IBM simplifies zero trust approach to security
IBM Security has introduced a new Software as a Service (SaaS) version of IBM Cloud Pak for Security, designed to simplify how organisations deploy a zero trust architecture across the enterprise. The company also announced an alliance partnership with leading cloud and network security provider, Zscaler, and new blueprints for common zero trust use cases.
The COVID-19 pandemic has meant a huge shift to remote working, with businesses having to change the way they work and how they deal with their data, ensuring it is secure. A recent ESG study found that 45% of organisations who were more mature in their zero trust strategies had a very smooth transition to employees working from home, as compared to only 8% of those that were the least mature.
"With a mobile workforce and data residing everywhere, the Internet has become our primary network," said Mauricio Guerra, CISO for The Dow Chemical Company. "Embracing a zero trust architecture enables us to add new capabilities and strengthen security. Working with partners like IBM Security and Zscaler can help us provide users with secure remote access to all of our locations, as well as access to applications wherever and however they are hosted."
The new IBM Security zero trust blueprints offer a framework for building a security program designed by applying the core principles of zero trust: least privilege access; never trust, always verify; and assume breach. These blueprints can offer companies a prescriptive roadmap of security capabilities along with guidance on how to integrate them as part of a zero trust architecture.
The IBM Security zero trust blueprints help address the following business initiatives:
- Preserve customer privacy: The capabilities and integrations in this privacy blueprint tie together the security and compliance capabilities that help organisations protect the integrity of customer data and manage privacy regulations. Using this blueprint, organisations can enforce limited and conditional access to all data and help reduce exposure in the event of a compromise.
- Secure the hybrid and remote workforce: With the hybrid workforce blueprint, organisations can build a workforce that can securely connect to any application on any network, from any location using any device.
- Reduce the risk of insider threat: With the insider threat blueprint, organisations can proactively manage insider threats from every vector, helping to strengthen resiliency and limit business disruption. The integrated capabilities outlined in this blueprint are designed to detect user behavior anomalies, adaptively enforce security policies with automation, and insulate your most valuable data.
- Protect the hybrid cloud: The hybrid cloud blueprint can help organisations modernise their security program with visibility and control over the most sensitive data and activities as they migrate to the cloud. The capabilities included in this blueprint are designed to enable continuous compliance, reporting, and response while monitoring for cloud misconfigurations and building consistent enforcement of security policy across all cloud workloads.
"The only way to truly secure today's digital businesses is to adopt a zero trust security model where validated user identity is combined with business policies for direct access to authorized applications and resources. Our alliance partnership with IBM Security, as part of the Zscaler Zero Trust Ecosystem, is helping organisations and their employees fully embrace working from anywhere while protecting enterprise data." said Jay Chaudhry, Chairman, CEO, and Founder of Zscaler.