Today is an exciting day in the world of the hybrid cloud and we are excited to be an integral part of it. IBM, with the earlier adoption of Intel TXT in their SoftLayer bare metal cloud offering, showed clearly that they were looking toward the future by enabling an unbroken line of trust all the way down to the CPU. This enabled Data Sovereignty and Data Geofencing as a service (remember all the chaos around Safe Harbor and later Brexit?) – disruptive solutions that nobody else was doing in the public cloud.
Back to today, with IBM’s announcement of an expansion of their partnership with VMware. This is going to bring the power of VMware’s Cloud Foundation to the IBM Cloud – meaning that sophisticated SDDC environments, including vSphere, NSX and more, can now be spun up in minutes not months, making it far easier to bridge the gap between public cloud and enterprise data center. Again, forward looking on both technical and customer facing, business fronts. More companies are now going to be able to do more things with the cloud more quickly and painlessly than ever before. Cloud disrupted.
These are all good things and all things you could have (and probably did) hear about elsewhere.
Now for what you probably didn’t know – HyTrust’s workload security platform is the glue that helps hold the whole thing together. In fact, to quote Intel, The Road to a Secure, Compliant Cloud Begins with HyTrust.
IBM partnered with HyTrust to enhance their cloud offerings, beginning with VMware As A Service. IBM has turned to HyTrust because our workload security solutions enable IBM to deliver levels of workload security and compliance automation that its competitors find difficult to match. One of those unique capabilities is the implementation of hardware-assisted data geofencing or data sovereignty in the cloud, a solution HyTrust calls BoundaryControl. It is enabled by the combination of two products, DataControl and CloudControl, in combination with Intel TXT all running in IBM SoftLayer. With BoundaryControl you can grant a virtual machine the ability to run on a particular physical server, or prevent it from running on anything but a particular physical server. This makes it easier to keep the US data segregated from the EU data and incidentally also makes it a lot harder for someone to walk off with a virtual machine and spin it up later on different hardware. You can read more about HyTrust BoundaryControl here.
Another place HyTrust plays a fundamental role is compliance automation. While some things have gotten easier with the growth and adoption of the cloud, regulatory compliance is not one of them. However, that need not be the case as it is possible to include compliance automation features in your SDDCaaS offering and one of the ways you can do that is with HyTrust. When you do that suddenly PCI-DSS, HIPAA, CJIS, FISMA and other regulatory standards and frameworks become a lot easier to live with because various aspects of compliance and hardening are now automated and built-into the cloud infrastructure.
Much like Forrester Research’s John Kindervag’s Zero Trust approach, we believe that the perimeter is dead and that security and policy need to be considered on a per-workload basis to really operate in this new cloud-driven era. One of the first places we see this happening is with encryption. The cloud presents special challenges to encryption, but with HyTrust DataControl not only is it easy to pursue encryption in the cloud, but you can keep and manage your own encryption keys. With keys securely in your control, nobody sees your data without your approval. You can also securely decommission workloads at the end of life. While others may be able to do encryption, one thing they are not going to be able to do is Zero Downtime Encryption, a matter of particular concern as the size of workloads starts to exceed the size of maintenance windows but you still need to rekey.
Anyway, hearty congratulations to IBM on what promises to be a very disruptive and well received partnership with VMware. There is no doubt that bridging the enterprise data center and the public cloud is a top of mind concern for many in the industry and there is also no doubt that this announcement will pave the road to faster deployments, more agility, lower barriers to entry and wider adoption. HyTrust is excited to be an essential partner in this game-change with our workload security solutions and excited to help enable secure and complaint clouds.
By the way, for anyone curious about the IBM take on things, here’s their blog post on the topic:
If you are attending VMworld, please be sure to drop by booth #734 to see HyTrust solutions in action, register to win a trip around the world and get your ticket to the HyTrust party on Tuesday from 6-9 PM at the House of Blues!