IBM Gives China Access to Software Code

Uploaded on 2015-10-27 in INTELLIGENCE--USA, INTELLIGENCE-Hot Spots-China, FREE TO VIEW, BUSINESS-Services-IT & Telecoms, NEWS-Cybersecurity News

IBM said it is giving the Chinese government access to some software code, seeking to demonstrate the security of its products as the company tries to expand its business in the country.

Beijing won’t receive client data or “back doors” into the technology, International Business Machines Corp. said recently in a statement. Technology providers including Microsoft Corp. have reached similar agreements in China, IBM said. Microsoft established a program with China in 2003, giving the government access to some Windows source code.
“Strict procedures are in place within these technology demonstration centers to ensure that no software source code is released, copied or altered in any way,” IBM said. “Those are applied rigorously regardless of country.”
 
Concerned about cybersecurity, China this year enacted security measures requiring foreign technology companies to show software code to the government. The purpose of the law is to prevent other parties from illegally accessing China’s systems and data through computer programs like viruses, said Ray Wang, principal analyst at Constellation Research.

Diversified Economy
China also has been making efforts to ease its dependence on manufacturing for economic growth and support domestic companies in other industries. President Xi Jinping laid out plans this year to accelerate the development of the country’s information technology industry. There’s an opportunity for companies such as IBM to increase their presence in the market as China figures out how to get established in these new sectors, Wang said.
“As everybody knows, there’s a tacit understanding that if you want to do business in China, you need to show them how this stuff works,” he said. For IBM, “the significance here is the first-mover advantage.”
By fulfilling the government’s requirements, IBM will also get access to foreign companies operating in China that may be more inclined to store their data on the company’s servers rather than those owned by Chinese businesses, said Daryl Plummer, chief of research at Gartner Inc.
“In order to grow globally, you have to do business in China, you have to be representative there,” Plummer said. Giving the government access to the code “seems to be a reasonable risk to take.”
IBM also reduces the risk that its intellectual property will be copied by granting the government access in a controlled environment on the company’s machinery, Wang said. IBM is probably revealing code for basic features, he said, rather than disclosing proprietary algorithms.

Reverse Engineering
“It’s more about the Chinese government being comfortable that source code won’t kill their government, though there’s definitely a little bit of: ‘Can we reverse engineer this?”’ Wang said in a phone interview. “For IBM to do this is a little ballsy.” Companies such as IBM that have closed-source, or proprietary, software typically maintain tight control of its underlying source code.

This is the first time IBM has given the Chinese government access to its software code, having previously shown some proprietary information on its chip technology, Wang said. IBM and other companies have had their intellectual property imitated before, he said, adding that software is more difficult to reproduce than hardware.
Info-Management: http://bit.ly/1Xt0coe

 

« China Still Hacking US Firms Despite Xi’s Vow
Who Is responsible For Security in the Cloud? »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Steptoe & Johnson

Steptoe & Johnson

Steptoe is an international law firm with offices in the USA, Europe and China. Practice areas include Cybersecurity, Privacy & National Security.

CionSystems

CionSystems

CionSystems provides identity, access and authentication solutions to improve security and streamline IT infrastructure management.

Fortress Group

Fortress Group

Fortress is specialized in confidential and discrete recruitment solutions and temporary staffing in the field of security and risk management.

Swiss Cyber Storm

Swiss Cyber Storm

Swiss Cyber Storm is a non profit organization hosting the international Swiss Cyber Storm Conference and running the Swiss part of the European Cyber Security Challenges.

Mindsight

Mindsight

Mindsight is a technology consulting firm with expertise from cybersecurity to cloud, disaster recovery to infrastructure, and collaboration to contact center.

Data Privacy Office (DPO)

Data Privacy Office (DPO)

Data Privacy Office is a company that specializes in privacy and personal data protection, following the highest standards in its sector.

Information Technology Solutions (ITS)

Information Technology Solutions (ITS)

Information Technology Solutions is a single source provider for managing and securing mission-critical IT services.

Artifice Security

Artifice Security

Artifice Security will demonstrate real-world attacks on your network, web applications, infrastructure, and personnel to expose your hidden security risks.

Flexxon

Flexxon

Flexxon is the industry leader to develop NAND flash storage devices. Our key focus is to innovate memory devices ensuring data security and reliability.

RubinBrown

RubinBrown

RubinBrown LLP is a leading accounting and professional consulting firm. The RubinBrown name and reputation are synonymous with experience, integrity and value.

HCS

HCS

HCS is an IT Company and Telecoms provider with an experienced team who are dedicated to ensuring our clients business systems are protected.

DigitalPlatforms

DigitalPlatforms

DigitalPlatforms SpA is an Italian group with the mission of providing end-to-end solutions and Internet of Things and Cyber technologies to companies that manage critical infrastructures.

Var Group

Var Group

Var Group is one of the main partners for innovation in the ICT sector in Italy.

NewEvol

NewEvol

Don’t React, Evolve! Outsmart threats with real-time AI-powered dynamic defense capability of NewEvol all-in-one cybersecurity platform.

AUCloud

AUCloud

AUCloud is a leading Australian cyber security and secure cloud provider, specialising in supporting businesses and Governments with the latest cloud infrastructure.

Diverto

Diverto

Diverto is a company that provides a high level of information security to companies, institutions and other organisations in an information-centric world.