IBM Security WebinarIBM Cloud Security EnforcerJOHAN LARKSATERSECURITY SAAS EUROPE – IBM SECURITYJUNE 2016

2 IBM Security 2© 2016 IBM Corporation

What we will cover

• Introductions

• The cloud is here, ready or not

• Cloud Security Enforcer overview

• Cloud app visibility, Qradar integration, and mobile

• Secure connectivity and IDaaS

• Protection and policies

• Wrap up and Q & A

3 IBM Security 3© 2016 IBM Corporation

Today’s Featured Guest

Sean BrownOffering ManagerCloud Security

4 IBM Security 4© 2016 IBM Corporation

Cloud is here to stay, are you ready to move with the business?

EMPLOYEES IT OPERATIONS YOUR BUSINESS

Look for better ways to get their jobs done

Find cloud services quick and easy to use

Wants to save money and reduce complexity

Wants to automate and consolidate IT

Loses visibility and control over IT

New risk requires new safeguards

5 IBM Security

Security and IT leaders face new challenges

CISO / CIO:

Uncover “Shadow IT” Gain visibility of all cloud app usage Simplify connecting to approved apps Remove mobile blind spots

Stop risky user behavior Quickly react to cloud threats Address compliance

and governance concerns

How does my organization?

“My team is not equipped to manage the increased employee usage

and demand for cloud”

6 IBM Security

IBM Cloud Security Enforcer

PROTECTAgainst cloud-related threats

CONNECTUsers to approved cloud apps

DETECTUsage of cloud apps and actions

7 IBM Security

A new SaaS solution to help securely deploy cloud services

Identity and Access Control

Threat Prevention

Policy Enforcement

Discovery and Visibility

Cloud Event Correlation

DETECT CONNECT PROTECT

MOBILE

BYOD

ON PREM

RISKY APPS

APPROVED APPS

EMPLOYEES

8 IBM Security 8© 2016 IBM Corporation

DETECTApp usage and user activity

9 IBM Security 9© 2016 IBM Corporation

Discover thousands of cloud apps View analytics and risk reports Chart progress over time

DETECT APPROVED / SHADOW APPS

10 IBM Security 10© 2016 IBM Corporation

Correlate cloud activity to employees Identify suspicious activities and trends See and respond to priority alerts

DETECT DETAILED USER ACTIVITY

11 IBM Security 11© 2016 IBM Corporation

IBM Cloud Security Enforcer QRadar Connector

• IBM Cloud Security Enforcer QRadar Connector offers SOC operators a view of the top offense, user, and application data from IBM Cloud Security Enforcer within QRadar itself, thus providing a streamlined view of security in one pane of glass.

• The application is configured via an admin plugin where the user can specify the hostname of the Cloud Security Enforcer assigned to them.

• From this point dashboard widgets are provided to view current day offense, user, and application data.

12 IBM Security 12© 2016 IBM Corporation

Visibility of high risk users and cloud applications Covers the “Mobile Blind Spot” that most SIEM tools miss Behavioral analysis for mobile users with alerting

Enhances QRadar with:

13 IBM Security 13© 2016 IBM Corporation

DemoIBM Cloud Security Enforcer QRadar Connector

14 IBM Security 14© 2016 IBM Corporation

IBM Cloud Security Enforcer – Discovery

Cloud, SaaS, & Private Apps

SecureGateway

. . .(plus many more)

Discovery

EnterpriseEmployees

Microsoft Active Directory

EventCollection

IDBridge

DirectorySync

15 IBM Security 15© 2016 IBM Corporation

IBM Cloud Security Enforcer – Mobile Protection

Home WiFi /Cellular DataNetwork

Cloud, SaaS, & Private Apps

. . .(plus many more)

Mobile ProtectionClient

Gateway(VPN/Proxy)

