introducing ibm cloud security enforcer, casb, idaas and threat prevention

0 © 2015 IBM Corporation

Enabling Secure Use of Cloud Applications

Dan Wolff,

Program Director, Cloud Security Product

Management


Recent Security Timeline

1

614 reported breaches

91,982,172 records 2013

Host

Intrusion

Prevention

Endpoint

Sandboxing

Application

Whitelisting

Web

Filtering

Cloud-based

malware

detection

Network

Sandboxing

Next Gen

FW

Network

Intrusion

Prevention

Secure Web

Gateways

Web App FW


Expansion of Cloud Services

2

External Stakeholders Traditional Enterprise IT

Public Cloud Private Cloud

PaaS Development

services

SaaS Business

applications

IaaS Infrastructure

services

100+ IBM Offerings

HR, CRM, SCM

Data archive

App development

100+ IBM Offerings

Online website


Additional Cloud Threats and Vulnerabilities

Placement (co-tenancy);

exposure to data breach / loss

Configuration errors

Malicious insider

Software

vulnerabilities

Cloud is now integral part of many data breaches


The “Secure” Cloud?

4

But isn’t the cloud already secure?

Even the experts can’t agree

Google

Microsoft

Information Week

HIPAA


What you can expect from your provider

5

Vulnerabilities in the

platform Intrusion monitoring

Widespread data theft Denial of service

Cloud Vendor

is Responsible

Network & Application


What are you responsible for?

6

You are Responsible

Compliance Threat Prevention &

Visibility

Identity management

Credential theft

Insider misuse of data/

data sharing


Customer Imperatives for Improving Security

Detect threats with visibility across clouds

Govern the usage of cloud

Protect workloads and data in the cloud

How can I understand who is accessing the cloud

from anywhere, at anytime?

How can I fix vulnerabilities and defend against attacks before they’re exploited?

How can I obtain a comprehensive view of cloud and traditional environments?


Cloud is an opportunity to radically transform security practices

Cloud-enhanced Security Designed for elastic cloud

environments

Traditional Security Designed for static devices

behind traditional network

protection


Companies are Adopting Cloud Applications

EMPLOYEES IT OPERATIONS CISO

Using Cloud for:

• Cloud Storage

• Collaboration

• Much more

Using Cloud to:

Save money

Reduce complexity

Automate

Consolidate

Loses visibility/control

Risk of data loss

Web based threats


Cloud Applications Mobile Employees

How Can You Protect What You Can’t See?

CASBs are an important

visibility tool for CISOs

CASBs collect cloud app usage

details on traffic going through

corporate gateways

Mobile users can go directly to

cloud apps – creating the “mobile

blind spot”

Cellular networks

• Both in and out of the office

Home WiFi or mobile hot spots

Adds risk of malware, risky behavior, and corporate policy violations

On-Premise and Remote / VPN Employees

Web gateway,

Firewall, IPS, etc.

CASBs

But “Blind spots” still exist

for mobile usage


Security and IT leaders face new challenges

“My team can’t manage

increased employee

usage of cloud”

Gain visibility of all cloud app usage

Simplify connecting to approved apps

Remove mobile blind spots

Stop risky user behavior

Quickly detect and react to threats

Ensure compliance/governance

How does my organization?


IT Leaders are telling us they want to…

“We need to streamline the number of cloud security technologies. My IT analysts need to be more efficient and cut down on errors.”

State Government

Agency

“I have to simplify employee adoption of approved cloud apps. It’s critical for us to integrate identities with cloud discovery and usage.”

Major

Retailer

“One of our biggest problems is visibility into mobile device activity. We can’t enforce policy if we can’t see the traffic.”

Major Financial

Services Organization


MOBILE

BYOD

ON PREM

RISKY

APPS

APPROVED APPS

A new SaaS solution to help securely deploy cloud services

EMPLOYEES

Identity and Access Control

Threat Prevention

Policy Enforcement

Discovery and Visibility

Cloud Event Correlation


Respond to new threats,

in or out of the office

Integrated with threat

intelligence from

IBM X-Force

RESPONSE TO THREATS


Block risky or

unsanctioned apps

on mobile devices

Coach safe employee

usage

PROTECT BY

LIMITING ACCESS


Unified Cloud Security Platform

Identity and Access Control

Threat Prevention

Policy Enforcement

Discovery and Visibility

Cloud Event Correlation

• X-Force Risk scoring for 1000’s of apps

• 360 degree, continuous stream of cloud activity data

• Mobile integration to uncover blind spots

• Federated cloud SSO

• Simplified quick connectors to popular cloud apps

• No programming required

• Self-service catalogs

• Delegated administration

• User activity and traffic monitoring

• Behavioral analysis and correlation to company policies

• Alerting, reporting, and auditing

• In-line Intrusion Prevention for all mobile traffic

• Threat signatures, network analysis, and zero-day threat protection

• User coaching

• Redirection for out-of-policy usage

• Policy and anomaly rule implementation


Key takeaways

Cloud is an opportunity to do security right

Cloud is an opportunity to increase IT efficiency

Cloud is an opportunity to protect against threats

Combine Visibility, Data Protection, Threat Prevention and Access Management

1

2

3

4

Thank You

introducing ibm cloud security enforcer, casb, idaas and threat prevention

Technology