Last updated: 17 May 2018
We use cloud applications everywhere, across many different facets of a company; expenses, project workflows, product development and sales and marketing. Applications are often linked to a company’s central system and if left insecure, end up serving as a gateway for malicious outsiders. They are also increasingly the targets of cyber-attackers to gain privileged access, steal data or manipulate information. In fact, in 2017, only 1% of the 2.6 billion records stolen were encrypted according to the new Breach Level Index findings.
Data protection, or encryption, is moving from a “best practice” to a business necessity with the digital transformation and the changing regulatory environment. In fact, Gemalto and Ponemon Institute’s 2018 Global Cloud Data Security Study found just over two-thirds (67 percent) of IT and security practitioners agreed they’re committed to protecting confidential or sensitive information in the cloud; even fewer than that (47 percent) said they are proactive in managing compliance with privacy and data protection regulations in cloud environments.
There is the ongoing debate in the industry about the merits of hardware security versus software security. But, today, many enterprises are looking to Hardware Security Modules (HSMs) to protect critical corporate applications and data. HSMs provide the added levels of security needed to meet compliance and regulation requirements for data encryption and high-assurance encryption key protection. With the introduction of Europe’s General Data Protection Regulation (GDPR), Australia’s Privacy Act (APA) and the United States’ Cloud Act many companies will turn to HSM technology to help manage their application and data security.
There are obvious challenges of implementing hardware security (cost, space, resources, and personnel), but partnerships and integrations are aimed at helping all companies have access to hardware security with an easy road to deployment. Gemalto and IBM are doing just that and have teamed up to minimize complexities and the cost (money and time) to organizations.
So, what exactly is an HSM and how are Gemalto and IBM working together?
An HSM is a piece of hardware which processes all cryptographic operations and does not allow encryption keys to leave the secure cryptographic environment. Data, shared, stored or in motion, is encrypted at its point of creation and companies can execute and maintain their own data protection policies in the cloud. IBM Cloud now uses Gemalto’s SafeNet Luna HSM technology for its newly released IBM Cloud HSM 7.0. This solution gives customers ease of access to 60 IBM data centers around the world that they can use to solve their compliance and data sovereignty challenges. And with FIPS 140-2 Level 3 certification, IBM Cloud HSM 7.0 is designed to make sure that enterprises receive a reliable and secure solution for the management of their cryptographic assets.
You can learn more about how IBM Cloud HSM is making application security in the cloud easy by clicking here. You can also visit this resource to learn more about the SafeNet Luna HSM technology that underpins IBM’s latest cloud-based offering.
For additional technical information, you can find the links below for our SafeNet Luna 7.0: