Featured Stories

Bringing Sophisticated Security and AI to the IBM Cloud

There are two major themes that bookend the enterprise conversation about cloud adoption. On one hand, businesses are compelled to move more workloads to the cloud to seize the new opportunities presented by AI, Machine Learning, IoT or even next-generation quantum computing or risk getting left behind.

On the other hand, concerns about security and privacy may cause concerns about moving too quickly. In both cases, the path forward is complex, often requiring talent and technology that is hard to come by. Today at Think 2018, IBM is making a number of announcements that address both the innovation opportunity of AI and the need to strengthen security for the cloud.

With these additions, IBM is simplifying how enterprises can securely bridge to the public cloud by helping to address their needs throughout the journey, from accelerating the migration of existing workloads to the cloud to modernizing and extending existing apps to delivering tools to build next-gen cloud native apps.

First Cloud Services with Mainframe-Level Data Protection

Cloud adoption is increasing at a rapid pace, but security and data concerns still remain barriers to adoption. Consider these facts:

  • According to a recent study from the Ponemon Institute, just 40 percent of all data stored in the cloud is secured with encryption and key management solutions, and according to the Breach Level Index, of the nearly 10 billion records breached since 2013, only 4 percent of the stolen data was encrypted and therefore rendered useless to the hackers;
  • A second Ponemon Institute survey pointed out that in security of privileged users, 80 percent of threats are internal, and 58 percent of IT Operations and Security Managers believe their organizations are unnecessarily granting access to individuals beyond their roles and responsibilities.

To help clients overcome these barriers, IBM is unveiling the first cloud services with mainframe-level data protection. Now, developers and clients can build, deploy and host applications with an industry-leading data protection that encrypts information in memory, in transit and at rest. This technology is designed to help protect against insider threats.

The new IBM Cloud Hyper Protect family includes four new services that are made possible by bringing IBM Z into IBM’s global public cloud data centers. Through the IBM Cloud catalog, developers can gain easy access to industry-leading security capabilities to modernize their applications in the IBM Cloud. This includes:

  • IBM Cloud Hyper Protect Crypto Services are designed to enable developers to infuse security with data encryption and key management capabilities into their modern applications. These new services bring the capability of IBM Z to the IBM Cloud through the same state-of-the-art cryptographic technology relied upon by leading banks and financial institutions. This service supports secure key operations and random number generation via IBM Z cryptographic hardware. This is the industry’s first and only Cloud HSM Solution built with FIPS 140-2 Level 4 certified technology offered by a public cloud provider, and is the same technology that is the backbone of IBM’s Enterprise Blockchain Platform solution.
  • IBM Cloud Hyper Protect DBaaS is designed to enable enterprises to protect cloud-native database services, such as MongoDB – EE, with data stores that are security-rich and private. This is ideal for highly regulated industries that are responsible for sensitive personal data (SPI) such as credit card numbers, financial data, social security numbers and more.
  • IBM Cloud Hyper Protect Containers are designed to enable enterprises to deploy container-based applications and microservices, supported through the IBM Cloud Container service, that handle sensitive data with a security-rich Service Container Systems environment in IBM Z/LinuxOne platform. This environment is built with IBM LinuxONE Systems that offer extreme security, designed for EAL5+ isolation and Secure Services Containers technology that are designed to prevent privileged access from malicious users and Cloud Admins.
  • IBM Cloud Hyper Protect Developer Starter Kits are designed to enable iOS developers to safeguard credentials, services and data using the Hyper Protect cloud services when building enterprise apps on IBM Cloud. This complements the high level of security of Apple devices.

Today’s news builds on the work IBM already has done to enable continuous security for cloud apps. Get started with the new IBM Cloud Hyper Protect services by visiting: ibm.com/cloud/hyper-protect-services.

Accelerating AI with POWER9 on the IBM Cloud As IBM continues to alleviate security concerns in the cloud, this helps open the door for clients to gain greater value from it. Deep learning is one of the hottest areas of AI today, and data science teams across all industries are active in developing fit-for-purpose deep learning models, which provide function and insights custom to industry problems and datasets. To be successful in leveraging AI or developing new machine learning models, enterprises need access to hardware that is purpose-built to meet the rigorous demands of these workloads and support in setting up, maintaining and delivering new AI frameworks and services that streamline the development process. To address all of these needs, IBM is introducing:

  • POWER9 on IBM Cloud – IBM will deliver its next-generation Power Systems Servers incorporating its newly designed POWER9 processor to the IBM Cloud. Built from the ground up and specifically designed for compute-intensive AI workloads, the new POWER9-based AC922 systems with NVIDIA Tesla V100 GPUs connected via the high-speed NVLink interface are capable of improving the training times of deep learning frameworks by nearly 4 times[1]. This can help data scientists train more accurate AI models, faster.
  • PowerAI on IBM Cloud – IBM is bringing the simplest on-ramp to deep learning applications. In a pre-optimized, binary software package, PowerAI is an enterprise software distribution of the open source community’s popular deep learning frameworks like Tensorflow, Torch, and Caffe. What could have taken days to install and configure, now takes minutes. PowerAI also comes with features such as auto-hyperparameter tuning and distributed deep learning enabling data scientists to train models within minutes, meaning they can get better insights, faster.
  • SAP HANA on Power Systems on IBM Cloud – IBM is introducing a new SAP-certified IBM Cloud managed application service for SAP HANA workloads. Through this integrated approach of hardware and software, IBM is the first to offer this level of cloud support for massive workloads of up to 24 TB by using IBM Power Systems and IBM Storage. Learn more at IT Biz Advisor.


This story first appeared on IBM THINK Blog

Learn more about new IBM Cloud services for AI and security at Think 2018, 19-22 March.

[1] Results are based on IBM Internal Measurements running the CUDA H2D Bandwidth Test Hardware: Power AC922; 32 cores (2 x 16c chips), POWER9 with NVLink 2.0; 2.25 GHz, 1024 GB memory, 4xTesla V100 GPU; Ubuntu 16.04. S822LC for HPC; 20 cores (2 x 10c chips), POWER8 with NVLink; 2.86 GHz, 512 GB memory, Tesla P100 GPU  Competitive HW: 2x Xeon E5-2640 v4; 20 cores (2 x 10c chips) / 40 threads; Intel Xeon E5-2640 v4; 2.4 GHz; 1024 GB memory, 4xTesla V100 GPU, Ubuntu 16.04


General Manager, IBM Z

John Considine

General Manager, IBM Cloud Infrastructure Services