IBM is looking to give organisations struggling with cloud security planning and management a helping hand, after unveiling a series of new security products and services.
IT managers have a multitude of security and privacy concerns about moving their data to the cloud, said Jason Hilling, portfolio manager for the Managed and Cloud Security Service group at IBM Global Technology Services. These security concerns may deter companies from taking advantage of the performance benefits of cloud computing, he said.
In a 2010 Global IT Risk survey by IBM’s Institute for Business Value, 77 percent of respondents said adopting cloud computing makes protecting privacy more difficult. About half were concerned about potential data breaches, and almost a quarter of the surveyed managers were worried about weak network security, according to the survey.
The study surveyed over 600 IT managers and senior executives across multiple industries and regions, in North America, Europe, Asia-Pacific, the Middle East, Latin American and Africa to understand how enterprises are managing IT risks. While respondents generally were confident about their risk compliance and management efforts, they identified security in the cloud as a big problem area.
Hilling described a two-pronged approach emphasising proper security planning and putting security tools in the cloud instead of dealing with each individual endpoint. The security tools include the rather awkwardly-named IBM Managed Security Services Hosted Security Event and Log Management and the scanning service IBM Managed Security Services Hosted Vulnerability Management.
Hilling also said IBM’s security consulting services help organisations with security planning by creating a roadmap, performing an assessment, and identifying application security needs.
Data security doesn’t mean the same thing to everyone, Hilling said. Service providers and users consider security measures that make sense for their business, such as the kind of work being performed and the processes that are in place. Organisations with collaboration tools and email in the cloud should focus on access and policy controls, but healthcare systems should think about data isolation and encryption, the company said.
The scanning service IBM Managed Security Services Hosted Vulnerability Management checks all packets going in and out of network devices, servers, Web applications, and databases.
IBM Security Virtual Server Protection for VMware integrates “introspection monitoring,” said Hilling, where a virtual doorman scans all traffic outside the virtual machine to detect potential malware attacks, and the operating system inside to confirm it is running properly. The protection checks whether any malicious code is running, such as root-kits, said Hilling. As this is tied to the hypervisor and protects the virtual machines from the ground up, this is available only for VMware hypervisors, said Hilling. The virtual doorman hooks into the security APIs available with the yet-to-be-released VMware Fusion 4, according to Hilling. IBM is exploring adding other hypervisor support, he said.
The IBM Watson and Zurich research laboratories are working on security projects that enable enhanced data integrity, recovery, privacy, and customer isolation in a public cloud environment. While not available as an off-the-shelf product, IBM recently deployed these enhanced services within its own environments, into the IBM Smart Business Test and Development cloud, Hilling said.
The projects provide “infrastructure hardening,” or stronger isolation between different workloads, said IBM. Verifying the integrity and correct configuration of each component prevents low-level attacks such as spoofing, IBM said.
IBM is committed to showing that “the cloud can be a completely secure environment, provided the right measures are in place,” said Hilling.
Suspended prison sentence for Craig Wright for “flagrant breach” of court order, after his false…
Cash-strapped south American country agrees to sell or discontinue its national Bitcoin wallet after signing…
Google's change will allow advertisers to track customers' digital “fingerprints”, but UK data protection watchdog…
Welcome to Silicon In Focus Podcast: Tech in 2025! Join Steven Webb, UK Chief Technology…
European Commission publishes preliminary instructions to Apple on how to open up iOS to rivals,…
San Francisco jury finds Nima Momeni guilty of second-degree murder of Cash App founder Bob…