IBM Gives China Access to Software Code

Uploaded on 2015-10-27 in INTELLIGENCE--USA, INTELLIGENCE-Hot Spots-China, FREE TO VIEW, BUSINESS-Services-IT & Telecoms, NEWS-Cybersecurity News

IBM said it is giving the Chinese government access to some software code, seeking to demonstrate the security of its products as the company tries to expand its business in the country.

Beijing won’t receive client data or “back doors” into the technology, International Business Machines Corp. said recently in a statement. Technology providers including Microsoft Corp. have reached similar agreements in China, IBM said. Microsoft established a program with China in 2003, giving the government access to some Windows source code.
“Strict procedures are in place within these technology demonstration centers to ensure that no software source code is released, copied or altered in any way,” IBM said. “Those are applied rigorously regardless of country.”
 
Concerned about cybersecurity, China this year enacted security measures requiring foreign technology companies to show software code to the government. The purpose of the law is to prevent other parties from illegally accessing China’s systems and data through computer programs like viruses, said Ray Wang, principal analyst at Constellation Research.

Diversified Economy
China also has been making efforts to ease its dependence on manufacturing for economic growth and support domestic companies in other industries. President Xi Jinping laid out plans this year to accelerate the development of the country’s information technology industry. There’s an opportunity for companies such as IBM to increase their presence in the market as China figures out how to get established in these new sectors, Wang said.
“As everybody knows, there’s a tacit understanding that if you want to do business in China, you need to show them how this stuff works,” he said. For IBM, “the significance here is the first-mover advantage.”
By fulfilling the government’s requirements, IBM will also get access to foreign companies operating in China that may be more inclined to store their data on the company’s servers rather than those owned by Chinese businesses, said Daryl Plummer, chief of research at Gartner Inc.
“In order to grow globally, you have to do business in China, you have to be representative there,” Plummer said. Giving the government access to the code “seems to be a reasonable risk to take.”
IBM also reduces the risk that its intellectual property will be copied by granting the government access in a controlled environment on the company’s machinery, Wang said. IBM is probably revealing code for basic features, he said, rather than disclosing proprietary algorithms.

Reverse Engineering
“It’s more about the Chinese government being comfortable that source code won’t kill their government, though there’s definitely a little bit of: ‘Can we reverse engineer this?”’ Wang said in a phone interview. “For IBM to do this is a little ballsy.” Companies such as IBM that have closed-source, or proprietary, software typically maintain tight control of its underlying source code.

This is the first time IBM has given the Chinese government access to its software code, having previously shown some proprietary information on its chip technology, Wang said. IBM and other companies have had their intellectual property imitated before, he said, adding that software is more difficult to reproduce than hardware.
Info-Management: http://bit.ly/1Xt0coe

 

« China Still Hacking US Firms Despite Xi’s Vow
Who Is responsible For Security in the Cloud? »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 7,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

InteliSecure

InteliSecure

InteliSecure offer Professional Services, Security Assessments and Managed Services for data and threat protection.

OPSWAT

OPSWAT

OPSWAT is a software company that provides solutions to secure and manage IT infrastructure.

Schneider Electric

Schneider Electric

Schneider Electric develops connected technologies and solutions to manage energy and process in ways that are safe, reliable and sustainable.

Cyber Security Capital (CS^)

Cyber Security Capital (CS^)

Cyber Security Capital is a consultancy helping to mobilise and empower individuals, corporate leaders and entrepreneurs in cyber security.

Haystax Technology

Haystax Technology

Haystax’s security analytics platform applies artificial intelligence techniques to identify and prioritize threats in real time.

ESTsecurity

ESTsecurity

ESTsecurity is a leading company in cyber security providing intelligent security solutions to make world more secure.

Assac Networks

Assac Networks

Assac Networks ShieldIT is an app that completely protects any BYOD smartphone from both tapping and hacking.

Eperi

Eperi

Eperi is a leading provider of Cloud Data Protection (CDP) solutions with 15 years of experience in data encryption for databases, (SaaS) applications and files.

GreenWorld Technologies

GreenWorld Technologies

GreenWorld has a proven track record in industry leading IT asset management, secure data destruction and remarketing.

CPP Group UK

CPP Group UK

CPP Group UK develops products to help insurers add further value to their products and services through its innovative suite of new products in FinTech, InsurTech and cyber security.

Echosec Systems

Echosec Systems

Echosec Systems is a data discovery company delivering social media and dark web threat intelligence. Our web based security software delivers critical information for situational awareness.

DeFY Security

DeFY Security

DeFY Security is a Cyber Security solutions provider with more than 20 years of experience securing financial institutions, healthcare, manufacturing and retail.

GajShield

GajShield

GajShield Infotech provides Data Security Firewall solutions to Corporate’s and Government agencies.

Testhouse Ltd

Testhouse Ltd

Testhouse is a thought leader in the Quality Assurance, software testing and DevOps space. Founded in the year 2000 in London, UK, with a mission to contribute towards a world of high-quality software

StealthPath

StealthPath

StealthPath is focused on endpoint protection, securing the “implicit trust” vulnerabilities of current leading information security solutions.

Entitle

Entitle

Entitle's SaaS-based platform automates how permissions are managed, enabling organizations to eliminate bottlenecks and implement robust cloud least privilege access.