New IBM Cloud Hybrid Architecture Designed for Your Security and Compliance-Readiness Needs 

3 min read

By: Dale Hoffman, Rohit Badlaney, Kaus Phaltankar, Mike Turner, Lior Cohen, and Andrew Guerra

We're excited to announce a new IBM Cloud hybrid architecture.

For enterprises, we have seen that protecting data from unauthorized access and streamlining their compliance operations is important to ensure the integrity of their business and to maintain customer trust. As businesses work to ensure data has not been compromised or undergone unsanctioned processing and to help them deliver continuous monitoring for compliance audit readiness, we find that enterprises need the correct technology and a trustworthy cloud provider. By working with our security and compliance technology partners, IBM is helping your business stay protected in the cloud. 

The IBM Cloud Secure Virtualization (ICSV) solution

Currently, IBM Cloud, VMware, Intel, and HyTrust offer the IBM Cloud Secure Virtualization (ICSV) solution. The automation-deployed solution leverages Intel’s hardware-enforced security technology and HyTrust workload protection controls for enforcement of data processing geolocation and governance of administrative actions. For example, this innovative data protection technology is designed to help you confirm decryption occurs only at verified geolocations on authorized servers, providing confidence that your workloads boot up on uncompromised and trusted hardware/software.

Announcing a new IBM Cloud hybrid architecture

Building on these capabilities, IBM is excited to announce that it has helped to drive collaboration and development across its Partner ecosystem to deliver further HyTrust integration with Caveonix and the Fortinet Security Fabric in a new validated design for a hybrid cloud that supports your security and your compliance-readiness needs.

Fortinet FortiGate VM provides a consistent security layer designed to protect your IBM Cloud and on-premise workloads with a unified threat mitigation model to provide secured connectivity across your hybrid environment. Caveonix RiskForesight provides the central integration point designed to continuously detect, predict, and act with full-stack visibility into your hybrid cloud infrastructure, platforms, applications, and workloads to help you manage your compliance needs. IBM and its Partners are confident this solution approach will help your business to tackle the toughest risk mitigation and compliance readiness use cases.

HyTrust DataControl and IBM Cloud Hyper Protect Crypto Services

Not stopping there, IBM and HyTrust are working to integrate HyTrust DataControl with IBM Cloud Hyper Protect Crypto Services, a single-tenant key management service built on the industry’s first and only FIPS 140-2 Level 4 certified Hardware Security Module (HSM) available in the public cloud.* The solution is designed to allow your organization flexibility for extending encryption operations to the cloud in a hybrid model. The integration between these technologies designed to help you maintain control over encryption keys, including the master keys, and employ the high level of industry-certified protection over your data. An early access version of this solution is targeted for September 2019.

The solution is designed to provide key benefits, including the following: 

  • IBM Cloud admins never have access to customer keys.
  • The client is the only one to have full control of the encryption keys and entire key hierarchy, including the HSM Master Key.
  • Built-in protection against privileged access threats designed to reduce the risk of data compromise.
  • Data encryption and controls on privileged access intended to reduce your regulatory compliance risk.

Losses due to fraud and data breaches cost organizations millions of dollars per year.** The ability to help address unauthorized access of data and operational risks and assist you with your compliance audit readiness is a key benefit of running your VMware workloads on IBM Cloud.

Come see us at VMworld 2019

Learn more at VMworld 2019 in San Francisco and be sure to stay tuned to our blog for the latest updates.

*The Federal Information Processing Standard (FIPS) Publication 140-2 is a U.S. government computer security standard used to approve cryptographic modules. It is issued by the National Institute of Standards and Technology (NIST). Level 4 is the highest level of security.

**IBM Security: Cost of a Data Breach Report 2019

Be the first to hear about news, product updates, and innovation from IBM Cloud