Businesses find Cloud solutions as the most viable option in their pursuit of flexible and scalableinfrastructure while facing fierce competition. Various migration strategies and tools support Cloud adoption processes. The only alarming trend is that news about security and data breaches over Cloud are continually making the headlines. The stakes are even higher when the data breach is related to either an industry giant or millions and billions of people are involved.
Over the last few years, Cloud-related breaches have increased, with more and more high-profile organizations finding their names among the victims. As the reliance on data grows in the era of hybrid Cloud, the necessity of data privacy becomes even more critical for everyone.
IBM’s way of battling security concerns
For over a decade, IBM has been investing heavily in confidential technologies, and now they are working on the fourth generation of the said technology. IBM first announced the general availability of Confidential cloud computing capabilities in 2018, and since then they are providing end-to-end Confidential Computing for their clients.
IBM’s confidential computing is a foolproof solution that offers protection across the entirety of Cloud infrastructure. It covers everything from the build process and key management to data services security because laxity on any of these layers can leave the Cloud infrastructure exposed to threats. As per IBM, data protection is only as strong as the weakest link in end-to-end defense – meaning that data protection should be holistic. Organizations of all sizes need a dynamic and evolving approach to focus security on protecting data over a long period.
Currently, IBM’s security platform is used heavily by industries like healthcare and banking, with high profile names like Bank of Americaand Daimler being the primary users of confidential cloud computing capabilities.
Thoughts on IBM Confidential Computing
Rohit Badlaney, vice president of IBM Z Hybrid Cloud, said it is the only public Cloud with “production-ready confidential computing capabilities able to protect data, applications, and processes.” He explained that data security generally revolves around protecting data at rest, transit, and use.
Badlaney said, “We’ve had tremendous success over the last four to five years in generalizing and commercializing the confidential computing technology into an entire family of cloud services.” He added, “Our point of view on confidential computing is that the trusted execution environment is interesting but you want to surround it with a set of services that also leverage the same kind of underlying hardware and software innovation in confidential computing.”
“So we’ve built out this whole family especially for markets like financial services that have been nervous about moving anything into the public Cloud. In order to deliver confidential computing, we believe a technology provider must provide protection across the entirety of the compute lifecycle–which includes everything from the build process and key management to the security of data services. Failure to fully protect any of these layers can leave a client’s business process exposed.”
IBM has not expanded confidential computing into the entire IBM Cloud but plans to by the middle of next year. Badlaney said it will “become pretty core to our enterprise-grade value proposition that underpins our industry cloud push.”
Confidential Computing Solutions for different industries
Daimler, the parent organization behind German luxury automotive giant Mercedez-Benz and Maybach, required confidential computing for the workload that was moved to the Public Cloud.
IBM confidential computing suite for Daimler locked down their data tier and enclosed it with executing modules. This key protecting technology provided data access only to the Daimler team.
IBM also partnered with Apple Inc to create a tool kit for healthcare data known as CareKit. This project is entirely focused on healthcare, so the data require protection in different ways. The work by IBM and Apple ensured that providers can synchronize their confidential data to public Cloud.
In collaboration with Bank of America, IBM designed the world’s first financial services ready Cloud. Since then, Bank of America can host critical applications and workloads related to its 66 million banking customers. IBM Cloud for Bank of America enables it to use public Cloud without compromising on data security, resiliency, privacy, and customer information safety needs.
In the last few years, other public cloud providers have also turned to confidential computing, this includes public Cloud giants like Microsoft and Google.
In July 2020, Google officially announced that it had started a beta version of confidential virtual machines as some of its initial products in the confidential computing portfolio.
Microsoft also has some offerings in a similar category. Its confidential computing works on 4 principles that are:
- Mitigating all data breach threats.
- The customer fully controls the data, regardless of whether it is during rest, transit, or use.
- Codes that are running over cloud should be protected and verifiable by the user.
- Data and code should be enigmatic to the cloud platform.
More about Microsoft Confidential Computing.
Last year, industry leaders like Alibaba, Arm, Baidu, Google Cloud, IBM, Intel, Microsoft, Red Hat, Swisscom, and Tencent built the Confidential Computing Consortium, a dedicated new industry group to accelerate the adoption of confidential computing.
“As we look ahead to the next era of computing, there are lots of predictions and assumptions on what the next great innovation will be–but one thing is indisputable: Data and securing that data is and will remain an incredibly important asset to companies and consumers. As our reliance on data grows in the era of hybrid Cloud, the need for data privacy becomes even more critical for everyone–and for businesses, an imperative,” Badlaney said.
“As part of this, we need to actively invest and innovate in areas that we believe will better prepare us for the future, and better help our clients to protect their highly sensitive data.”
Source: IBM Blog Post