IBM has announced it has built the industry’s first intelligent security portfolio for protecting people, data and applications in the cloud. Built on IBM’s investments in cloud, security and analytics software and services, the new offerings are designed to protect a business’s most vital data and applications using advanced analytics across their enterprise, public and private clouds and mobile devices — collectively known as the hybrid cloud model.
This rapid adoption of cloud is taking place as businesses still struggle to safeguard their existing IT systems against attackers who are becoming increasingly sophisticated and more difficult to detect. Currently, 75 percent of security breaches take days, weeks or even months to be discovered, significantly increasing the damage inflicted by attackers.
“Customers are now moving actual critical workloads to the cloud and they expect enterprise grade security to move with it,” said Vaidyanathan Iyer, Country Leader, Security Systems, IBM India/South Asia. “We have pivoted our entire security portfolio to the cloud to help customers lock down user access, control data and maintain visibility. With the right visibility into threats, enterprises can more securely connect their people, data and processes to the cloud.”
IBM’s new cloud security tools use proven analytics to give companies a clear line of sight into the security status of their entire business—from private data centers, to the cloud—even to an individual employee’s mobile device. This unprecedented “single-pane-of-glass” view shows exactly who is using the cloud, what data individuals are accessing and from where they are accessing it.
Designed to be used with different users, whether it be a developer or line-of-business executive, the portfolio also includes analytics and security intelligence for public cloud services such as IBM’s SoftLayer. In addition, the offering features IBM’s Managed Security Services platform, which can help secure the cloud for IBM clients as well as clients of companies like Amazon Web Services and Salesforce.com.
Customers can also take advantage of the intelligence from more than 20 billion daily security events that IBM’s Managed Security Services team monitors in more than 130 countries. With this insight, they can identify threats in real time and proactively defend their companies from sophisticated attacks on all fronts.
According to a new IBM study of nearly 150 Chief Information Security Information Officers (CISOs), while 85 percent say their organizations are now moving to cloud, almost half expect a major cloud provider to experience a security breach. Despite these concerns, critical workloads processing customer and sensitive data are still moving to the cloud.
IBM’s new Dynamic Cloud Security portfolio addresses the security gaps that can exist between on-premise, cloud, software-as-a-service (SaaS) and mobile applications. The portfolio is focused on authenticating access, controlling data, improving visibility and optimizing security operations for the cloud. Developed over the past year by 200 engineers, the new tools can be deployed in the cloud or on-premise, matching the hybrid IT environments customers are managing.
Visibility Across the Cloud
With organizations using public cloud services at an increasing rate, they must be able to dynamically analyze the security posture of users, apps, networks, mobile devices and other assets across their enterprise and in the cloud. IBM’s new Dynamic Cloud Security portfolio extends IBM QRadar — the industry’s leading security analytics platform — to the IBM SoftLayer cloud and other public cloud services, such as Amazon Web Services.
Connect Users to the Cloud More Securely
Some of the IBM Dynamic Cloud Security portfolio’s new offerings help secure user access to cloud services as organizations extend their data centers to public cloud environments. They can centralize the granting of correct privileges to users and provide extra security around users who have administrator access to sensitive data. These offerings can monitor and track access to applications with the right level of authentication controls, including multi-factor authentication. Another portfolio offering can also help developers build single-sign-on security into their applications using APIs.
Lock Down Data in the Cloud
With the IBM Dynamic Cloud Security portfolio, enterprises can deploy proactive tools to automatically discover, classify and assess sensitive data stored in cloud-hosted repositories, including activity monitoring for both structured and unstructured data. Leveraging the same type of data activity monitoring tools used in the private data center, teams can now monitor activity in the cloud and create centralized auditing for data sources deployed on cloud.
Data protection also involves discovering and remediating vulnerabilities in the applications that access that data, yet developers often lack the security expertise to spot vulnerabilities in their code. The new tools will quickly analyze both Web and mobile applications for security weaknesses. Developers can then remedy those vulnerabilities before they put the application into production or place it in an app store.
Optimize Security Operations for the Cloud
IBM Intelligent Threat Protection Cloud is a managed services platform that monitors the cloud environment. Drawing upon its billions of security events, it includes advanced analytics with new correlation technologies and external data feeds. With data sources growing and companies and infrastructures becoming more dispersed, these analytics can provide real-time insight into what’s happening in the cloud, enabling quick detection and response to intrusions into a client’s network. This new platform can improve threat response times and help secure these new cloud workloads for any business. These services can be accessed from anywhere at any time and are built for a variety of IT environments in any combination.
IBM Global Financing can also provide financing options for the IBM Dynamic Cloud Security portfolio to help minimize up-front cash outlays and conserve cash for other strategic initiatives.
With more than two years of double-digit growth in security revenues, IBM has emerged as the largest enterprise security management vendor in the world. This industry-leading position is the result of an ongoing commitment which includes a dozen security acquisitions over the past decade, more than $2 billion in dedicated security research and development and more than 3,000 security related patents.
The new security solutions also further IBM’s commitment to the enterprise cloud. To date, IBM has invested $1.2 billion to expand its global cloud footprint to 40 data centers in every major market as well as another $7 billion in key cloud acquisitions including the $2 billion acquisition of SoftLayer.