What is IBM Cloud Data Shield?

IBM Cloud™ Data Shield enables users to run containerized applications in a secure enclave on an IBM Cloud Kubernetes Service host, providing data-in-use protection. IBM Cloud Data Shield supports user-level code to allocate private regions of memory, called enclaves, that are protected from processes running at higher privilege levels. It extends Intel Software Guard Extensions (SGX) language support from C and C++ to Python and Java™, while also providing preconverted SGX applications for MySQL, NGINX and Vault. Powered by the Fortanix Runtime Encryption platform and Intel SGX technology, these tools enable organizations with sensitive data to leverage cloud computing with more confidence.

IBM Cloud Data Shield benefits

Facilitates a cloud model

IBM Cloud Data Shield helps enable organizations with sensitive data to deploy and benefit from cloud computing.

Secures containerized apps

IBM Cloud Data Shield can run containerized applications in secure enclaves on the IBM Cloud Kubernetes Service.

Increases visibility

IBM Cloud Data Shield offers better visibility into node security attributes.

Supports DevOps

IBM Cloud Data Shield easily integrates with DevOps pipelines.

Delivers scalability and high availability

IBM Cloud Data Shield uses the IBM Cloud Kubernetes Service to bring scalability and high availability to SGX workloads.

Protect your containers today.


Intel is a registered trademark of Intel Corporation or its subsidiaries in the United States and other countries.