IBM added features around data protection for workloads and AI data repositories to its Cloud Security and Compliance Center.
IBM’s suite of cloud security and posture management services under its IBM Cloud Security and Compliance Center is getting a host of new features aimed at risk mitigation and data protection for organizations with complex arrangements of public and private clouds.
Among the additions is the IBM Cloud Security and Compliance Center Data Security Broker, which the company developed in collaboration with data security firm Baffle. IBM characterized the Broker as offering centralized data encryption for data used in business applications and artificial intelligence workloads.
Jump to:
Multicloud’s digital coastline means more harbors to monitor
Nataraj Nagaratnam, cloud security CTO at IBM, said visibility around hybrid and multicloud deployments was especially important because organizations needed to demonstrate that they could consistently monitor activity, “not only from a threat perspective, but from an integration and posture management perspective.”
Nagaratnam said: “Traditionally, teams have focused on threat and security operations centers, but configuration and posture management is an integral part of mitigating threats.”
SEE: What is Cloud Security? (TechRepublic)
IBM’s own research found that 77% of global business leaders have adopted a hybrid cloud approach. Yet more than half of respondents to IBM’s survey said they were still concerned about security and felt that compliance in the cloud was too difficult to maintain.
Broker feature designed to add data security across clouds
Ameesh Divatia, CEO of Baffle, characterized the IBM Cloud Security and Compliance Center Data Security Broker as a year-long effort to produce a streamlined data protection solution for IBM customers.
“Enterprises are facing unprecedented complexity with distributed multi- and hybrid-cloud footprints and rapidly changing privacy regulations,” Divatia said.
“Companies need more control over their data to operate with greater agility, to scale and to comply with myriad industry and legislative compliance requirements. [Our] innovative data-centric approach to security made our technology ideally suited to be the core for IBM’s Data Security Broker product.”
SEE: At Black Hat, Splunk, AWS, IBM Security and Others Launch Open Source Cybersecurity Framework (TechRepublic)
The Broker feature includes data access management and auditing “across different data sources with non-intrusive and ready out-of-the-box integration — and without any application changes or coding needed,” according to IBM.
Quick growth of hybrid and multicloud for enterprises
A growing number of organizations are using multiple cloud service providers and/or combinations of private and public clouds. These complex arrangements create manifold security risks because of potential data loss and less visibility of more complicated threat surfaces, including application programming interfaces, unauthorized access and noncompliance.
“The expansion of the IBM Cloud Security and Compliance Center demonstrates our continued focus on industry-specific capabilities that help address real world business challenges for our clients,” said Rohit Badlaney, general manager for the IBM Cloud Product and Industry Platform, in a statement.
A February 2023 report from Google noted that the majority of organizations are deploying applications in two or more on-premises data centers, two or more colocation providers, three or more infrastructure-as-a-service providers, and three or more platform-as-a-service providers.
In addition, 87% of organizations said their application environments would become distributed across multiple locations over the next two years, and nearly the same percentage said they regularly migrated applications and/or data from on-premises locations to the public cloud.
Dashboard for monitoring across clouds one of several new features
IBM said the additions to its Cloud Security and Compliance Center include a central dashboard for monitoring security and compliance across its hybrid and public cloud environments.
The expanded IBM Cloud Security and Compliance Center will also include capabilities to support clients in financial and other highly regulated industries, including:
- Enhanced cloud posture management, workload protection and infrastructure entitlement management.
- Machine learning-based workload protection capabilities and automation for developers.
- Visibility into third- and fourth-party risks so organizations can understand supply chain threats.
- Automation of implementation and management of compliance controls.