IBM has launched the industry's first cloud solution to perform key management across hybrid, multicloud settings, assisting businesses in reducing the risk of cyberattacks and insider threats to important data. The new service, designed for today's hybrid cloud world, allows businesses to take benefit of IBM's cloud security capabilities regardless of where their data lives, including on other clouds and on-premises.
Securing hybrid cloud environments against data breaches
As enterprises modernise, they're increasingly adopting a hybrid, multicloud approach to host workloads where they need to be – in the cloud or on-premises – to reduce risk and demonstrate compliance. Considering the average company is using more than 8-9 cloud environments at any given time, they risk greater exposure to threats from malicious actors that can compromise data. Now is the time to mitigate complexity – especially as cloud environments become a growing target for cybercriminals looking to access and capitalise on sensitive data residing across complex multicloud environments. But reducing complexity is no easy task. The more clouds that businesses use, the more diverse skills their IT teams need to secure and manage the keys that protect their critical enterprise data.
"Protecting critical data across multiple platforms can be incredibly complex -- but all it takes is one weak link to put a company's entire security strategy at risk. That's why we're giving clients one single point of control – allowing them to know who has access to their critical data at all times – even on other clouds," said Hillery Hunter, General Manager, Industry Clouds & Solutions, CTO, IBM Cloud. "Trust and choice have always been at the heart of our work with clients. Now as businesses modernise, we're making it easier for them to manage their encryption keys and protect data across any environment they choose."
Enabling data governance to help organisations demonstrate their compliance
According to recent global research done by IBM Institute for Business Value (IBV) in collaboration with Oxford Economics, the ability to operate governance and compliance tools across various cloud estates is significant or extremely important to 80% of C-Suite respondents. Organisations might suffer from operational complexity or non-compliance if they don't have a comprehensive view of their data security posture, especially with crypto keys that safeguard sensitive data scattered across numerous platforms. Businesses can demonstrate compliance with increased ease and speed in near real-time with a single, secure, cloud-based view of who has access to sensitive data.
"IBM has chosen a rather unique approach to zero trust security architectures, focusing on addressing real customer driven use cases rather than simply offering yet another product. Similarly, this new service demonstrates IBM's commitment to solving a critical pain point made increasingly difficult by COVID accelerated digital transformation initiatives, protecting critical data. By making it possible to securely manage encryption keys with a single point of control – including across other public clouds – IBM is proving that what it cares most about is clients and what truly keeps them up at night, not where their data is stored. Unified Key Orchestrator also eases the management burden which is aggravated by the security talent shortage by making it possible for businesses to demonstrate compliance across multiple cloud platforms – which can be incredibly complex – faster and easier," said Frank Dickson, VP of Security & Trust at IDC.
IBM is the only cloud service provider offering a consistent view of encryption keys across numerous cloud environments, allowing organisations to show compliance and increase security. Unified Key Orchestrator, which is available on IBM Cloud, takes advantage of IBM's encryption capabilities, hybrid cloud experience, and automation to provide clients with a clear understanding of their data security posture. Organisations can maintain complete visibility and control over who has access to their sensitive data while operating workloads across hybrid cloud environments and in locations where data sovereignty is required. At the same time, companies no longer need to rely on security experts with specialised knowledge of each individual cloud and can spend more time and resources driving innovation for their clients.
