Boosting security in the cloud with SaaS

Share this post:

IT security threats can be daily, and can come from anywhere, through any application. As IT and business leaders look at implementing Software as a Service (SaaS) applications, a key consideration is the security of putting data in the cloud.

As the Chief Information Security Officer of IBM’s cloud business, I can tell you that they are not alone. Over 80% of us say the challenge posed by external security threats has increased in the last three years with nearly daily leaks of sensitive data.Consider this fact: Mobile malware is impacting 11.6 million devices. This means security professionals are more accountable than ever before — especially with trends with more employees requiring greater accessibility to their work wherever they are – on any device they chose.

As new technologies pose new risks and traditional security practices aren’t sustainable — it’s important that SaaS applications rise to the challenge.

Meeting new security and privacy standards

At IBM, we’ve committed to ensuring that we embed privacy and security throughout over 150 SaaS applications — as well as throughout our cloud itself. Our SaaS offerings are designed to be ISO 27002 compliant, and ISO 27001 certification for SaaS offerings is in process through 2Q2016.

We’ve established leadership on new standards such as ISO 20243 — and we’ve gone beyond our competition to support privacy requirements by standardizing on our global SoftLayer platform. This hosting infrastructure is used by the majority of SaaS offerings and is ISO 27018 compliant.

But today’s standardized level of control may be irrelevant tomorrow — because in today’s landscape, threats are constantly changing. Here at IBM, we constantly examine new threat levels and review our controls. We’ve prided ourselves in being a practice leader in all areas of cyber-security and data protection — and have what we call “adaptive” controls. This is our commitment to our own internal security as well to our clients.

Learn from security experts

Interconnect, IBM’s premier cloud and mobile conference, takes place February 21-25 at Mandalay Bay in Las Vegas. Check out this session preview tool to find out how you can learn from the experts on the benefits of moving to cloud. Don’t miss our security panel discussion taking place as part of the Cloud Business Applications track to demonstrate further how SaaS applications are designed to be an important part of staying secure in the cloud.

David Cass (@dcass001) is IBM’s Vice President of Cloud and CISO of SaaS.

IBM Cloud

More Security stories

French insurer teams with IBM Services to develop fraud detection solution

Auto insurance fraud costs companies billions of dollars every year. Those losses trickle down to policyholders who absorb some of that risk in policy rate increases. Thélem assurances, a French property and casualty insurer whose motto is “Thélem innovates for you”, has launched an artificial intelligence program, prioritizing a fraud detection use case as its […]

Continue reading

Cloud innovation in real estate: Apleona and IBM rely on new technologies

Digitization does not stop at the proverbial concrete gold — real estate. In fact, the real estate industry is on the move. Companies are realizing the benefits of digital transformation and are capitalizing on the power of new technologies such as cloud, AI and blockchain. Take, for example, Apleona GmbH, one of Europe’s largest real […]

Continue reading

Innovate with Enterprise Design Thinking in the IBM Garage

We’ve all been there. You have an amazing idea that’s really exciting. Maybe it’s a home improvement project, or perhaps it’s a new business idea. You think about all the details required to make it real. But, once you get to the seventh action item, you’re not so excited anymore. Sometimes when we realize the […]

Continue reading