We’re taking another step forward in our mission to help you achieve continuous security and compliance as you build and develop on IBM Cloud by announcing the GA of IBM Cloud Secrets Manager.

As a security admin, your teams are often creating API keys and digital credentials of different types as they build on and interact with systems that require them. You’re looking for solutions that will help you to adhere to strict guidelines for running sensitive workloads in the public cloud. But, as your teams move data to the cloud, you’re not comfortable with storing highly sensitive application secrets in a multi-tenant environment. While it may be fine for certain workloads, an environment that isn’t dedicated won’t help your business meet the data isolation requirements that are required for regulatory compliance.

According to the Cost Of Data Breach Report 2020 by IBM Security, compromised credentials are responsible for 19% of all data breaches over the past year. Getting a full view of your secrets and who or what is accessing them is a major step to avoid becoming another statistic. And, by storing your secrets and highly sensitive data in your own isolated environment, you can rest easy that it won’t happen to you.

What’s new in this release?

As part of this launch, the service is now available in our Dallas, Frankfurt, and Sydney data centers with high availability and performance. We’re also excited to announce the service–to–service integration between Secrets Manager and the catalog management service. Whether you’re configuring an instance of a service in the catalog for your team or deploying a new instance of CI/CD as part of your DevOps pipeline, you’ll be able to create and retrieve the secured Cloud API keys you need in context from your Secrets Manager instance. 

To help secure your IBM Cloud developer operations, each account is allowed one Lite instance for free without any secret capacity limits for a limited time. Time to build secure applications and explore how you can improve your data security story without rails. When pricing plans are released, we’ll let you know so that you can start planning the next phase of your team’s Secrets Manager-powered story. Stay tuned!

Ready to get started?

To start managing your secrets, you can provision an instance of Secrets Manager in the IBM Cloud console. Because a dedicated instance of the service is provisioned, it can take a few minutes. While you wait, you can continue to work elsewhere in IBM Cloud or you might consider learning more about the best practices for organizing secrets and assigning access.

Need help storing your first secrets? Walk through the Getting started tutorial.

Want to learn more about secrets management in general? Check out the following video.

How do you know Secrets Manager is right for you?

If you’re looking to integrate general purpose secrets — such as IAM credentials or arbitrary secrets — to authenticate your apps, you can use Secrets Manager to create single-use secrets and manage their lifecycle. Secrets Manager is also built on a single-tenant architecture that provides you a high level of security and control when it comes to data isolation.

However, with the breadth of services on the IBM Cloud, you can choose from several offerings to help protect your sensitive data. Check out the following image to see which services can help you to manage secrets in IBM Cloud or see the Secrets Manager docs to learn more:

Feedback

In order to ensure that we are helping you to deliver on your own mission, we’d like to hear from you with any feedback that you might have. To share your questions, comments, raves, or concerns with us, use the Feedback button that can be found on any page of cloud.ibm.com.