The firm announced Armonk Cloud Security Enforcer, a solution that aims to fight against the risks linked to the use of cloud applications by employees not approved by the IT department.
IBM launched Cloud Security Enforcer, a security offering hosted in the cloud. The latter aims announced to fight against this which are called sometimes the “shadow IT” namely the use of unapproved applications or business processes in the IT department. A phenomenon increasingly common, sets big blue warning in a statement, revealing (based on his own study) that a third employee of the Fortune 1000 companies standings sharing and downloads enterprise data through external cloud applications.
Typically, these apps are used in the private and the employees connect to it without taking care with their private identifiers, connected to their corporate network. IBM adds: “The increasing use of mobile applications also includes a security risk: nearly 40% of mobile applications developed today are not properly secured when they arrive on the market.”
Scan and detection of unauthorized apps
This solution offers companies identify apps that employees use and provide a more secure way to access, big blue explains. To do this, the solution scans corporate networks and detect unauthorized use of the cloud application. The IT department then has the opportunity to identify and configure the applications that employees want to use. In addition, via specific third party cloud applications, companies can also determine which data can be shared or not.
Leveraging identity management technology via the cloud IBM (Identity-as-a-Service) Cloud Security Enforcer is based on the content management cloud-based Box, as well as on secure connections, “which includes automatic assignment of sophisticated passwords, and helps mitigate security vulnerabilities caused by human error (95% of all incidents), such as low- passwords, “says IBM.