IBM said the company is looking to many of its existing tools, from the Tivoli management system to Cognos business intelligence software, to secure private and IBM-hosted hybrid clouds as customers migrate to these new computing setups.
Steve Robinson, general manager for IBM security solutions, told Network World during this week’s IBM Innovate Conference for software developers that enterprises using clouds should be able to establish means of authentication, provisioning of resources and de-provisioning of them in an automated way.
IBM’s Tivoli management platform is being updated for role-based controls in the cloud and will be out later this year.
“Identity management is a foundation piece,” Robinson said.
IBM’s research division is working on a real-time monitoring system in which it would be possible to correlate identity with any activity on the network, such as data access and download, to immediately determine security and policy violations.
“Could you detect an upset employee who comes in on a Saturday and walks out with 4GB of data?” Robinson asked, pointing out that IBM’s goal with the project is to have a way to detect, store and analyze every network activity in order to determine security and policy violations on a real-time basis.
This would be done by bringing together functionality in IBM’s InfoSphere Stream data analysis tool, IBM Cognos business intelligence and IBM SPSS, the predictive analytics software that can be used for fraud control. No timetable was announced for rollout.
Overall, IBM’s goal is to “build security into the fabric of the cloud” to overcome security concerns customers have about cloud computing in virtualized environments, said Harold Moss, IBM CTO for cloud security strategy, during a panel discussion at Innovate. “The cloud is potentially more secure” than traditional networks, he said.
While IBM is supporting encryption and ways to audit for compliance purposes, the company has also started investing in technology to keep track of virtual-machine images (IBM states it is “hypervisor-agnostic” in terms of the virtualisation platform used).
IBM has begun cataloging virtual-machine images held in its cloud on behalf of customers and has started to monitor the VMs to detect any unexpected movement across the network, said Scott Hebner, vice president of global marketing at IBM’s Tivoli division.