By Horst Hummel Traci Parker 2 min read
February 25, 2020

Now integrated with Bring-Your-Own-Key (BYOK) and Keep-Your-Own-Key (KYOK).

Moving confidential and mission critical data to the cloud presents data confidentiality, security, and reliability concerns. IBM Cloud Hyper Protect DBaaS allows you to provision and manage highly secure database environments for enterprise workloads with highly sensitive data, all without sacrificing performance.

You can choose from PostgreSQL and MongoDB EE enjoy the following:

  • Industry-leading security (tamper-protected)
  • Developer friendly
  • High availability and reliability
  • Industry and compliance certification readiness

What’s new?

IBM Cloud Hyper Protect DBaaS is now integrated with both standard IBM Cloud key management services: IBM Cloud Key Protect (BYOK) and IBM Cloud Hyper Protect Crypto Services (KYOK). Only Hyper Protect Crypto and KYOK gives the customer full control on the keys used to encrypt its data.

IBM Cloud Hyper Protect Crypto Services acts as an extension to IBM Cloud Key Protect’s Bring-Your-Own-Key (BYOK) functionality, adding a powerful concept of Keep-Your-Own-Key (KYOK). With KYOK, you stay in control of your essential secure key infrastructure at any time, while benefiting from a seamless integration into IBM Cloud services.

In the case of suspicious behavior, keys can be erased, keeping the data from being decrypted. Customers can also roll their keys to allow for re-organization of the key owners or removal of access as needed. With IBM Cloud Hyper Protect Services, you fully leverage the proven technology that is co-developed and operated by large enterprises for managing and securing their most sensitive data. 

What is BYOK with Key Protect?

IBM Cloud Key Protect is a multi-tenant Key Management Service (KMS) with key vaulting provided by IBM-controlled FIPS 140-2 Level 3 Hardware Security Modules. With Key Protect, customers bring their keys to the Cloud and manage them, and IBM provides operational assurance that IBM will not access the keys.

What is KYOK with Hyper Protect Crypto Services?

KYOK with Hyper Protect Crypto Services offers two-in-one (i.e., a KMS with built-in Hardware Security Module (HSM)). The offer is a single-tenant Key Management Service with key vaulting provided by customer-controlled FIPS 140-2 Level 4 (the highest available certification) HSMs. With Hyper Protect Crypto Services, customers keep their keys protected by the HSMs they control and manage; the implementation provides technical assurance that IBM cannot access the keys.

Customers looking to safeguard highly sensitive data want to use their own keys for encryption and require complete control of their encryption keys. For these customers, using Hyper Protect DBaaS integrated with Hyper Protect Crypto Services provides exclusive control over the entire key hierarchy, including the master key of the HSM that protects the secrets. The Level-4 certification assures that the HSM is tamper-proof—it can sense any attempt to compromise the HSM via physical, chemical, or environmental changes and immediately respond by auto-erasing the keys stored, which then invalidates the data that the keys protect.

Free trial period available

Available in Dallas, Frankfurt, and Sydney, order Hyper Protect DBaaS Services now, and you can benefit from a free, 30-day trial for Hyper Protect DBaaS for MongoDB or Hyper Protect DBaaS for PostgreSQL

Learn more about IBM Cloud Hyper Protect DBaaS and check out our newest demos on the IBM Demos website.

Categories

Cloud  |  database  |  Security  | 
Horst Hummel
Product Manager, Hyper Protect DBaaS
Traci Parker
GTM Offering Manager, Hyper Protect DBaaS

More from Cloud
September 21, 2023

Kubernetes version 1.28 now available in IBM Cloud Kubernetes Service

2 min read - We are excited to announce the availability of Kubernetes version 1.28 for your clusters that are running in IBM Cloud Kubernetes Service. This is our 23rd release of Kubernetes. With our Kubernetes service, you can easily upgrade your clusters without the need for deep Kubernetes knowledge. When you deploy new clusters, the default Kubernetes version remains 1.27 (soon to be 1.28); you can also choose to immediately deploy version 1.28. Learn more about deploying clusters here. Kubernetes version 1.28 In…

September 20, 2023

Temenos brings innovative payments capabilities to IBM Cloud to help banks transform

3 min read - The payments ecosystem is at an inflection point for transformation, and we believe now is the time for change. As banks look to modernize their payments journeys, Temenos Payments Hub has become the first dedicated payments solution to deliver innovative payments capabilities on the IBM Cloud for Financial Services®—an industry-specific platform designed to accelerate financial institutions' digital transformations with security at the forefront. This is the latest initiative in our long history together helping clients transform. With the Temenos Payments…

September 20, 2023

Foundational models at the edge

7 min read - Foundational models (FMs) are marking the beginning of a new era in machine learning (ML) and artificial intelligence (AI), which is leading to faster development of AI that can be adapted to a wide range of downstream tasks and fine-tuned for an array of applications.  With the increasing importance of processing data where work is being performed, serving AI models at the enterprise edge enables near-real-time predictions, while abiding by data sovereignty and privacy requirements. By combining the IBM watsonx data…

September 18, 2023

The next wave of payments modernization: Minimizing complexity to elevate customer experience

3 min read - The payments ecosystem is at an inflection point for transformation, especially as we see the rise of disruptive digital entrants who are introducing new payment methods, such as cryptocurrency and central bank digital currencies (CDBC). With more choices for customers, capturing share of wallet is becoming more competitive for traditional banks. This is just one of many examples that show how the payments space has evolved. At the same time, we are increasingly seeing regulators more closely monitor the industry’s…