Headlines

IBM’s New Data Security Broker Enhances Multicloud Encryption

IBM's New Data Security Broker Enhances Multicloud Encryptionwordpress,IBM,datasecurity,broker,multicloud,encryption

IBM Introduces Cloud Security Compliance Center Data Security Broker for Multicloud Environments

IBM has unveiled its new Cloud Security Compliance Center Data Security Broker, designed to simplify the encryption of personally identifiable information (PII) in distributed multicloud environments. The upgraded security center offers format-preserving encryption (FPE) capabilities at the database field and file levels, providing comprehensive protection against threat actors, cloud providers, and privileged insiders. This advanced encryption technology has been licensed from Baffle, a leading provider of database encryption solutions.

Simplifying the Encryption Process

One of the main obstacles to migrating from on-premises data stores to multicloud environments has been the need for changes to applications’ code. IBM‘s Cloud Security Compliance Center Data Security Broker eliminates this requirement by providing file and database field security without any modifications to existing applications. According to Nataraj Nagaratnam, an IBM Fellow and CTO of IBM Cloud Security, this mechanism allows for seamless connection to the database based on policy and facilitates encryption, decryption, and tokenization as data moves between the application and the database.

Addressing Compliance Challenges

A recent Harris Poll commissioned by IBM revealed that 77% of IT and business leaders are adopting hybrid cloud technology for digital transformation, but 53% are concerned about compliance challenges arising from increased regulations. The implementation of advanced data encryption is crucial for distributed cloud environments, and several alternatives exist, such as key management systems and hardware security modules from companies like Thales, Entrust, and HashiCorp. However, these often require significant application development or infrastructure changes. IBM‘s Data Security Broker, provided by Baffle, offers a pure software solution that ensures data encryption without any hardware assistance, making it portable and compelling for organizations.

Enhanced Control and Security

The incorporation of Baffle’s data security broker into IBM‘s Cloud Security and Compliance Center empowers customers with greater control over data encryption, including access to encryption keys. By utilizing IBM‘s Bring Your Own Key (BYOK) and Keep Your Own Key (KYOK) capabilities, customers can ensure that their sensitive data remains encrypted at all times and is not accessible to anyone, including IBM administrators. This level of control over keys and data management is unparalleled in the industry and can instill confidence in organizations seeking to protect their valuable data.

Meeting Evolving Compliance Requirements

Compliance with evolving data privacy and sovereignty standards is challenging, particularly for multinational enterprises operating in multiple jurisdictions. Frank Dickson, IDC Group VP for Security and Trust, points out that complying with different legal frameworks across countries can be arduous, leading to inadvertent non-compliance. The expanded IBM Cloud Security and Compliance Center aims to address this issue by providing tools that assist multinationals in meeting regulatory requirements.

Editorial: The Importance of Securely Encrypting PII in Multicloud Environments

The introduction of IBM‘s Cloud Security Compliance Center Data Security Broker marks a significant step in protecting personally identifiable information (PII) in distributed multicloud environments. In today’s interconnected world, where digital transformation initiatives are driving organizations towards hybrid cloud technology, the need to safeguard sensitive data has become paramount. The complexities of complying with various regulations and managing data encryption can be daunting for enterprise security teams and IT leaders.

This new solution, powered by Baffle’s data security broker technology, offers a comprehensive approach to data protection by implementing state-of-the-art encryption techniques such as format-preserving encryption (FPE). By encrypting PII at the database field and file levels, organizations can mitigate risks posed by external threats, cloud providers, and internal actors.

The ability to achieve encryption without requiring changes to applications’ code is a game-changer, eliminating a major barrier to migrating from on-premises data stores to multicloud environments. IBM‘s integration of this technology into the Cloud Security Compliance Center streamlines the encryption process and ensures seamless connectivity to databases.

The data security landscape is constantly evolving, and organizations must stay ahead of the curve to meet compliance requirements. The Cloud Security Compliance Center Data Security Broker from IBM, powered by Baffle, enables organizations to take control of their encryption keys and ensures that sensitive data remains encrypted when in transit or at rest. This level of control is essential for building trust with customers and maintaining compliance in an increasingly regulated environment.

Advice: Embracing Encryption and Strengthening Data Security

As organizations continue to embrace multicloud environments and face the challenges of protecting PII, implementing robust encryption measures becomes crucial. Here are a few recommendations to enhance data security:

1. Evaluate Data Security Solutions

Assess the data security solutions available in the market and choose the one that best aligns with your organization’s needs. Consider factors such as encryption capabilities, ease of implementation, control over encryption keys, and compatibility with existing infrastructure.

2. Leverage Advanced Encryption Techniques

Invest in encryption technologies that go beyond infrastructure layer protection. Implement solutions like format-preserving encryption (FPE) that encrypt data at the database field and file levels. This approach provides an additional layer of security, ensuring the confidentiality and integrity of sensitive data.

3. Prioritize Compliance and Regulatory Requirements

Stay up-to-date with the latest regulations and compliance standards relevant to your industry and geographical location. Understand the data privacy and sovereignty requirements in each jurisdiction where you operate, and tailor your data security practices accordingly.

4. Establish Strong Access Controls

Implement role-based access control mechanisms to manage and restrict access to sensitive data. Grant permissions only to authorized individuals or entities, and regularly review and update access privileges to minimize the risk of data breaches.

5. Educate Employees on Data Security

Train employees on data security best practices and highlight the importance of secure handling and transmission of sensitive information. Foster a culture of data security awareness and provide regular updates on emerging threats and mitigation strategies.

By following these recommendations and leveraging technologies like the Cloud Security Compliance Center Data Security Broker, organizations can enhance their data security posture and protect PII in multicloud environments.

CloudSecurity-wordpress,IBM,datasecurity,broker,multicloud,encryption


IBM
<< photo by ZHENYU LUO >>
The image is for illustrative purposes only and does not depict the actual situation.

You might want to read !