IBM today announced a series of cloud services and technologies designed to help clients maintain the highest available level of cryptographic key encryption protection to help protect existing data in the Cloud and prepare for future threats that could evolve with advances in quantum computing.
The company is now offering quantum-safe cryptography support for key management and application transactions in IBM Cloud®, making it the industry’s most holistic quantum-safe cryptography approach to securing data available today.
The new capabilities include:
- Quantum Safe Cryptography Support: Through the use of open standards and open source technology, this service enhances the standards used to transmit data between enterprise and Cloud, helping to secure data by using a quantum-safe algorithm.
- Extended IBM Cloud Hyper Protect Crypto Services: New capabilities are available to enhance privacy of data in cloud applications, where data sent over the network to cloud applications and sensitive data elements like credit card numbers, are stored in a database that can be encrypted at application-level – supported by the industry’s highest level of cryptographic key encryption protection with ‘Keep Your Own Key’ (KYOK) capability.
IBM Key Protect, a Cloud-based service that provides lifecycle management for encryption keys that are used in IBM Cloud services or client-built applications, has now introduced the ability to use a quantum-safe cryptography enabled Transport Layer Security (TLS) connection – helping to protect data during the key lifecycle management.
In addition, IBM Cloud is also introducing quantum-safe cryptography support capabilities to enable application transactions. When cloud native containerized applications run on Red Hat® OpenShift® on IBM Cloud or IBM Cloud Kubernetes Services, secured TLS connections can help application transactions with quantum-safe cryptography support during data-in-transit and protect from potential breaches.
Today, IBM Cloud is also delivering new capabilities to help secure application transactions and sensitive data using IBM Cloud Hyper Protect Crypto Services, which offer the industry’s highest level of cryptographic key encryption protection by providing customers with ‘Keep Your Own Key’ (KYOK) capability. Built on FIPS-140-2 Level 4-certified hardware – the highest level of security offered by any cloud provider in the industry for cryptographic modules – this allows clients to have exclusive key control, and therefore authority over the data and workloads protected by the keys.
Designed for application transactions where there is a deeper need for more advanced cryptography, IBM Cloud clients can keep their private keys secured within the cloud hardware security module while offloading TLS to IBM Cloud Hyper Protect Crypto Services to help establish a secure connection to the web server. They can also achieve application-level encryption of sensitive data, such as a credit card number, before it gets stored in a database system. (IBM)