The BYOD trend remains as strong as ever according to IBM’s recent security study. Their research returned feedback indicating that over 30% of Fortune 1000 employees share and upload corporate data on third-party cloud apps, despite increasing awareness over the last few years of the risks of ‘shadow IT’.
The stubbornness and secrecy of Senate politician and presidential candidate Hilary Clinton in running dual public and private communications systems has certainly thrown the spotlight on cloud security risks – which affect the public sector as much as the private sector. This has been a trigger for IBM to launch their new Cloud Security Enforcer (“CSE”). Added to this, 25% of those surveyed link to cloud apps using a corporate log-in and password.
IBM’s new corporate protection device using their host IBM Cloud, aims to counter this by combining cloud identity management (“Identity-as-a-Service”), with the ability to discover any outside apps employees are using (including those on their mobile devices to make access more secure).
1. CSE enables detection of unauthorised cloud app usage, followed by secure configuration of the apps as well as managing, viewing and directing how employees can use them.
2. Can determine and enforce which data owned by an organisation can or cannot be shared by employees via specific third-party cloud apps.
3. Security-focused connectors can connect employees to third-party cloud apps which include automatically assigned sophisticated passwords to help alleviate security breaches from human error.
4. Finally CSE employs its global X-Force Exchange threat intelligence network to protect against employee-induced and cloud-based threats by analysing real-time threat data. These involve scans of the internet and analysis of more than 20 billion global security events daily as a safeguard.
With connectors into Box’s cloud-based content management; a collaboration platform with Microsoft Office 365, Google Apps, Salesforce.com + other popular enterprise software, IBM’s broad view on seeking to secure and manage the wilder risks from cloud to business should resonate in the marketplace, though as of yet the price point for Cloud Security Enforcer has yet to be published, but it is certainly indicating of intelligent packing for enterprise organisations. As long as users retain the freedom to use their personal devices without interference from their organisations and equally, that enterprise has the ability to securely ringfence company data, then the two can sit comfortably side by side and it’s a good package.
Following the building of its first datacentre in the US, as first announced in our blog of 10th November 2014, Chinese e-commerce company, Alibaba, has launched an Infrastructure as a Service (IaaS) cloud offering called Aliyun in the US. The company offers a range of IaaS cloud services including elastic compute, storage databases, content delivery, security and analytics products.
This is all part of a long term globalisation strategy to create data centres in Europe, Asia and the Middle East. In the fourth quarter of 2014 Aliyun reported revenues of $147 million. So far Alibaba has been targeting Chinese enterprises in the US, but confirmed it is setting its sights on America’s largest ecommerce company, Amazon and its cloud computing division Amazon Web Services in the longer term to attract US business. Alibaba’s cloud computing President, Simon Hu said, “We strongly believe our products and services can not only tap into demand from Chinese companies, but also serve overseas clients who run international businesses”. By building up relationships with US hosting partners in Silicon Valley in recent weeks, Alibaba has taken a real step closer to achieving its early goals by gaining this foothold in the States.
Both companies are dominant in their respective markets for ecommerce and IaaS and the race is on now as each targets the others core customer base. However, both companies face a significant challenge in overcoming the natural suspicions of each nation towards the other on the topic of security. Despite China being the world’s richest economy (having shipped US$1.623 trillion worth of goods around the globe in 2014, up by 48.5% since 2010), data control is a very different beast to sell in contrast to electronics, manufacturing and clothes.
Amazon along with Microsoft has sought to enter the Chinese cloud market, but legal regulations are making it difficult for both of them. Alibaba for its part, had to develop datacentres outside China, if it was to argue against accusations of interference and controls from the Chinese government. However, given the speed of its economy’s growth in the last decade there is clearly significant opportunity in the world market for Chinese businesses to use Alibaba.
China-based Forrester cloud analyst Frank Liu believes this niche position of Alibaba’s having a China-centric customer base (going global), could prove compelling as China’s economy continues to expand. This heritage may yet prove a difficult pill for US customers to swallow though. With only one week since the mass ‘cyber intrusion’ of 4 million US public sector workers (which security experts believe could only have originated from China or Russia), the thorny issue of trust within the data community will remain at the top of the agenda.