IBM tackles 'shadow IT' with a new cloud security tool for enterprises

If there's one thing that can strike terror into a CIO's heart, it's the security implications of the cloud; if there's another, it's the "bring your own" technology trend. Combine the two, and you've got the motivation behind IBM's new Cloud Security Enforcer.

Thanks to having set up used a private email server while U.S. Secretary of State, Hillary Clinton has become a poster child for "shadow IT," or the phenomenon by which employees bring their own technologies into the workplace, but there's no denying its prevalence. One-third of Fortune 1000 employees share and upload corporate data on third-party cloud apps, according to a recent IBM Security study. One in four link to cloud apps using a corporate log-in and password.

Announced Tuesday, Cloud Security Enforcer aims to help companies safeguard the increasing use of “bring your own” cloud-based apps at work. It combines cloud identity management, also known as Identity-as-a-Service, with the ability to discover any outside apps employees are using, including those on their mobile devices. Equipped with those combined capabilities, it enables companies to make access more secure, IBM said.

Hosted on IBM Cloud, the tool can scan a corporate network, find the apps employees are using and provide a more secure way to access them. Four core capabilities help make that happen.

First, companies can detect unauthorized cloud app usage, enabling them to identify and securely configure the apps that employees want to use as well as manage, view and direct how employees can use them.

Cloud Security Enforcer can also be used to determine and enforce which data owned by an organization can or cannot be shared by employees via specific third-party cloud apps.

The tool can connect employees to third-party cloud apps through security-focused connectors, including automatically assigning sophisticated passwords. That, in turn, can help alleviate security breaches caused by human error, IBM said.

Finally, Cloud Security Enforcer can also help protect against employee-induced and cloud-based threats by analyzing real-time threat data from IBM’s global X-Force Exchange threat intelligence network, which scans the Internet and analyzes more than 20 billion global security events daily.

IBM has built connectors for Cloud Security Enforcer into Box’s cloud-based content management and collaboration platform as well as Microsoft Office 365, Google Apps, Salesforce.com and other popular enterprise software. Pricing information was not immediately available.