Announcements
Cloud
February 25, 2020 By Horst Hummel 2 min read

Now integrated with Bring-Your-Own-Key (BYOK) and Keep-Your-Own-Key (KYOK).

Moving confidential and mission critical data to the cloud presents data confidentiality, security, and reliability concerns. IBM Cloud Hyper Protect DBaaS allows you to provision and manage highly secure database environments for enterprise workloads with highly sensitive data, all without sacrificing performance.

You can choose from PostgreSQL and MongoDB EE enjoy the following:

  • Industry-leading security (tamper-protected)
  • Developer friendly
  • High availability and reliability
  • Industry and compliance certification readiness

What’s new?

IBM Cloud Hyper Protect DBaaS is now integrated with both standard IBM Cloud key management services: IBM Cloud Key Protect (BYOK) and IBM Cloud Hyper Protect Crypto Services (KYOK). Only Hyper Protect Crypto and KYOK gives the customer full control on the keys used to encrypt its data.

IBM Cloud Hyper Protect Crypto Services acts as an extension to IBM Cloud Key Protect’s Bring-Your-Own-Key (BYOK) functionality, adding a powerful concept of Keep-Your-Own-Key (KYOK). With KYOK, you stay in control of your essential secure key infrastructure at any time, while benefiting from a seamless integration into IBM Cloud services.

In the case of suspicious behavior, keys can be erased, keeping the data from being decrypted. Customers can also roll their keys to allow for re-organization of the key owners or removal of access as needed. With IBM Cloud Hyper Protect Services, you fully leverage the proven technology that is co-developed and operated by large enterprises for managing and securing their most sensitive data. 

What is BYOK with Key Protect?

IBM Cloud Key Protect is a multi-tenant Key Management Service (KMS) with key vaulting provided by IBM-controlled FIPS 140-2 Level 3 Hardware Security Modules. With Key Protect, customers bring their keys to the Cloud and manage them, and IBM provides operational assurance that IBM will not access the keys.

What is KYOK with Hyper Protect Crypto Services?

KYOK with Hyper Protect Crypto Services offers two-in-one (i.e., a KMS with built-in Hardware Security Module (HSM)). The offer is a single-tenant Key Management Service with key vaulting provided by customer-controlled FIPS 140-2 Level 4 (the highest available certification) HSMs. With Hyper Protect Crypto Services, customers keep their keys protected by the HSMs they control and manage; the implementation provides technical assurance that IBM cannot access the keys.

Customers looking to safeguard highly sensitive data want to use their own keys for encryption and require complete control of their encryption keys. For these customers, using Hyper Protect DBaaS integrated with Hyper Protect Crypto Services provides exclusive control over the entire key hierarchy, including the master key of the HSM that protects the secrets. The Level-4 certification assures that the HSM is tamper-proof—it can sense any attempt to compromise the HSM via physical, chemical, or environmental changes and immediately respond by auto-erasing the keys stored, which then invalidates the data that the keys protect.

Free trial period available

Available in Dallas, Frankfurt, and Sydney, order Hyper Protect DBaaS Services now, and you can benefit from a free, 30-day trial for Hyper Protect DBaaS for MongoDB or Hyper Protect DBaaS for PostgreSQL

Learn more about IBM Cloud Hyper Protect DBaaS and check out our newest demos on the IBM Demos website.

Horst Hummel
Product Manager, Hyper Protect DBaaS

More from Announcements
July 2, 2024

Success and recognition of IBM offerings in G2 Summer Reports  

2 min read - IBM offerings were featured in over 1,365 unique G2 reports, earning over 230 Leader badges across various categories.   This recognition is important to showcase our leading products and also to provide the unbiased validation our buyers seek. According to the 2024 G2 Software Buyer Behavior Report, “When researching software, buyers are most likely to trust information from people with similar roles and challenges, and they value transparency above other factors.”  With over 90 million visitors each year and hosting more than 2.6…

June 24, 2024

Manage the routing of your observability log and event data 

4 min read - Comprehensive environments include many sources of observable data to be aggregated and then analyzed for infrastructure and app performance management. Connecting and aggregating the data sources to observability tools need to be flexible. Some use cases might require all data to be aggregated into one common location while others have narrowed scope. Optimizing where observability data is processed enables businesses to maximize insights while managing to cost, compliance and data residency objectives.  As announced on 29 March 2024, IBM Cloud® released its next-gen observability…

June 21, 2024

Unify and share data across Netezza and watsonx.data for new generative AI applications

3 min read - In today's data and AI-driven world, organizations are generating vast amounts of data from various sources. The ability to extract value from AI initiatives relies heavily on the availability and quality of an enterprise's underlying data. In order to unlock the full potential of data for AI, organizations must be able to effectively navigate their complex IT landscapes across the hybrid cloud.   At this year’s IBM Think conference in Boston, we announced the new capabilities of IBM watsonx.data, an open…

IBM Newsletters

 Get our newsletters and topic updates that deliver the latest thought leadership and insights on emerging trends.
Subscribe now More newsletters