We’ve made it our mission at IBM to ensure that confidential computing is not only available across all regions, but easily consumable.
Today, we’re taking the first step by announcing the general availability of IBM Cloud Data Shield.
Data needs to be protected throughout its lifecycle. One way of protecting data is through encryption. However, today’s data protection narrative is limited to encryption of data in transit (TLS) and encryption of data at rest. IBM Cloud Data Shield, powered by Fortanix, leverages Intel® Software Guard Extensions (SGX) to extend data security by supporting a true Zero Trust Architecture and encrypting data in use.
What is IBM Cloud Data Shield?
IBM Cloud Data Shield is a runtime protection offering that secures data while it is in use for containerized workloads that run on IBM Cloud Kubernetes Service and Red Hat OpenShift. The service is delivered as a Helm chart that you can integrate with your DevOps toolchains to seamlessly convert your existing containers into runtime-encrypted counterparts with a single API call. IBM Cloud Data Shield also makes the attestation process effortless by distributing attestation reports through certificates signed by the Enclave Manager.
Additionally, Data Shield extends Intel SGX support from C and C++ to Python and Java.
How can IBM Cloud Data Shield help me?
There are several exciting use cases for IBM Cloud Data Shield. If you or your company require data sensitivity because of internal policies, government regulations, or industry compliance requirements, this solution might help you to move to the cloud.
The enclave technology might be used for any of the following:
- Applications at runtime
- Cryptographic key management
- Increasing the privacy and security of a blockchain
- Preserving privacy in multi-party computation
- Hardware enhanced content protection
- Edge computing
- Using a digital wallet
Questions and feedback
We’d love to hear your feedback! Check out the following links to get started: