insight, they can identify threats in real time and proactively defend their companies from sophisticated attacks on all fronts.

According to a new IBM study of nearly 150 Chief Information Security Information Officers (CISOs), while 85 percent say their organizations are now moving to cloud, almost half expect a major cloud provider to experience a security breach. Despite these concerns, critical workloads processing customer and sensitive data are still moving to the cloud.

IBM’s new Dynamic Cloud Security portfolio addresses the security gaps that can exist between on-premise, cloud, software-as-a-service (SaaS) and mobile applications. The portfolio is focused on authenticating access, controlling data, improving visibility and optimizing security operations for the cloud. Developed over the past year by 200 engineers, the new tools can be deployed in the cloud or on-premise, matching the hybrid IT environments customers are managing.

Visibility Across the Cloud

With organizations using public cloud services at an increasing rate, they must be able to dynamically analyze the security posture of users, apps, networks, mobile devices and other assets across their enterprise and in the cloud. IBM’s new Dynamic Cloud Security portfolio extends IBM QRadar — the industry’s leading security analytics platform — to the IBM SoftLayer cloud and other public cloud services, such as Amazon Web Services.

Connect Users to the Cloud More Securely

Some of the IBM Dynamic Cloud Security portfolio’s new offerings help secure user access to cloud services as organizations extend their data centers to public cloud environments. They can centralize the granting of correct privileges to users and provide extra security around users who have administrator access to sensitive data. These offerings can monitor and track access to applications with the right level of authentication controls, including multi-factor authentication. Another portfolio offering can also help developers build single-sign-on security into their applications using APIs.

Lock Down Data in the Cloud

With the IBM Dynamic Cloud Security portfolio, enterprises can deploy proactive tools to automatically discover, classify and assess sensitive data stored in cloud-hosted repositories, including activity monitoring for both structured and unstructured data. Leveraging the same type of data activity monitoring tools used in the private data center, teams can now monitor activity in the cloud and create centralized auditing for data sources deployed on cloud.

Data protection also involves discovering and remediating vulnerabilities in the applications that access that data, yet developers often lack the security expertise to spot vulnerabilities in their code. The new tools will quickly analyze both Web and mobile applications for security weaknesses. Developers can then remedy those vulnerabilities before they put the application into production or place it in an app store.

Optimize Security Operations for the Cloud

IBM Intelligent Threat Protection Cloud is a managed services platform that monitors the cloud environment. Drawing upon its billions of security events, it includes advanced analytics with new correlation technologies and external data feeds. With data sources growing and companies and infrastructures becoming more dispersed, these analytics can provide real-time insight into what’s happening in the cloud, enabling quick detection and response to intrusions into a client’s network. This new platform can improve threat response times and help secure these new cloud workloads for any business. These services can be accessed from anywhere at any time and are built for a variety of IT environments in any combination.

IBM Global Financing can also provide financing options for the IBM Dynamic Cloud Security portfolio to help minimize up-front cash outlays and conserve cash for other strategic initiatives.

With more than two years of double-digit growth in security revenues, IBM has emerged as the largest enterprise security management vendor in the world. This industry-leading position is the result of an ongoing commitment which includes a dozen security acquisitions over the past decade, more than $2 billion in dedicated security research and development and more than 3,000 security related patents.

The new security solutions also further IBM’s commitment to the enterprise cloud. To date, IBM has invested $1.2 billion to expand its global cloud footprint to 40 data centers in every major market as well as another $7 billion in key cloud acquisitions including the $2 billion acquisition of SoftLayer.

Move to Hybrid Cloud

IT analyst firm Gartner reports that nearly half of large enterprises will deploy hybrid clouds by the end of 2017. As this adoption continues, more and more businesses are choosing IBM. Synergy Research reports that IBM is the largest hybrid cloud vendor.

About IBM Security

IBM’s security platform provides the security intelligence to help organizations holistically protect their people, data, applications and infrastructure. IBM offers solutions for identity and access management, security information and event management, database security, application development, risk management, endpoint management, next-generation intrusion protection and more. IBM operates one of the world’s broadest security research and development, and delivery organizations.

For more information, please visit www.ibm.com/security, follow @IBMSecurity on Twitter or visit the IBM Security Intelligence blog.

Share this Article:
Brendan Hannigan

General Manager, IBM Security

Brendan Hannigan is General Manager of the IBM Security Systems Division in the IBM Software Group; he brings more than 25 years of industry experience to his role. Mr. Hannigan was previously the president and CEO of Q1 Labs, the acquisition of which catalyzed the creation of the Security Systems Division. This division brings together many capabilities across IBM to respond to the market need for sophisticated, comprehensive and integrated approaches to enterprise security. Mr. Hannigan held number of executive positions at Q1 Labs before becoming CEO in 2011. He has a Computer Science degree with honors from University College in Dublin, Ireland.