The Channel logo


By | Paul Kunert 22nd September 2015 15:33

IBM: Listen up, we're the sheriffs of this leaky external app town

Gonna shoot down those Bring Your Own Cloud apps vulns

IBM is finally waking up to the potential threat that employees’ Bring Your Own Cloud-based apps pose for corporate enterprises, prompting it to roll out a security service.

The Cloud Security Enforcer includes ID management-as-a-service and scans the corporate network to discover external apps that workers are using, then seeks to secure the access, Big Blue said.

The problems tend to arise when staffers jump into Google Docs, Dropbox or Box to share documents with each other.

“By using these third party cloud applications, organisations cannot see, manage or secure the information employees are sharing outside of company policy,” said Andy Lane, programme director at IBM Security.

A study commissioned by IBM Security showed one in three Fortune 1000 employees regularly saves and shares data on external clouds that can’t be tracked, a trend that is only going to grow.

One in four workers also link the apps to their corporate log-in and password, potentially creating “vast loopholes” that hackers can use to get into the corporate network.

“Whether it’s allowed by their employer or not, they’re still going to use outside tools, and upload company data to them. Instead of fighting this activity, companies would be wise to look for ways to give their employees secure access to cloud apps,” said Lane.

An analyst pointed out Dropbox, Box, Microsoft and Google introduced “business variants” of their consumer doc sharing clouds a number of years ago to head off the potential security problem.

“We are seeing more use of these enterprise-friendly alternatives,” he said. Educating users on a safe use of clouds is a more useful way of tackling the problem.

Blocking technologies, as he described Cloud Security Enforcer, “only gets you so far because users will always find a way around such measures". ®

comment icon Read 1 comment on this article or post a comment alert Send corrections


Frank Jennings

What do you do? Use manual typwriters or live in a Scottish croft? Our man advises
A rusty petrol pump at an abandoned gas station. Pic by Silvia B. Jakiello via shutterstock

Trevor Pott

Among other things, Active Directory needs an overhaul
Baby looks taken aback/shocked/affronted. Photo by Shutterstock

Kat Hall

Plans for 2 million FTTP connections in next four years 'not enough'
Microsoft CEO Satya Nadella


League of gentlemen poster - Tubbs and Edward at the local shop. Copyright BBC
One reselling man tells his tale of woe