IBM Cloud Delivers Quantum-Safe Cryptography and Hyper Protect Crypto Services to Help Protect Data in the Hybrid Era
ARMONK, N.Y., Nov. 30, 2020 /PRNewswire/ -- IBM (NYSE: IBM) today announced a series of cloud services and technologies designed to help clients maintain the highest available level of cryptographic key encryption protection to help protect existing data in the cloud1 and prepare for future threats that could evolve with advances in quantum computing. Pioneered by IBM Research scientists, the company is now offering quantum-safe cryptography support for key management and application transactions in IBM Cloud®, making it the industry's most holistic quantum-safe cryptography approach to securing data available today.
The new capabilities include:
"As our reliance on data grows in the era of hybrid cloud and quantum computing capabilities advance, the need for data privacy is becoming even more critical. IBM now offers the most holistic quantum-safe approach to securing data available today and to help enterprises protect existing data and help protect against future threats," said Hillery Hunter, Vice President and Chief Technology Officer, IBM Cloud. "Security and compliance remain front and center for IBM Cloud as we continue to invest in confidential computing and our leading encryption capabilities to help enterprises of all kinds – especially those in highly regulated industries – keep data secured."
Preparing for future threats with Quantum-Safe Cryptography Support
Today, as the next step in that agenda, IBM is bringing its industry-leading encryption capabilities built by IBM Research cryptographers to help clients with a quantum-safe cryptography approach for their data-in-transit within IBM Cloud. The capabilities are designed to help enterprises prepare for future threats and can be useful against attacks in which malicious actors harvest encrypted data today with the intent to decrypt it later as quantum computing advances.
IBM Key Protect, a cloud-based service that provides lifecycle management for encryption keys that are used in IBM Cloud services or client-built applications, has now introduced the ability to use a quantum-safe cryptography enabled Transport Layer Security (TLS) connection – helping to protect data during the key lifecycle management.
In addition, IBM Cloud is also introducing quantum-safe cryptography support capabilities to enable application transactions. When cloud native containerized applications run on Red Hat® OpenShift® on IBM Cloud or IBM Cloud Kubernetes Services, secured TLS connections can help application transactions with quantum-safe cryptography support during data-in-transit and protect from potential breaches.
Protecting sensitive data with IBM Cloud Hyper Protect Crypto Services
Today, IBM Cloud is also delivering new capabilities to help secure application transactions and sensitive data using IBM Cloud Hyper Protect Crypto Services, which offer the industry's highest level of cryptographic key encryption protection by providing customers with 'Keep Your Own Key' (KYOK) capability. Built on FIPS-140-2 Level 4-certified hardware – the highest level of security offered by any cloud provider in the industry for cryptographic modules2 – this allows clients to have exclusive key control, and therefore authority over the data and workloads protected by the keys.
Designed for application transactions where there is a deeper need for more advanced cryptography, IBM Cloud clients can keep their private keys secured within the cloud hardware security module while offloading TLS to IBM Cloud Hyper Protect Crypto Services to help establish a secure connection to the web server. They can also achieve application-level encryption of sensitive data, such as a credit card number, before it gets stored in a database system.
Continuing to address the security demands of clients and highly regulated industries
Furthering its commitment to security and compliance, IBM continues to collaborate with its industry peers to make further progress in standardization initiatives. For example, security best practices on IBM Cloud are now available as a Center for Internet Security (CIS) Foundations benchmark for IBM Cloud, and IBM Research cryptographers are key contributors to the QSC algorithms that are short listed in the National Institute of Standards and Technology (NIST).
IBM, the IBM logo, and IBM Cloud are trademarks or registered trademarks of IBM Corp., in the U.S. and/or other countries.
Red Hat® and OpenShift® are trademarks or registered trademarks of Red Hat, Inc. or its subsidiaries in the United States and other countries.
About IBM Cloud
1 Encryption keys and cryptographic operations are protected with highest level certified HSM - with Hyper Protect Crypto services: FIPS 140-2 Level 4.
2 Based on IBM Hyper Protect Crypto Service, the only service in the industry built on FIPS 140-2 Level 4-certified hardware. FIPS 140-2 Security Level 4 provides the highest level of security defined in this standard. At this security level, the physical security mechanisms provide a comprehensive envelope of protection around the cryptographic module with the intent of detecting and responding to all unauthorized attempts at physical access.
View original content to download multimedia:http://www.prnewswire.com/news-releases/ibm-cloud-delivers-quantum-safe-cryptography-and-hyper-protect-crypto-services-to-help-protect-data-in-the-hybrid-era-301181556.html