“Technology should support people doing their jobs,” says Thomas Taroni, CTO at Swiss cloud services provider Phoenix Systems. “It’s easy to lose sight of that and chase innovation for the sake of innovation. At the end of the day—if you’re not making someone’s life easier, then what’s the point?”
While Phoenix Systems bills itself as an uncomplicated partner to its clients, it isn’t afraid of taking on complex technological concepts. The company has carved a niche for itself: translating leading-edge technology into practical solutions that deliver both value and convenience.
“At Phoenix Systems, our goal is to stay one step ahead of our clients: identifying emerging concerns and developing solutions that address them,” explains Taroni. “While data security is not a new concern, we’ve seen it climb the priority list for companies in every industry. It seems like there’s news of a new data breach every few days, so organizations are investing in new measures to protect themselves and their customers. There are also new players in the digital asset space whose entire business models depend on finding technology that cannot be compromised.”
Supports a zero-trust security strategy
Cut data center floorspace by 8x decreasing energy consumption and maintenance
Taroni and his colleagues recognized a fundamental disconnect between high-security solutions in the marketplace and the needs of many of its clients. Existing offerings were often difficult to manage, maintain and integrate into everyday operations. Phoenix Systems sprang into action to bridge the gap.
“Our goal is to flatten the learning curve for clients as much as possible by providing fully automated cloud security solutions,” comments Taroni. “To deliver a truly seamless user experience to our clients, we needed the right infrastructure behind the scenes.”
As an avid technology enthusiast, Taroni is always on the lookout for exciting innovations. When he heard in 2017 that there was an enterprise server from IBM that could natively support Docker containers, his interest was piqued.
“To me, containerization represented a step change in simplifying IT resource management,” says Taroni. “The idea of combining containerization with the power of IBM Z … I had to know more.”
That made IBM® LinuxONE technology the natural choice to support Phoenix Systems’ new high-security cloud services offering. The company decided to employ IBM Hyper Protect Virtual Servers running on Ubuntu Linux. Taroni reflects, “I’ve been an Ubuntu user my whole life, so the overall package of Ubuntu plus LinuxONE was the right one for Phoenix Systems. I prefer the way you manage users, install and update packages, and so on within Ubuntu.”
By taking advantage of confidential computing technology from IBM, the company provides clients with a Trusted Execution Environment, which cannot be accessed by unauthorized users or even by Phoenix Systems administrators themselves. Application and database data is encrypted end to end, both in use and at rest, so that clients benefit from a high level of security.
“Unparalleled security is built into every layer of our IBM and Ubuntu stack,” explains Taroni. “Rather than assuring companies that their data is protected through policies, we can prove that it simply isn’t possible for us to access it. Clients have total control over their own environment—they get their own smart card and cryptographic keys.”
From end to end, the new platform provides advanced security, from the cryptographic co-processors in the IBM LinuxONE server, to the Ubuntu Linux kernel and operating system, to the support for confidential computing with Secure Execution and Secure Boot.
Even though client environments are completely isolated on Phoenix Systems’ new platform, they are straightforward to manage. The company has fully automated the onboarding and customization processes.
“Using IBM technology, we have created a platform that allows us to manage super-secure containers in the same way as other containers,” says Taroni. “It’s easy for clients to get started and keep going with Phoenix Systems. They can access everything through a web page. Payments are transparent and making changes such as switching to a data center in an extra-security region can be completed with a few clicks of a mouse.”
Today, Phoenix Systems is seeing companies from many industries take up its new high-security, high-convenience cloud services. For organizations operating in regulated sectors, working with Phoenix Systems provides the flexibility and efficiency benefits of public cloud solutions, while also facilitating compliance with strict data governance and security directives.
“Until now, banks have stuck to dedicated hardware since that was the only way they could guarantee data security,” says Taroni. “Using IBM technology, we’re offering a real alternative that’s within the same price range as public cloud. Similarly, companies getting into the digital asset space can make use of a platform that’s ready-made for protecting their wallets.”
