IBM Gives China Access to Software Code

Uploaded on 2015-10-27 in INTELLIGENCE--USA, INTELLIGENCE-Hot Spots-China, FREE TO VIEW, BUSINESS-Services-IT & Telecoms, NEWS-Cybersecurity News

IBM said it is giving the Chinese government access to some software code, seeking to demonstrate the security of its products as the company tries to expand its business in the country.

Beijing won’t receive client data or “back doors” into the technology, International Business Machines Corp. said recently in a statement. Technology providers including Microsoft Corp. have reached similar agreements in China, IBM said. Microsoft established a program with China in 2003, giving the government access to some Windows source code.
“Strict procedures are in place within these technology demonstration centers to ensure that no software source code is released, copied or altered in any way,” IBM said. “Those are applied rigorously regardless of country.”
 
Concerned about cybersecurity, China this year enacted security measures requiring foreign technology companies to show software code to the government. The purpose of the law is to prevent other parties from illegally accessing China’s systems and data through computer programs like viruses, said Ray Wang, principal analyst at Constellation Research.

Diversified Economy
China also has been making efforts to ease its dependence on manufacturing for economic growth and support domestic companies in other industries. President Xi Jinping laid out plans this year to accelerate the development of the country’s information technology industry. There’s an opportunity for companies such as IBM to increase their presence in the market as China figures out how to get established in these new sectors, Wang said.
“As everybody knows, there’s a tacit understanding that if you want to do business in China, you need to show them how this stuff works,” he said. For IBM, “the significance here is the first-mover advantage.”
By fulfilling the government’s requirements, IBM will also get access to foreign companies operating in China that may be more inclined to store their data on the company’s servers rather than those owned by Chinese businesses, said Daryl Plummer, chief of research at Gartner Inc.
“In order to grow globally, you have to do business in China, you have to be representative there,” Plummer said. Giving the government access to the code “seems to be a reasonable risk to take.”
IBM also reduces the risk that its intellectual property will be copied by granting the government access in a controlled environment on the company’s machinery, Wang said. IBM is probably revealing code for basic features, he said, rather than disclosing proprietary algorithms.

Reverse Engineering
“It’s more about the Chinese government being comfortable that source code won’t kill their government, though there’s definitely a little bit of: ‘Can we reverse engineer this?”’ Wang said in a phone interview. “For IBM to do this is a little ballsy.” Companies such as IBM that have closed-source, or proprietary, software typically maintain tight control of its underlying source code.

This is the first time IBM has given the Chinese government access to its software code, having previously shown some proprietary information on its chip technology, Wang said. IBM and other companies have had their intellectual property imitated before, he said, adding that software is more difficult to reproduce than hardware.
Info-Management: http://bit.ly/1Xt0coe

 

« China Still Hacking US Firms Despite Xi’s Vow
Who Is responsible For Security in the Cloud? »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

CCN-CERT

CCN-CERT

CCN-CERT is the Spanish national government computer security incident response centre.

Rohde & Schwarz Cybersecurity

Rohde & Schwarz Cybersecurity

Rohde & Schwarz Cybersecurity provide solutions for Secure Networks, Secure Communications, Network Analysis, and Endpoint Security.

Retail & Hospitality Information Sharing & Analysis Center (RH-ISAC)

Retail & Hospitality Information Sharing & Analysis Center (RH-ISAC)

Retail & Hospitality ISAC operates as a central hub for sharing sector-specific cyber security information and intelligence.

Lynxspring

Lynxspring

Lynxspring provides edge-to-enterprise solutions and IoT technology for intelligent buildings, energy management, equipment control and specialty machine-to-machine applications.

ExpressVPN

ExpressVPN

ExpressVPN is a Virtual Private Network services provider offering secure encrypted access to the internet.

Cloudrise

Cloudrise

Cloudrise are elevating cloud security, data protection, and privacy through assessment, technology enablement, and process automation.

ThreatX

ThreatX

ThreatX provides complete web application & API protection to address expanding app footprints and complex attacks.

Cyber Security Forum Initiative (CSFI)

Cyber Security Forum Initiative (CSFI)

CSFI is a non-profit organization with a mission to provide Cyber Warfare awareness, guidance, and security solutions through collaboration, education, volunteer work, and training.

Globant

Globant

Globant is an It and software development company. We leverage the latest technologies and methodologies to help organizations transform in every aspect, including software security.

In-Q-Tel (IQT)

In-Q-Tel (IQT)

IQT is the non-profit strategic investor that accelerates the development and delivery of cutting-edge technologies to U.S. government agencies that keep our nation safe.

N2K Networks

N2K Networks

N2K Networks is the world’s first “news to knowledge” network. The news to knowledge network is how you stay at the cutting edge in a rapidly changing world.

ZoobeTek

ZoobeTek

ZoobeTek are a company focused on preventing leaks related to the security of business information3.

CyberMaxx

CyberMaxx

At CyberMaxx, our approach to cybersecurity provides end-to-end coverage for our customers – we use offense to fuel defense.

Uptime Institute

Uptime Institute

Uptime Institute is an unbiased advisory organization focused on improving the performance, efficiency, and reliability of business critical infrastructure.

Health Sector Cybersecurity Coordination Center (HC3)

Health Sector Cybersecurity Coordination Center (HC3)

HC3 was created by the US Department of Health and Human Services to aid in the protection of vital, controlled, healthcare-related information.

Tech Data

Tech Data

Tech Data, a TD Synnex company, is a leading global distributor and solutions aggregator for the IT ecosystem.