The Schwartz
Cloud Report

Blog archive

IBM Vets IaaS Customers To Ensure Security

I have yet to talk to a cloud provider that doesn't emphasize the security of its services. So it should come as no surprise that when I talked to executives overseeing IBM's cloud efforts last week at the company's Partnership Leadership Conference in New Orleans, security was a critical part of the conversation.

IBM's cloud security framework brings together assets from its Tivoli security software business and Rational development tools unit, as well as its identity management and data security approaches embedded into its servers, storage and various software offerings ranging from development tools to middleware and its business analytics software.

But when it comes to SmartCloud Enterprise, the company's public cloud Infrastructure as a Service (IaaS), IBM's approach to security begins with a simple prerequisite: You must be a known customer before it will host your data, explained Rich Lechner, vice president of cloud for IBM's Global Technology Services business.

"An individual can't simply sign up with a credit card," Lechner said. "The reason being, in a multitenant environment like that, part of the security model says you have to know who else is in the building. "A lot of other cloud providers don't offer that level of security. They are not managing or ensuring the identity of the other tenants."

Lechner acknowledged that this extra process has a downside. "It slows the on-boarding process because you now have to validate the client, but we believe, and our clients believe, that the benefits in terms of security outweigh the negatives of the slower on-boarding process."

Lechner also said IBM is using cloud technologies to power its global Security Operations Center (SOC), which he said tracks 5 billion security events daily. Hundreds of researchers who collaborate via this cloud discover between 50 and 300 brand-new, never-before-seen threats worldwide, Lechner said. They assess, identify and resolve those threats and provide inoculations and distribute them to IBM's 2,000 managed services clients, usually within 24 hours. Known threats are inoculated typically within minutes, according to Lechner.

"It's an interesting utilization of the cloud, in the sense that it leverages the processing, analytical and global reach."

Posted by Jeffrey Schwartz on March 05, 2012 at 10:38 AM


Featured

  • Feds Takes Action Against Russian Firms for Spying

    The U.S. Department of the Treasury has issued sanctions against Russia and a handful of Russian organizations for spying and other cyberactivities.

  • Microsoft Previews 64-Bit OneDrive Client for Windows 10

    A preview of a 64-bit OneDrive client for x64 Windows 10 systems is now available for work, school or home users.

  • The 2021 Microsoft Product Roadmap

    From Windows 10X to the next generation of Microsoft's application server products, here are the product milestones coming down the pipeline in 2021.

  • Microsoft Adds Data Loss Prevention Alerts to Compliance Toolbox

    The latest part of Microsoft's overall compliance tooling is its Data Loss Prevention Alerts Dashboard, now generally available.