With IBM Cloud® Secrets Manager, you can create secrets dynamically and lease them to applications while you control access from a single location. Powered by HashiCorp Vault, Secrets Manager helps you get the data isolation of a dedicated environment with the benefits of a public cloud.
Built-in, essential security across all IBM Cloud platform and infrastructure services.
Single-tenant data isolation via Vault
Monitor access and produce audit reports
Enhance the security of stored secrets with IBM® Key Protect
Create and manage trusted certificates securely using built-in protection
Manage access policies at enterprise scale
Configure with Event Notifications Service to receive secrets life-cycle events
Create locks on secrets to prevent them from being deleted or modified while in use
A customizable set of parameters that define how a secret interacts with a credentials` provider—powered by a Code Engine job implementation
The shift to cloud-native models aims to boost development speed for application teams. They expect this acceleration without compromising security and rely on their cloud provider to offer solutions that support both.
Solution: Secrets Manager integrates with DevOps tools like IBM Cloud Toolchains to provide security where teams manage secrets. Its secrets group feature and activity tracker ensure proper access control.
Solution: Financial and healthcare institutions with sensitive data, like credit histories or EHR records, have low risk tolerance. They worry about storing access credentials in a vulnerable multi-tenant environment on IBM Cloud. With Secrets Manager, they can use HashiCorp Vault for single-tenant isolation, audit access with Activity Tracker, and protect vault access with their own encryption keys via Key Protect (BYOK).
A healthcare group needs to securely manage various secrets in a single-tenant environment. They currently use multiple tools, some of which are multi-tenant, for handling API keys, user credentials, text, and certificates. They lack the time to train teams, switch between applications, and compile audit reports from different sources. They need a streamlined solution for multiple teams and a high volume of instances.
Solution: With Secrets Manager, they can securely manage API keys, user credentials, and text in one centralized service. This allows them to benefit from public cloud while maintaining single tenancy and efficiently administering policies and permissions across the company.
Solution: With Secrets Manager, they can generate IAM API keys, set access policies, and securely embed the API for key retrieval in their app.