Announcements
Security
December 8, 2018 By Dr. Nataraj Nagaratnam 2 min read

IBM Cloud offers an industry-first data-in-use protection solution for cloud-native applications

Cloud-native applications have been growing rapidly, escalating the development of innovative solutions that enable enterprise digital transformations. A recent Cloud Native Computing Foundation (CNCF) studyindicates that the production usage of cloud-native applications has grown by an average of more than 200 percent in the last year. Among those applications, 73 percent use containers as a core technology in their journey to cloud.

Despite brisk growth, data security concerns continue to constrain cloud-native expansion. According to Ponemon Institute’s 2018 Cloud Data Security Study, the majority of respondents—71 percent—consider conventional security inadequate to protect sensitive data in cloud environments. And nearly half of all organizations surveyed say their organizations demand security measures such as encryption to safeguard cloud computing resources.

Founded on the principle that the cloud offers a unique opportunity to do security right, IBM Cloud now offers an industry-first data-in-use protection solution for cloud-native applications. These new capabilities are poised to allow a new set of data-centric applications to move to the cloud, enabling enterprises to adopt cloud with confidence.

Data-in-use protection for infrastructure

IBM introduced a security technology offering on IBM Cloud infrastructure that provides secure enclaves designed to protect data used in application runtimes. Using Intel Secure Guard Extensions (SGX) technology on cloud servers, application developers can enhance their application code to protect sensitive data within protected areas of execution, called enclaves. This offering paves the way for a proactive approach to cloud security and allows developers to build apps safely with highly agile tools that can bring them to market faster.

Data-in-use protection for containers integrated into IBM Cloud Kubernetes Service

To help developers building containerized applications, IBM recently announced the availability of secure enclave technologies to be used with the IBM Cloud Kubernetes Service. IBM is the first cloud provider to integrate this data-in-use protection technology into Kubernetes services, allowing developers to orchestrate their container apps that already exploit secure enclaves designed to be deployed in SGX servers on IBM Cloud.

Data-in-use protection for apps using IBM Cloud Data Shield

Security skills are hard to come by. It has long been a dream for some developers to be able to protect their applications with hardware-rooted security enclaves without the necessity to learn the nuances of hardware SDKs. Developers want security without having to make any code changes.

This is no longer a dream.

IBM introduces IBM Cloud Data Shield as an experimental capability. Using this offering, developers can build a Python or C/C++ app or one of many pre-canned cloud native technologies—like NGINX or MySQL—and containerize and shield with IBM Data Shield. Such a shielded app can be deployed on IBM Cloud Kubernetes Service, allowing protection of sensitive data in use without code changes!

Protect data-in-use as part of your holistic cloud data protection strategy. Try out these capabilities on IBM Cloud. We look forward to your feedback and to learning how you take your apps to the next level of security.

Contact

To request a demo, receive a Slack invite for Data Shield workspace, or ask any questions, please email shield1@us.ibm.com

Dr. Nataraj Nagaratnam
IBM Fellow, CTO for Cloud Security

More from Announcements
July 2, 2024

Success and recognition of IBM offerings in G2 Summer Reports  

2 min read - IBM offerings were featured in over 1,365 unique G2 reports, earning over 230 Leader badges across various categories.   This recognition is important to showcase our leading products and also to provide the unbiased validation our buyers seek. According to the 2024 G2 Software Buyer Behavior Report, “When researching software, buyers are most likely to trust information from people with similar roles and challenges, and they value transparency above other factors.”  With over 90 million visitors each year and hosting more than 2.6…

June 24, 2024

Manage the routing of your observability log and event data 

4 min read - Comprehensive environments include many sources of observable data to be aggregated and then analyzed for infrastructure and app performance management. Connecting and aggregating the data sources to observability tools need to be flexible. Some use cases might require all data to be aggregated into one common location while others have narrowed scope. Optimizing where observability data is processed enables businesses to maximize insights while managing to cost, compliance and data residency objectives.  As announced on 29 March 2024, IBM Cloud® released its next-gen observability…

June 21, 2024

Unify and share data across Netezza and watsonx.data for new generative AI applications

3 min read - In today's data and AI-driven world, organizations are generating vast amounts of data from various sources. The ability to extract value from AI initiatives relies heavily on the availability and quality of an enterprise's underlying data. In order to unlock the full potential of data for AI, organizations must be able to effectively navigate their complex IT landscapes across the hybrid cloud.   At this year’s IBM Think conference in Boston, we announced the new capabilities of IBM watsonx.data, an open…

IBM Newsletters

 Get our newsletters and topic updates that deliver the latest thought leadership and insights on emerging trends.
Subscribe now More newsletters