​​IBM preps Watson to watch enterprise smartphones and IoT devices

IBM has rolled out its Watson cognitive capabilities to do battle with rival enterprise mobile device management (MDM) platforms.

According to IBM, you’d be constantly on the back foot using an MDM product without the machine learning powers of Watson now arriving as a feature of its MaaS360 MDM product called Advisor. The feature taps structured data, unstructured data, and offers context to security recommendations.

Advisor will watch devices on the network and produce alerts for new vulnerabilities in software and operating systems running on mobile devices and PCs. It will also suggest policies and deployment options, and guide IT management toward compliance rules that need tweaking for relevant regulations.

The Watson-aided service draws on unstructured data such as IBM’s X-Force Threat Intelligence to offer a run down of devices exposed to certain risks as well as an explanation and recommendations for plugging a potential vulnerability in the organization’s infrastructure. Structured data comes from information collected within MaaS360 customer environments, while recommendations are influenced by a company’s industry profile, user devices, platforms and apps that are widely used in the organization.

Integration with IBM’s threat intelligence data could help admins more swiftly respond to a newly discovered vulnerability in a mobile operating system, helping determine the scope of a vulnerability and how to implement the fix.

For example, Advisor would keep track of the latest iOS beta releases for iPhone and iPad devices, and offer a heads-up on when the final version is expected to be released. It would also identity the number of iOS devices on a network that contain known vulnerabilities and specific risks this might expose them to, such as a local attacker gaining elevated privileges on vulnerable devices.

The new feature incorporates natural language processing features to allow admins to ask questions like “Show new Android tablets” or “Show devices eligible for Windows 10 upgrade”. Advisor then performs an assistant role, helping admins to automate management of the devices.

IBM is also teaching Watson to understand MDM and Enterprise Mobile Management (EMM) concepts as device enrollment, identity management and compliance with regulatory requirements.

The end result it’s aiming for is a more comprehensive overview of devices and the network that fits the younger category of unified endpoint management (UEM), which accounts for employees using several devices at work, including phones, tablets, laptops and desktops. It even aspires to manage IoT devices and gateway products.

The Watson push on MDM and EMM broadens IBM’s push into cybersecurity operations centers, spearheaded by its QRadar Advisor with Watson. Similarly, it’s designed to uncover efforts to obfuscate malicious activity and analyze multiple sources of data to offer a clearer set of recommended actions to security operations centers.