Cloud
Security
September 1, 2020 By Tim Brantner
Janet Van
Deanna Brown
Dr. Nataraj Nagaratnam
Doc Vaidhyanathan
Shawna Guilianelli
3 min read

A better way to achieve cloud security and compliance goals.

As enterprises move regulated workloads to public cloud, it is essential to prove security and compliance concerns are handled better, faster, and easier than their status quo. At IBM, we recognize the magnitude of these issues for all types of clients moving workloads to public cloud, and we understand the sheer complexity they have to endure to achieve a security or compliance standard. It’s exhausting.  

So, today, we’re excited to introduce the IBM Cloud Security and Compliance Center in collaboration with IBM Research—built directly into the IBM Cloud platform and ready to use. This huge push forward for IBM Cloud delivers on our mission of creating successful cultures of continuous cloud security and compliance by making it easier to setup, manage, monitor, and audit security and compliance related activities. 

This also delivers a key component for our IBM Cloud for Financial Services initiative, allowing our Financial Services clients to deliver security and compliance goals in a better, easier way with IBM Cloud Security and Compliance Center.

What is at stake? 

According to IBM Security’s Cost of a Data Breach Report 2020

  • The average time that it takes to identify and contain a data breach is 280 days.
  • Compromised credentials and cloud misconfigurations were each responsible for 19% of malicious breaches .

In addition, the Boston Consulting Group (BCG) stated that from 2009–2017, there were an estimated $321 billion in penalties paid by banks for not meeting regulations. 

IBM Cloud’s answer: There has to be a better way. 

What is the IBM Cloud Security and Compliance Center?

The Security and Compliance Center is integrated by default into the IBM Cloud platform. With the Security and Compliance Center, users can implement controls to continuously assess their current posture or they can apply rules to enforce configuration standardization across accounts. For more information, see the video “Introducing the Security and Compliance Center“.

Security and compliance posture management

IBM recently acquired the Spanugo ASAP solution and integrated it at lightning speed into the IBM Cloud Security and Compliance Center to deliver hybrid, multicloud security and compliance posture for IBM Cloud customers. 

To begin, create a collector and add credentials to the service. Then, create a scope that defines the set of specific accounts and resources that are scannable. Scopes can be validated by predefined profiles—which contain pre-set regulatory controls and goals—or validated by custom profiles. 

Based on the configuration, the service uses the credentials and collector to scan and validate the resource configurations in the defined scope against a chosen profile. When the validation is complete, all results can be viewed including a calculated security and compliance score in the IBM Cloud Security and Compliance dashboard. If any failures come from the validation, remediation is available to quickly help resolve the failure. And, to prepare for or during an audit, granular reports can be downloaded to provide internal and external auditors exactly what has been requested within seconds.

Configuration governance

By creating config rules, IBM Cloud customers can enforce and/or monitor resource configuration across accounts. Config rules are guardrails for resources on how they are provisioned and configured. 

For example, IBM Cloud administrators can disable public access to resources in production accounts but allow it in testing accounts. Through configuration rule enforcement, you can manage account resources with confidence that the configuration of resources will adhere to the guidelines and significantly decrease the likelihood of a misconfiguration that could lead to a security vulnerability.

How can I get started?

To get started, you can use the Posture Management Quick Start found the in the Security and Compliance UI or start defining configuration rules. Or, to learn more check out “Achieving Continuous Security and Compliance on IBM Cloud for Financial Services.” 

As a reminder, organizations with fully deployed security automation already save an average of $3.58 million compared to those that do not, according to the Cost of a Data Breach Report 2020 by IBM Security. So, what are you waiting for? 

Get started today with the IBM Cloud Security and Compliance Center. 

Feedback

We are excited to offer this ground-breaking capability for our IBM Cloud customers. We’d like to hear from you to learn more about your questions, comments, raves, and concerns. Please share your feedback by using the Feedback button on any page at cloud.ibm.com. We need to know how we are helping you deliver on your own mission of creating successful cultures of continuous cloud security and compliance by making it easier to setup, manage, monitor, and audit security and compliance related activities.  

Thanks for taking the time to read and we look forward to solving future security and compliance problems together. 

Tim Brantner
Product Owner, Security and Compliance Center
Janet Van
Product Manager, Cloud Security and Compliance
Deanna Brown
Distinguished Engineer
Dr. Nataraj Nagaratnam
IBM Fellow, CTO for Cloud Security
Doc Vaidhyanathan
CPO/CTO, Compliance Technology
Shawna Guilianelli
Content Lead and Strategist

More from Cloud
July 2, 2024

New 4th Gen Intel Xeon profiles and dynamic network bandwidth shake up the IBM Cloud Bare Metal Servers for VPC portfolio

3 min read - We’re pleased to announce that 4th Gen Intel® Xeon® processors on IBM Cloud Bare Metal Servers for VPC are available on IBM Cloud. Our customers can now provision Intel’s newest microarchitecture inside their own virtual private cloud and gain access to a host of performance enhancements, including more core-to-memory ratios (21 new server profiles/) and dynamic network bandwidth exclusive to IBM Cloud VPC. For anyone keeping track, that’s 3x as many provisioning options than our current 2nd Gen Intel Xeon…

July 2, 2024

IBM and AWS: Driving the next-gen SAP transformation  

5 min read - SAP is the epicenter of business operations for companies around the world. In fact, 77% of the world’s transactional revenue touches an SAP system, and 92% of the Forbes Global 2000 companies use SAP, according to Frost & Sullivan.   Global challenges related to profitability, supply chains and sustainability are creating economic uncertainty for many companies. Modernizing SAP systems and embracing cloud environments like AWS can provide these companies with a real-time view of their business operations, fueling growth and increasing…

July 2, 2024

Experience unmatched data resilience with IBM Storage Defender and IBM Storage FlashSystem

3 min read - IBM Storage Defender is a purpose-built end-to-end data resilience solution designed to help businesses rapidly restart essential operations in the event of a cyberattack or other unforeseen events. It simplifies and orchestrates business recovery processes by providing a comprehensive view of data resilience and recoverability across primary and  auxiliary storage in a single interface. IBM Storage Defender deploys AI-powered sensors to quickly detect threats and anomalies. Signals from all available sensors are aggregated by IBM Storage Defender, whether they come…

IBM Newsletters

 Get our newsletters and topic updates that deliver the latest thought leadership and insights on emerging trends.
Subscribe now More newsletters