-
IBM announces new capabilities for its Cloud Security and Compliance Center platform, which helps enterprises secure and protect sensitive data across hybrid multi-cloud environments.
-
The platform introduces the Data Security Broker, developed with Baffle, which provides encryption and anonymization technology for data in applications and AI workloads.
-
The platform enhances cloud security posture management, cloud workload protection, infrastructure entitlement management, and compliance automation with intelligent automation and deployable architectures.
In a move aimed at bolstering data security across hybrid and multi-cloud environments, IBM has unveiled a suite of new features for its Cloud Security and Compliance Center platform. The updated offering delivers advanced security and compliance capabilities. These aim to tackle the organizations' complex challenges as they increasingly embrace hybrid cloud strategies.
One of the standout additions is the IBM Cloud Security and Compliance Center Data Security Broker, a product developed in collaboration with Baffle. This innovative tool employs a multi-layered approach, incorporating encryption and anonymization technologies to safeguard sensitive data in business applications and artificial intelligence workloads.
Beyond this, the platform enhancements encompass improved cloud security posture management (CSPM), cloud workload protection, infrastructure entitlement management, and compliance automation.
Significantly, these updates extend beyond the confines of IBM Cloud, embracing a broader multi-cloud and hybrid cloud landscape.
Nataraj Nagaratnam, IBM Fellow and CTO for cloud security, said that the platform supports several cloud environments, including AWS, Azure, Google Cloud, IBM LinuxOne servers, and soon IBM Power.
He stated that the platform update adds data protection to its current infrastructure and workload protection capabilities by using Baffle's technology to provide application-level tokenization and granular encryption of sensitive fields in databases.
He commented that disk- or file-level encryption left a protection and flexibility gap at the application level. The Data Security Broker protects application-sensitive data stored in databases like PostgreSQL without requiring code changes.
He highlighted that the platform is designed for clients in any industry, but especially for clients in regulated industries like financial services, telcos, and health care, which have stringent requirements for security and compliance as well as data sovereignty laws.
He elaborated that the new Data Security Broker offering addresses the evolving data privacy requirements around protecting personally identifiable information (PII) and the complexities of hybrid, multi-cloud environments.
Finally, he explained that the platform also adds new automation capabilities, such as deployable architectures prebuilt with security and compliance controls and intelligent automation technology integrating security and compliance throughout the development lifecycle.
The recent update augments IBM's infrastructure and workload protection capabilities by introducing data protection. This entails the introduction of a transparent layer of data encryption featuring format-preserving encryption and anonymization technologies to safeguard sensitive data.
This expansion in data protection is instrumental in ensuring compliance, especially for clients operating in regulated industries like finance, telecommunications, and healthcare. These sectors often contend with stringent security and compliance requirements and intricate data sovereignty regulations on both national and international levels.
As part of the IBM Cloud Security and Compliance Center updates, the company is also introducing new automation capabilities. These include ‘deployable architectures,’ prebuilt with security and compliance controls that customers can readily deploy to meet specific security requirements.
Moreover, organizations can implement policies to ensure compliance checks before deploying workloads to production, facilitating a shift-left approach to security and compliance throughout the development lifecycle.
This data security broker may face some challenges, such as compatibility issues with different cloud platforms and applications, performance degradation due to encryption and anonymization, training and configuration needs for data protection and compliance, and vulnerability to data breaches or attacks if the data or keys are compromised. However, it aims to enhance data security and compliance across hybrid and multi-cloud environments.
IBM's intelligent automation technology is set to play a central role in integrating security and compliance seamlessly into the development process, ultimately enhancing data protection across diverse cloud environments.