Privacy

IBM Enlists Intel to Shore Up Hybrid Cloud

Despite the growing momentum behind cloud computing in recent times, security concerns have been a drag on adoption. IBM sought to reduce that resistance by announcing on Monday that it would start using Intel chip technology to better secure its SoftLayer cloud platform.

When combined with hardware manufactured using Intel’s Trusted Execution Technology, SoftLayer can offer customers monitoring and security down to the chip level, IBM said. The Intel technology can be especially reassuring to enterprises running hybrid clouds — that is, those in which operations carried out in a private cloud within an organization are shared with a public cloud run by IBM.

“Security perception remains the biggest hurdle for widespread enterprise cloud adoption,” said SoftLayer CTO Marc Jones. “SoftLayer is the only bare-metal cloud platform offering Intel TXT, leading the industry in enabling customers to build hybrid and cloud environments that can be trusted from end-to-end.”

A concern of organizations in tightly regulated industries — healthcare, for example, or financial services — is that cloud providers can’t meet the compliance requirements of regulators.

SoftLayer with Intel TXT addresses that issue by ensuring that trusted resources can be integrated, managed and reported on compliance frameworks such as HIPAA, PCI, FedRAMP, ISO, FISMA and SSAE16.

As Good as Private Security

Organizations also have raised concerns about public clouds lacking the robust security of a local IT infrastructure. Not so with the IBM and Intel offering, maintained Intel Security Group Vice President Rick Echevarria.

“It is becoming increasingly important to provide cloud environments with the same, if not greater levels of security as your on premise technology environments,” he said.

“By building on IBM’s history of security innovation, with this solution based on Intel TXT, SoftLayer is demonstrating that such levels of cloud security are now possible and available,” added Echevarria.

In the aftermath of Edward Snowden’s revelations about NSA snooping on U.S. cloud server providers, some nations have moved to keep their data within their borders. SoftLayer can now make that easier by leveraging third-party software with Intel TXT to limit data decryption to specific geolocated servers in support of local data privacy laws.

Making it easier to impose georestrictions on data may solve one problem for an organization, but it may open others, pointed out Jim Reavis, CEO of the Cloud Security Alliance.

“That’s somewhat antiquated thinking, but it’s something that we will need to address for the next few years,” he told the E-Commerce Times.

“Hard-coding requirements that information be in a certain geography can cause you to lose some of the benefits of the cloud — agility and elasticity,” Reavis added, “so in the long term, we don’t think that’s a good approach.”

Vendor Lock-In

To gain the advantages of Intel TXT, IBM’s SoftLayer customers need to buy bare metal servers with a Trusted Platform Module installed on them. TPM is a chip, based on international standards, used to ensure a system hasn’t been tampered with.

Because the level of security IBM is promising can be achieved only with an Intel solution, organizations that buy into the approach may not be able to exit it gradually.

“Intel is putting together a solution and saying, ‘Use our chips because we provide an extra level of security,'” said Davi Ottenheimer, president of Flyingpenguin.

“They’re also saying, ‘Don’t buy other chips,'” he told the E-Commerce Times.

“If you can’t commoditize the level of trust that they’re building, then you get into a single vendor option, which rubs against the whole premise of the cloud,” Ottenheimer said.

However, that can be a way for IBM to differentiate SoftLayer from other cloud offerings that use commodity gear.

“IBM is spending a whole bunch of money to get some incremental gains, but they’re also locking themselves into these Intel chips,” Tal Klein, vice president of marketing at Adallom, told the E-Commerce Times. “It’s trying to offer a premium service not built on commodity gear.”

John Mello is a freelance technology writer and contributor to Chief Security Officer magazine. You can connect with him on Google+.

Leave a Comment

Please sign in to post or reply to a comment. New users create a free account.

Related Stories
More by John P. Mello Jr.
More in Privacy

E-Commerce Times Channels