IBM Introduces Security Services to Protect Cloud Environments
IBM unveiled a series of new security products and services for customers struggling with cloud security planning and management on Oct. 20.
IT managers have a multitude of security and privacy concerns about moving their data to the cloud, said Jason Hilling, portfolio manager for the Managed and Cloud Security Service group at IBM Global Technology Services. These security concerns may deter companies from taking advantage of the performance benefits of cloud computing, he said.
In a 2010 Global IT Risk survey by IBM's Institute for Business Value, 77 percent of respondents said adopting cloud computing makes protecting privacy more difficult. About half were concerned about potential data breaches, and almost a quarter of the surveyed managers were worried about weak network security, according to the survey.
The study surveyed over 600 IT managers and senior executives across multiple industries and regions, in North America, Europe, Asia-Pacific, the Middle East, Latin American and Africa to understand how enterprises are managing IT risks. While respondents generally were confident about their risk compliance and management efforts, they identified security in the cloud as a big problem area.
Hilling described a two-pronged approach emphasizing proper security planning and putting security tools in the cloud instead of dealing with each individual endpoint. The security tools include the rather awkwardly-named IBM Managed Security Services Hosted Security Event and Log Management and the scanning service IBM Managed Security Services Hosted Vulnerability Management. Hilling also said IBM's security consulting services help organizations with security planning by creating a roadmap, performing an assessment, and identifying application security needs.
Data security doesn't mean the same thing to everyone, Hilling said. Service providers and users consider security measures that make sense for their business, such as the kind of work being performed and the processes that are in place. Organizations with collaboration tools and e-mail in the cloud should focus on access and policy controls, but healthcare systems should think about data isolation and encryption, the company said.
The Security incident and event management tool moves to the cloud via the IBM Managed Security Services Hosted Security Event and Log Management tool. This enhanced offering consolidates the security event and log data of all the operating systems, applications and infrastructure equipment into a single location for IT managers to assess and respond to real-time and historical traffic. Organizations can also outsource these tasks to IBM's Security Operation Centers, the company said.
IBM Managed Security Services Hosted Vulnerability Management is a network-based vulnerability assessment tool. It assesses network infrastructure and servers for potential application and operating system vulnerabilities, and scans for Web and database vulnerabilities.
IBM Security Virtual Server Protection for VMware integrates "introspection monitoring," said Hilling, where a virtual doorman scans all traffic outside the virtual machine to detect potential malware attacks, and the operating system inside to confirm it is running properly. The protection checks whether any malicious code is running, such as root-kits, said Hilling. As this is tied to the hypervisor and protects the virtual machines from the ground up, this is available only for VMware hypervisors, said Hilling. The virtual doorman hooks into the security APIs available with VMware vSphere 4, according to Hilling. IBM is exploring adding other hypervisor support, he said.
The IBM Watson and Zurich research laboratories are working on security projects that enable enhanced data integrity, recovery, privacy, and customer isolation in a public cloud environment. While not available as an off-the-shelf product, IBM recently deployed these enhanced services within its own environments, into the IBM Smart Business Test and Development cloud, Hilling said.
The projects provide "infrastructure hardening," or stronger isolation between different workloads, said IBM. Verifying the integrity and correct configuration of each component prevents low-level attacks such as spoofing, IBM said.
IBM is committed to showing that "the cloud can be a completely secure environment, provided the right measures are in place," said Hilling.