The company said this is the first technology to combine cloud identity management with the ability for companies to discover outside apps being accessed by their employees, including those they are using on their mobile devices.
IBM said its research found that employees are increasingly engaging in risky practices, such as signing in with their personal email addresses, using weak passwords, or re-using corporate log-in credentials. The increased use of mobile apps also carries a risk: nearly 40 percent of the mobile apps developed today aren’t properly secured before they hit the market.
IBM’s new technology is also designed to help enterprises to address a potentially significant security exposure, given that currently they have visibility into only a fraction of the apps used by their workers.
Cloud Security Enforcer can scan a corporate network, find the apps employees are using, and provide a more secure way to access them. IBM has partnership with Box, which offers users strengthened security when sharing files via mobile devices and the web.
With the new technology, IBM has built connectors for Cloud Security Enforcer into Box’s leading cloud-based content management and collaboration platform. IBM said it has also built security-rich connectors for other popular and common apps at work, including tools from Microsoft Office 365, Google Apps, Salesforce.com, and more.
Further, IBM said the Cloud Security Enforcer also features added security checks on the integrity and safety of apps being used by employees. These checks are done with the deep threat analytics from IBM X-Force, IBM’s global threat intelligence network.
IBM claimed that its new technology will help organizations to reduce the challenges of “Shadow IT and defend against malicious actors looking to prey on unsafe cloud app usage. Moreover, it is expected to help companies to realise the productivity and efficiency benefits of using cloud apps more securely.