IBM unveils ‘intelligent cloud security’ portfolio for global businesses

IBM has built what it claims is the industry’s first intelligent security portfolio for protecting people, data and applications in the cloud.

Built on the company’s investments in cloud, security and analytics software and services, the new offerings are designed to protect a business’s most vital data and applications using advanced analytics across their enterprise, public and private clouds and mobile devices — collectively known as the hybrid cloud model.

This rapid adoption of cloud is taking place as businesses still struggle to safeguard their existing IT systems against attackers who are becoming increasingly sophisticated and more difficult to detect. Currently, 75 percent of security breaches take days, weeks or even months to be discovered, significantly increasing the damage inflicted by attackers.

“Customers are now moving actual critical workloads to the cloud and they expect enterprise grade security to move with it,” said Brendan Hannigan, General Manager, IBM Security Systems. “We have pivoted our entire security portfolio to the cloud to help customers lock down user access, control data and maintain visibility. With the right visibility into threats, enterprises can more securely connect their people, data and processes to the cloud.”

IBM’s new cloud security tools use proven analytics to give companies a clear line of sight into the security status of their entire business—from private data centers, to the cloud—even to an individual employee’s mobile device. This unprecedented “single-pane-of-glass” view shows exactly who is using the cloud, what data individuals are accessing and from where they are accessing it.

Designed to be used with different users, whether it be a developer or line-of-business executive, the portfolio also includes analytics and security intelligence for public cloud services such as IBM’s SoftLayer. In addition, the offering features IBM’s Managed Security Services platform, which can help secure the cloud for IBM clients as well as clients of companies like Amazon Web Services and Salesforce.com.

Customers can also take advantage of the intelligence from more than 20 billion daily security events that IBM’s Managed Security Services team monitors in more than 130 countries. With this insight, they can identify threats in real time and proactively defend their companies from sophisticated attacks on all fronts.

According to a new IBM study of nearly 150 Chief Information Security Information Officers (CISOs), while 85 percent say their organizations are now moving to cloud, almost half expect a major cloud provider to experience a security breach. Despite these concerns, critical workloads processing customer and sensitive data are still moving to the cloud.

IBM’s new Dynamic Cloud Security portfolio addresses the security gaps that can exist between on-premise, cloud, software-as-a-service (SaaS) and mobile applications. The portfolio is focused on authenticating access, controlling data, improving visibility and optimizing security operations for the cloud. Developed over the past year by 200 engineers, the new tools can be deployed in the cloud or on-premise, matching the hybrid IT environments customers are managing.

Visibility Across the Cloud

With organizations using public cloud services at an increasing rate, they must be able to dynamically analyze the security posture of users, apps, networks, mobile devices and other assets across their enterprise and in the cloud. IBM’s new Dynamic Cloud Security portfolio extends IBM QRadar — the industry’s leading security analytics platform — to the IBM SoftLayer cloud and other public cloud services, such as Amazon Web Services.

Connect Users to the Cloud More Securely

Some of the IBM Dynamic Cloud Security portfolio’s new offerings help secure user access to cloud services as organizations extend their data centers to public cloud environments. They can centralize the granting of correct privileges to users and provide extra security around users who have administrator access to sensitive data. These offerings can monitor and track access to applications with the right level of authentication controls, including multi-factor authentication. Another portfolio offering can also help developers build single-sign-on security into their applications using APIs.