For example, Swissdox (link resides outside of ibm.com) hosts an online media database for 220,000 Swiss students and citizens on the Phoenix Systems platform. Each year, the organization adds 1.7 million documents to the archive. With help from Phoenix Systems, Swissdox developed a powerful context-based search engine, so that users can quickly find what they are looking for.
“Swissdox updates their archive with every newspaper in Switzerland on an ongoing basis,” comments Taroni. “Two years ago, it took two and a half weeks to reindex their database. On IBM LinuxONE, it takes just 12 hours.”
A cold-chain logistics company also opted to work with Phoenix Systems. The organization offers specialized containers for pharmaceuticals. Phoenix Systems helped the company develop an Internet of Things (IoT) solution capable of receiving thousands of data points each day.
“Our new confidential computing capabilities, enabled by IBM and Ubuntu, help us ensure that data is protected from both external attack and bad actors within an organization,” says Taroni. “We can provide an exceptionally high level of security at competitive fees for even extremely large data sets.”
Phoenix Systems can keep prices low, while keeping efficiency high. The easy management and low power consumption of IBM LinuxONE technology is a key contributing factor to the company’s lean operations.
Taroni explains, “We went from reserving an entire floor of a data center to requiring just a few racks, and still gaining much greater capacity. Moreover, the size of our team has remained constant even though we’re supporting more clients. Already, the systems running on our platform touch thousands of people’s lives. We’re excited to see how much more we can help change the world with IBM behind us.”
Phoenix Systems (link resides outside of ibm.com) is a software and infrastructure services provider in Switzerland that prides itself on building the systems of tomorrow. From big data to blockchain, IoT to automation, the company specializes in innovative services that are both efficient and security-rich. Phoenix Systems operates its own banking-grade data center in Zürich, Switzerland.
To learn more about the IBM solutions featured in this story, please contact your IBM representative or IBM Business Partner.
© Copyright IBM Corporation 2021. IBM Corporation, IBM Systems, New Orchard Road, Armonk, NY 10504
Produced in the United States of America, July 2021.
IBM, the IBM logo, ibm.com, IBM Z are trademarks of International Business Machines Corp., registered in many jurisdictions worldwide. Other product and service names might be trademarks of IBM or other companies. A current list of IBM trademarks is available on the web at ibm.com/trademark.
The registered trademark Linux® is used pursuant to a sublicense from the Linux Foundation, the exclusive licensee of Linus Torvalds, owner of the mark on a world-wide basis.
This document is current as of the initial date of publication and may be changed by IBM at any time. Not all offerings are available in every country in which IBM operates.
The performance data and client examples cited are presented for illustrative purposes only. Actual performance results may vary depending on specific configurations and operating conditions. THE INFORMATION IN THIS DOCUMENT IS PROVIDED “AS IS” WITHOUT ANY WARRANTY, EXPRESS OR IMPLIED, INCLUDING WITHOUT ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND ANY WARRANTY OR CONDITION OF NON-INFRINGEMENT. IBM products are warranted according to the terms and conditions of the agreements under which they are provided.
The client is responsible for ensuring compliance with laws and regulations applicable to it. IBM does not provide legal advice or represent or warrant that its services or products will ensure that the client is in compliance with any law or regulation.
Statement of Good Security Practices: IT system security involves protecting systems and information through prevention, detection and response to improper access from within and outside your enterprise. Improper access can result in information being altered, destroyed, misappropriated or misused or can result in damage to or misuse of your systems, including for use in attacks on others. No IT system or product should be considered completely secure and no single product, service or security measure can be completely effective in preventing improper use or access. IBM systems, products and services are designed to be part of a lawful, comprehensive security approach, which will necessarily involve additional operational procedures, and may require other systems, products or services to be most effective. IBM DOES NOT WARRANT THAT ANY SYSTEMS, PRODUCTS OR SERVICES ARE IMMUNE FROM, OR WILL MAKE YOUR ENTERPRISE IMMUNE FROM, THE MALICIOUS OR ILLEGAL CONDUCT OF ANY PARTY.