IBM boosts security portfolio

IBM Corp.’s move into security has been long and short: The company has had security products for years, but only set up a security division recently.

As if to make up for lost time, the company has made what it says is its biggest software release since the unit was set up, with new products or enhancements of existing products to improve cloud, mobility and big data protection.

“IBM made a very large strategic decision to make a security division within the software group at the beginning of this year,” Kevin Skapinetz, the company’s program director for security strategy, said in an interview.

“We acquired Q1 Labs and we had a number of other security capabilities within IBM and we decided to build a security division with one voice out to the CISO (chief information/security officer) to try and tackle these very high level problems. We’re not interested in point solutions.

“Our strategy is around tackling some of these megatrends around cloud and mobile and data security and we thought there’s not better way than to bring together a lot of our new capabilities.”
RELATED CONTENT

The announcements include

For mobile protection, new to the lineup is IBM Security Access Manager for Cloud and Mobile, which lets IT administrators create risk-based scoring of mobile devices that access corporate networks.

It also allows developers using IBM’s Worklight mobile application development platform to use the application programming interfaces (APIs) in Access Manager) for authentication when creating apps.

On the cloud side, Security Access Manager for Cloud and Mobile allows federated single-sign on for different cloud services providers. This allows IT departments easier provisioning for mobile users, who can use the same identities within or outside the organization across different cloud providers, also the single sign-on leverages access control for third party clouds.

Finally, the existing IBM Endpoint Manager for Mobile Devices has added adding additional enrolment capabilities to help with BYOD and new device configuration baselines to help policy management.

For cloud protection, joining Security Access Manager is Smart Cloud for Patch Management, an integration of two existing products: End Point Manager for Patch Management, which has patch management capabilities, and Smart Cloud Provisioning, which allows customers to provision virtual machine workloads to the cloud (set VMs up, making sure they are deployed to the appropriate resources).

 “You can now have out of the box patch management with your provisioning process,” Skapinetz said, “which can help apply patches as they’re being shipped to cloud workloads.

Related to cloud security is an enhancement for IBM Security zSecure, which gives mainframe customers on zOS and zLinux improved security awareness and automated auditing capabilities. That is achieved by integrating zSecure with IBM’s QRadar solution, which gives real-time alerts.

For data security, IBM InfoSphere Guardium v.9 offers a version with real-time monitoring and automated compliance reporting for unstructured Hadoop-based data systems such as InfoSphere BigInsights and Cloudera.

In addition, to help protect data InfoSphere Optim Data Privacy now has the ability to strip sensitive data of personal information. Skapinetz said it will be useful for when IT departments need real data for testing apps without violating corporate security policies, or when an organization needs to share data with partners where confidential data can’t be released.