IBM Intros Multicloud Data Security

IBM (NYSE: IBM) this week took aim at protecting data and AI workloads in hybrid cloud and multicloud environments with the announcement of an IBM Cloud Security and Compliance Center Data Security Broker (IBM DSB).

The IBM DSB addresses an urgent problem for enterprises with hybrid and multicloud estates: namely, that data existing across platforms must be encrypted at the level of the data itself. According to IBM, it’s no longer sufficient to support compliance posture management and workload protection – application-level security is a must.

Data protection is vital across several dimensions: Regulations worldwide are increasingly focused on data privacy – examples include the Health Insurance Portability and Accountability Act (HIPAA) and the Payment Card Industry Data Security Standard (PCI-DSS) in the U.S. and the General Data Protection Regulation (GDPR) in Europe, to name just three of many.

The use of data analytics and AI increases the need for data protection. If a company uses large language models (LLMs), how can it guarantee that the data it uses to train those models will remain private? IBM’s answer is its new DSB.

A Little Help from Baffle

To achieve data protection, IBM has packed its proprietary data encryption based on key management services with technologies offered by Baffle Inc., a Santa Clara, Calif.-based startup founded in 2015 by Ameesh Divatia (ex-Incarta, Lightwire/Cisco), now CEO; and Priyadarshan Kolte (ex-Texas Multicore Technologies, PMC-Sierra, Motorola Semiconductor), now CTO. Baffle’s expertise lies in adapting a range of technologies to protecting data at rest and in motion, right down to the field or record level. The resulting combination with IBM’s encryption functionality allows IBM to claim data protection across clouds.

Baffle CEO Divatia stated in a blog:

“IBM … can cryptographically guarantee that IBM Cloud administrators cannot see their clients’ data when using DSB. This capability is paramount to Data Security Broker’s ability to enable data movement across cloud environments and outside the organization.”

Baffle has raised $36.5 million backed by a range of investors that include Celesta Capital, National Grid Partners, Lytical Ventures, Nepenthe Capital, and several others. It has 55 employees listed on LinkedIn. The company has several high-profile partners in addition to IBM, including AWS, HashiCorp, Microsoft, Nutanix, and Snowflake.

More Security Functions for IBM Cloud

The IBM DSB becomes part of a cloud-native applications protection platform (CNAPP) called the IBM Cloud Security and Compliance Center. And IBM has added a series of other enhancements to the suite. These include hot security acronyms: enhanced cloud security posture management (CSPM) and cloud infrastructure entitlement management (CIEM), which together identify and remediate vulnerabilities, including threats to hosts and containers. The latter is based on Falco, an open-source, cloud-native security tool for Linux.

IBM has also added automation for developers and supply chain risk assessment. Expanded compliance capabilities, set for release in Q4 of 2023, will automate the implementation and management of compliance controls. This generalizes the kinds of capabilities included in the IBM Cloud for Financial Services, which helps enterprises in that vertical with regulatory compliance, security, and resiliency.

Futuriom Take: Our research indicates that enterprises make security a top priority. IBM’s announcement shows IBM has its finger on the pulse of enterprise demand. The partnership with Baffle Inc. prompts questions about the startup as a potential acquisition for IBM or another top partner.