IBM Helps Customers Adopt a Zero Trust Approach to Security

By Ibm7 days ago

CAMBRIDGE, Mass., May 5, 2021 /PRNewswire/ --IBM (NYSE: IBM) Security today introduced a new Software as a Service (SaaS) version of IBM Cloud Pak for Security, designed to simplify how organizations deploy a zero trust architecture across the enterprise. The company also announced an alliance partnership with leading cloud and network security provider, Zscaler,and new blueprints for common zero trust use cases.

For security professionals, zero trust is a framework for modernizing their overall security programs and helps them adapt to the risks emerging from their changing business environment. In fact, a recent ESG study found that 45 percent of organizations who were more mature in their zero trust strategies had a very smooth transition to employees working from home, as compared to only 8 percent of those that were the least mature1.


With a mobile workforce and data residing everywhere, the Internet has become our primary network, said Mauricio Guerra, CISO for The Dow Chemical Company who will participate in IBM Think on May 11. Embracing a zero trust architecture enables us to add new capabilities and strengthen security. Working with partners like IBM Security and Zscaler can help us provide users with secure remote access to all of our locations, as well as access to applications wherever and however they are hosted.

The new IBM Security zero trust blueprints offer a framework for building a security program designed by applying the core principles of zero trust: least privilege access; never trust, always verify; and assume breach. These blueprints can offer companies a prescriptive roadmap of security capabilities along with guidance on how to integrate them as part of a zero trust architecture. The capability and guidance for these blueprints were developed from real customer engagements to help organizations plan their zero trust journey and investments with a pragmatic approach that better aligns security and business objectives.

The IBM Security zero trust blueprints help address the following business initiatives:

  • Preserve customer privacy:The capabilities and integrations in this privacy blueprint tie together the security and compliance capabilities that help organizations protect the integrity of customer data and manage privacy regulations. Using this blueprint, organizations can enforce limited and conditional access to all data and help reduce exposure in the event of compromise. This connection will help generate insights into data usage and privacy risk, and enforce policies to keep data usage aligned with its purpose. This approach helps organizations detect and respond efficiently to risk and compliance issues with automated remediation processes that use multiple tools including the latest version of IBM Cloud Pak for Security, which now includes a more extensive set of data security capabilities from IBM Security Guardium.
  • Secure the hybrid and remote workforce: With the hybrid workforce blueprint, organizations can build a workforce that can securely connect to any application on any network, from any location using any device. As part of this solution, IBM is announcing an alliance partnership with Zscaler to help organizations connect users to applications seamlessly and securely. IBM Security Services combines the technology of Zscaler and the expertise of IBM to help clients adopt an end-to-end secure access service edge (SASE) approach. Additionally, the integration of Zscaler Private Access TMand Zscaler Internet Access TMwith core technologies from IBM Security, such as IBM Security Verify, can help provide the foundation of a zero trust architecture.
  • Reduce the risk of insider threat:With the insider threat blueprint, organizations can proactively manage insider threats from every vector, helping to strengthen resiliency and limit business disruption. The integrated capabilities outlined in this blueprint are designed to detect user behavior anomalies, adaptively enforce security policies with automation, and insulate your most valuable data. New mobile threat detections from IBM Security MaaS360 with Watson power enhanced user behavior analytics delivered as a part of IBM Cloud Pak for Security.
  • Protect the hybrid cloud: The hybrid cloud blueprint can help organizations modernize their security program with visibility and control over the most sensitive data and activities as they migrate to the cloud. The capabilities included in this blueprint are designed to enable continuous compliance, reporting and response, while monitoring for cloud misconfigurations and building consistent enforcement of security policy across all cloud workloads. As part of this blueprint, customers can choose to purchase IBM Security Services for Cloud which offers an open, automated approach to help simplify hybrid cloud security. This solution brings together cloud-agnostic security expertise together with an integrated set of cloud, proprietary and third-party technology solutions.

Continue read on