Traffic Inspection

<<Fl

ow d

ata

16 IBM Security 16© 2016 IBM Corporation

CONNECTUsers to approved cloud apps

17 IBM Security 17© 2016 IBM Corporation

September 30, 2015

GitHub Connecter

GitHub Connecter for NA Dev Team

On/Off toggles for cloud access Correct out of policy application usage

CONNECT THE BUSINESS TO APPROVED APPS, DISABLE OTHERS

18 IBM Security 18© 2016 IBM Corporation

Display approved app catalog Enable self-onboarding Find and use apps faster

CONNECT USERS TO CLOUD APPS

19 IBM Security 19© 2016 IBM Corporation

IBM Cloud Security Enforcer – Single Sign-On & Launchpad

Microsoft Active Directory

Cloud, SaaS, & Private Apps

SecureGateway

. . .(plus many more)

EventCollection

IDBridge

DirectorySync

SSO [Service Provider] Launchpad

& Catalog

SSO [Identity Provider]

EnterpriseEmployees

20 IBM Security 20© 2016 IBM Corporation

ProtectAgainst cloud-related threats

21 IBM Security 21© 2016 IBM Corporation

Understand cloud app reputation Prioritize apps based on past threats Limit interaction with unsafe apps

PROTECT AGAINST RISKY APPS

22 IBM Security 22© 2016 IBM Corporation

Establish user risk ratings Address “rogue” cloud app usage User risk score calculated by aggregate usage Send alerts when there’s risky behavior

PROTECT AGAINST RISKY BEHAVIOR

24 IBM Security

Key takeaways

First solution to combine cloud discovery, identity & access, and threat prevention

Focused on securely enabling the business for cloud apps

Protects against cloud threats using IBM’s network of threat intelligence

123

ibm.com/security/cloud-enforcer

25 IBM Security 25© 2016 IBM Corporation

130+countries where IBM delivers

managed security services

25 industry analyst reports rankIBM Security as a LEADER

No. 1 enterprise security software vendor in total revenue

12K+ clients protected

90% of the Fortune 100 companies

Visit our web page ibm.com/security/

Watch our videosIBM Security YouTube Channel

View upcoming webinars & blogssecurityintelligence.com

Follow us on Twitter@ibmsecurity

Join IBM X-Force Exchangexforce.ibmcloud.com

ibm.com/security

securityintelligence.com

xforce.ibmcloud.com

@ibmsecurity

youtube/user/ibmsecuritysolutions

© Copyright IBM Corporation 2016. All rights reserved. The information contained in these materials is provided for informational purposes only, and is provided AS IS without warranty of any kind, express or implied. IBM shall not be responsible for any damages arising out of the use of, or otherwise related to, these materials. Nothing contained in these materials is intended to, nor shall have the effect of, creating any warranties or representations from IBM or its suppliers or licensors, or altering the terms and conditions of the applicable license agreement governing the use of IBM software. References in these materials to IBM products, programs, or services do not imply that they will be available in all countries in which IBM operates. Product release dates and / or capabilities referenced in these materials may change at any time at IBM’s sole discretion based on market opportunities or other factors, and are not intended to be a commitment to future product or feature availability in any way. IBM, the IBM logo, and other IBM products and services are trademarks of the International Business Machines Corporation, in the United States, other countries or both. Other company, product, or service names may be trademarks or service marks of others.

Statement of Good Security Practices: IT system security involves protecting systems and information through prevention, detection and response to improper access from within and outside your enterprise. Improper access can result in information being altered, destroyed, misappropriated or misused or can result in damage to or misuse of your systems, including for use in attacks on others. No IT system or product should be considered completely secure and no single product, service or security measure can be completely effective in preventing improper use or access. IBM systems, products and services are designed to be part of a lawful, comprehensive security approach, which will necessarily involve additional operational procedures, and may require other systems, products or services to be most effective.

IBM DOES NOT WARRANT THAT ANYSYSTEMS, PRODUCTS OR SERVICES ARE IMMUNE FROM, OR WILL MAKE YOUR ENTERPRISE IMMUNE FROM, THE MALICIOUS OR ILLEGAL CONDUCT OF ANY PARTY.

FOLLOW US ON:

THANK YOU