ibm future of work forum€¦ · approved cloud apps mobile byod on prem risky apps approved apps...

IBM Cognitive

IBM Future of Work Forum

The Engaged Enterprise Comes Alive

Improving Organizational Collaboration and Efficiency While Enhancing Security on Mobile and Cloud Apps

Chris HockingsIBM Master Inventor

2 9/9/2016 © 2016 IBM


Smartphones bring great opportunity to help drive better IT process

• Utilize the best aspects of the device to drive better engagement

• Good design incorporates new platform elements• Trusted computing modules• GPS and geolocational data• Behavioral elements• Profile/sandbox

3 9/9/2016 © 2016 IBM


Allowing users to bring their own Apps for their Mobile from Cloud

• Bring your own Apps

• Bring your own Authentication

• Bring your own Data

• Bring your own Network

• Bring your own Social

• Bring your own Expectations!

4 9/9/2016 © 2016 IBM


COMPLIANCEHUMANERROR

SKILLS GAPADVANCED

ATTACKSINNOVATION

Today’s IBM Security focus areas

We’re focusing today on Innovation

5 9/9/2016 © 2016 IBM


Yes, Mobiles and Clouds have security problems

The list below represents the OWASP Mobile Top Ten 2016:

Threat No. 1: Weak Server Side Controls

Threat No. 2: Insecure Data Storage

Threat No. 3: Insufficient Transport Layer Protection

#4 Mobile Security Concern: Unintended Data Leakage

#5 Mobile Security Concern: Poor Authorization and AuthenticationThreat No. 6: Broken Cryptography

Threat No. 7: Client Side Injection

Threat No. 8: Security Decisions Via Untrusted Inputs

#9 Mobile Security Concern: Improper Session HandlingThreat No. 10: Lack of Binary Protection

The Cloud Security Alliance (CSA) recently published Cloud Computing’s Top Threats in 2016 report:

Threat No. 1: Data breaches

#2 Cloud Security Concern: Insufficient Identity, Credential and Access ManagementThreat No. 3: Hacked interfaces and APIs

Threat No. 4: Exploited system vulnerabilities

Threat No. 5: Account hijacking

#6 Cloud Security Concern: Malicious InsidersThreat No. 7: The APT parasite

#8 Cloud Security Concern: Permanent data lossThreat No. 9: Inadequate diligence

Threat No. 10: Cloud service abuses

Threat No. 11: DoS attacks

Threat No. 12: Shared technology, shared dangers

6 9/9/2016 © 2016 IBM


Why IBM and Box – The Security Perspective

Transform work for your industry by delivering the right information

to your people, customers and partners wherever they are

Reduce risk with best in-class security, compliance, and global

availability

Joint development activities to deliver new innovation for content

rich applications

1

2

3

7 9/9/2016 © 2016 IBM


Which basic security technology domains help the enterprise?

8 9/9/2016 © 2016 IBM


Web Security Gateways

AppScan

MobileFirst Protect (MaaS360)

QRadar SIEM

QRadar Vulnerability Manager

IBM X-Force Research

QRadar Risk Manager

QRadar Incident Forensics

QRadar Log Manager

zSecure

TrusteerMobile

TrusteerRapport

SiteProtector

Network Protection XGS

Key Lifecycle Manager

Guardium

Identity Manager

Access Manager Identity Governance and Intelligence

Privileged Identity Manager

BigFix

Trusteer Apex

Network

Advanced

Fraud

Data

Mobile

Applications

Endpoint

Identityand

Access

Security Intelligence

TrusteerPinpoint

ConsultingServices

ManagedServices

Mobile

Engagement is a critical aspect of security programs of work

Data

Applications

9 9/9/2016 © 2016 IBM


Identify your users, secure and retain identity controls

Access Management for user preferred authentication and Single Sign-on capability

On-premise employee or customer authentication scenarios

Identity governance and privileged identity management

Lifecycle management of your employees as they enter and leave the organization

#5 Mobile Security Concern: Poor Authorization and Authentication

#6 Cloud Security Concern: Malicious Insiders

10 9/9/2016 © 2016 IBM


Keep enterprise mobile content secure

Single console to control and manage all apps, including Box

Enforces policies to ensure data is secure based on a user’s role or device security posture

Pre-integrated with Box APIs

#8 Cloud Security Concern: Permanent data loss


#9 Mobile Security Concern: Improper Session Handling

11 9/9/2016 © 2016 IBM


Let’s see them in action

12 9/9/2016 © 2016 IBM


Securely understand and then deploy cloud services

Detect and track approved services while blocking shadow apps

Leverage standard Box protocols for single sign on (SSO) for seamless user experience

App catalog to connect users to approved cloud apps

MOBILE

BYOD

ON PREM

RISKY APPS

APPROVED APPS

EMPLOYEES

Identity and Access Control

Threat Prevention

Policy Enforcement

Discovery and Visibility

Cloud Event Correlation

DETECT PROTECTCONNECT

#2 Cloud Security Concern: Insufficient Identity, Credential and Access Management


Know what your users are doing both on premise and from the cloud

13 9/9/2016 © 2016 IBM


box and IBM Cloud Security Enforcer in action

• Connect Users with Enterprise Box instance, provide SSO, provide governance

16 9/9/2016 © 2016 IBM


Summary

• Employees expect the same engagement at work as in life

• Cloud and Mobile is helping enterprise achieve similar levels of engagement

• Threat actors are focusing efforts to exploit vulnerabilities in cloud and mobile services

• Enterprise collaboration can be enabled by applying identity and mobile security controls

• Standardizing on services such as Box for storage and help concentrate investment and therefore optimize spend

ibm future of work forum€¦ · approved cloud apps mobile byod on prem risky apps approved apps...

Documents