LAS VEGAS – Amid all the talk, videos and live demos at IBM Think 2018 around artificial intelligence, quantum computing and dozens of other cool technologies, the host company also spent some quality time on good, old-fashioned security.
IBM on March 20 unveiled four new cloud services for mainframe-level data protection—solutions already trusted by the world's largest financial institutions and banks—for implementation in the IBM Cloud. These include what IBM claims is the first cloud hardware security module solution built with the industry's highest cryptographic standards (FIPS 140-2 Level 4 certified technology) offered by a public cloud provider.
With these new services, IBM aims to simplify how enterprises can securely bridge to the public cloud by helping to address their needs throughout the journey, from accelerating the migration of existing workloads to the cloud to modernizing and extending existing apps to delivering tools to build next-gen cloud native apps.
Cloud Services with Mainframe-Level Data Protection
Cloud adoption has been increasing at a rapid pace for several years, but security and data concerns still remain barriers to adoption. Check out these facts:
- According to a recent study from the Ponemon Institute, only 40 percent of all data stored in the cloud is secured with encryption and key management solutions. According to the Breach Level Index, of the nearly 10 billion records breached since 2013, only 4 percent of the stolen data was encrypted and therefore rendered useless to the hackers;
- A second Ponemon Institute survey pointed out that in security of privileged users, 80 percent of threats are internal, and 58 percent of IT operations and security managers believe their organizations are unnecessarily granting access to individuals beyond their roles and responsibilities.
The new IBM Cloud Hyper Protect product line includes four new services that are made possible by bringing IBM Z into IBM’s global public cloud data centers. Through the IBM Cloud catalog, developers can gain easy access to industry-leading security capabilities to modernize their applications in the IBM Cloud. This includes:
- IBM Cloud Hyper Protect Crypto Services are designed to enable developers to infuse security with data encryption and key management capabilities into their modern applications. These new services bring the capability of IBM Z to the IBM Cloud through the same state-of-the-art cryptographic technology relied upon by leading banks and financial institutions. This service supports secure key operations and random number generation via IBM Z cryptographic hardware. This is the industry’s first and only Cloud HSM Solution built with FIPS 140-2 Level 4 certified technology offered by a public cloud provider, and is the same technology that is the backbone of IBM’s Enterprise Blockchain Platform solution.
- IBM Cloud Hyper Protect DBaaS is designed to enable enterprises to protect cloud-native database services, such as MongoDB – EE, with data stores that are security-rich and private. This is ideal for highly regulated industries that are responsible for sensitive personal data (SPI) such as credit card numbers, financial data, social security numbers and more.
- IBM Cloud Hyper Protect Containers are designed to enable enterprises to deploy container-based applications and microservices, supported through the IBM Cloud Container service, that handle sensitive data with a security-rich Service Container Systems environment in IBM Z/LinuxOne platform. This environment is built with IBM LinuxONE Systems that offer extreme security, designed for EAL5+ isolation and Secure Services Containers technology that are designed to prevent privileged access from malicious users and Cloud Admins.
- IBM Cloud Hyper Protect Developer Starter Kits are designed to enable iOS developers to safeguard credentials, services and data using the Hyper Protect cloud services when building enterprise apps on IBM Cloud. This complements the high level of security of Apple devices.
For more information, go here.