Protecting data from unauthorized access and streamlining compliance operations is vital to ensure the integrity of your business and to maintain customer trust. Guaranteeing data has not been compromised or undergone unsanctioned processing, and delivering continuous compliance audit readiness, can only be achieved with the correct technology and a trusted cloud provider. By working with industry leading security and compliance technology partners, and utilizing proprietary solutions, IBM has done the hard work for you to help ensure your business always stays protected in the cloud.
Currently, IBM, VMware, Intel and HyTrust offer the industry first and differentiated IBM Cloud Secure Virtualization (ICSV) solution. The automation-deployed solution leverages Intel’s hardware-enforced security technology and HyTrust workload protection controls for enforcement of data processing geolocation and governance of administrative actions. For example, this innovative data protection technology ensures decryption occurs only at trusted geolocations on authorized servers, providing confidence that your workloads always boot up on uncompromised and trusted hardware/software.
Building on these capabilities, IBM is excited to announce that it has helped to drive collaboration and development across its Partner ecosystem to deliver further HyTrust integration with Caveonix and the Fortinet Security Fabric, in a new validated design for a secure and compliant hybrid cloud. Fortinet FortiGate VM with a unified threat mitigation model to ensure secure connectivity across your hybrid environment, Caveonix RiskForesight provides the central integration point to continuously detect, predict and act on full-stack visibility into your hybrid cloud infrastructure, platforms, applications and workloads to ensure compliance. IBM and its Partners are confident this solution approach will allow your business to tackle the toughest risk mitigation and compliance readiness use cases.
Not stopping there, IBM and HyTrust are working to integrate HyTrust DataControl with IBM Cloud Hyper Protect Crypto Services, a single-tenant key management service built on the industry’s first and only FIPS 140-2 Level 4 certified Hardware Security Module (HSM)2 available in the public cloud. The solution will allow your organization the utmost flexibility for extending encryption operations to the cloud in a hybrid model. The integration between these technologies allows you to maintain complete control over encryption keys, including the master keys, and employ the highest level of industry certified protection over your data. An early access version of this solution is targeted for September 2019.
Some key benefits include:
- IBM Cloud admins never have access to customer keys
- The client is the only one to have full control of the encryption keys and entire key hierarchy including the HSM Master Key
- Built-in protection against privileged access threats reduces the risk of data compromise
- Data encryption and controls on privileged access reduce regulatory compliance risk
Losses due to fraud and data breaches cost organizations billions of dollars per year, so the ability to prevent unauthorized access of data, reduce operational risks, and continuously ensure compliance audit readiness is a unique benefit of running your VMware workloads on IBM Cloud.