SecurityBrief New Zealand - Technology news for CISOs & cybersecurity decision-makers
Story image
IBM launches service to help orgs secure hybrid cloud
Tue, 29th Mar 2022
FYI, this story is more than a year old

IBM has launched a cloud service designed to perform key management across hybrid, multicloud environments, helping enterprises mitigate risk to critical data from cyber attacks and insider threats.

Built for today's hybrid cloud world, the new service is designed to enable businesses to take advantage of IBM's cloud security capabilities no matter where their data resides, including on other clouds and on-premises.

Available on IBM Cloud, Unified Key Orchestrator leverages IBM's encryption capabilities, hybrid cloud expertise and automation and is designed to give clients an understanding of their data security posture.

With the service, organisations maintain full visibility and control over who has access to their critical data, while running workloads across hybrid cloud environments and in the location where it needs to ensure data sovereignty.

At the same time, companies no longer need to rely on security experts with specialised knowledge of each individual cloud and can spend more time and resources driving innovation for their clients, the company states.

As enterprises modernise, they're increasingly adopting a hybrid, multicloud approach to host workloads where they need to be, in the cloud or on-premises, to reduce risk and demonstrate compliance, IBM states.

Considering the average company is using more than 8-9 cloud environments at any given time, they risk greater exposure to threats from malicious actors that can compromise data.

Now is the time to mitigate complexity, especially as cloud environments become a growing target for cyber criminals looking to access and capitalise on sensitive data residing across complex multicloud environments, IBM states.

However, reducing complexity is no easy task. The more clouds that businesses use, the more diverse skills their IT teams need to secure and manage the keys that protect their critical enterprise data.

IBM Cloud general manager industry clouds and solutions CTO Hillery Hunter says, "Protecting critical data across multiple platforms can be incredibly complex - but all it takes is one weak link to put a company's entire security strategy at risk.

"That's why we're giving clients one single point of control - allowing them to know who has access to their critical data at all times - even on other clouds. Trust and choice have always been at the heart of our work with clients.

"Now as businesses modernise, we're making it easier for them to manage their encryption keys and protect data across any environment they choose."

According to a recent global study conducted by IBM Institute for Business Value (IBV) in cooperation with Oxford Economics, 80% of C-Suite respondents said the ability to have governance and compliance tools run across multiple cloud estates is important or extremely important.

Especially with crypto keys that safeguard critical data distributed across many platforms, organisations can suffer from operational complexity, or non-compliance, if they don't have a holistic view of their data security posture.

With a single, secured and cloud-based view of who has access to critical data, businesses can demonstrate their compliance with greater ease and speed in near real-time, the company states.

IDC VP of security and trust Frank Dickson comments, "IBM has chosen a rather unique approach to zero trust security architectures, focusing on addressing real customer driven use cases rather than simply offering yet another product.

"Similarly, this new service demonstrates IBM's commitment to solving a critical pain point made increasingly difficult by COVID-19 accelerated digital transformation initiatives, protecting critical data.

"By making it possible to securely manage encryption keys with a single point of control – including across other public clouds - IBM is proving that what it cares most about is clients and what truly keeps them up at night, not where their data is stored.

"Unified Key Orchestrator also eases the management burden which is aggravated by the security talent shortage by making it possible for businesses to demonstrate compliance across multiple cloud platforms - which can be incredibly complex - faster and easier.