IBM has today announced a data encryption breakthrough, which makes it possible to protect all data/all the time for entire cloud services, applications and data bases in one click — to take on both the global data breach epidemic and a surge in government regulation.
It’s set to be its most significant system, but necessary, overhaul from IBM in more than 15 years: IBM Z. In 2016, more than 4 billion data records stolen or lost, a 556% increase over 2015 – a major factor in the $8 trillion cybercrime impact on the global economy by 2022. Of the 9 billion records breached the past 5 years, only 4% were encrypted. Even with rise of cloud data centres – no progress has been made encrypting data at any scale because it is difficult and expensive.
At the same time, the technology giant has announced the creation of 6 blockchain dedicated data centres based on the new mainframe capabilities. This represents the biggest re-invention and expansion of its mainframe technology since it re-made the platform to virtualise Linux and open source software 15 years ago -today these open workloads are about 50% of the IBM Z business.
With a 400% increase in silicon dedicated to cryptographic algorithms and reworking of its software stack, IBM Z is the first system capable of encrypting all data associated with any application, cloud service or database all the time – cheaply and easily without any software changes. Until now, companies, even with Z, have had to selectively encrypt data. Together with a new container pricing model, IBM is removing any obstacles to “encrypting everything all the time.”
Z represents the next generation of the world’s most powerful transaction system, capable of running more than 12 billion encrypted transactions per day. The new system also introduces a breakthrough encryption engine that, for the first time, makes it possible to pervasively encrypt data associated with any application, cloud service or database all the time.
“The vast majority of stolen or leaked data today is in the open and easy to use because encryption has been very difficult and expensive to do at scale,” said Ross Mauri, General Manager, IBM Z. “We created a data protection engine for the cloud era to have a significant and immediate impact on global data security.”
A recent study found that extensive use of encryption is a top factor in reducing the business impact and cost of a data breach.
Encryption is often largely absent in corporate and cloud data centres because current solutions for data encryption in x86 environments can dramatically degrade performance (and thus user experience), and can be too complex and expensive to manage. As a result, only about 2% of corporate data is encrypted today, while more than 80% of mobile device data is encrypted.
This new chapter reflects a call to action on data protection articulated by chief information security officers and data security experts worldwide, and more than 150 IBM clients around the world who participated and provided feedback in IBM Z’s system design over three years.
As a result of this collaboration, IBM Z brings significant advances in cryptography technology, building on a proven encryption platform that safeguards the world’s banking, healthcare, government and retail systems.
Pervasive encryption of data – all the time
According to IBM, Z makes it possible, for the first time, for organisations to pervasively encrypt data associated with an entire application, cloud service or database in flight or at rest with one click.
The standard practice today is to encrypt small chunks of data at a time, and invest significant labor to select and manage individual fields. This bulk encryption at cloud scale is made possible by a massive 7x increase in cryptographic performance over the previous generation z13 – driven by a 4x increase in silicon dedicated to cryptographic algorithms. This is 18x faster than compared x86 systems (that today only focus on limited slices of data) and at just five percent of the cost of compared x86-based solutions.
“The pervasive encryption that is built into, and is designed to extend beyond, the new IBM Z really makes this the first system with an all-encompassing solution to the security threats and breaches we’ve been witnessing in the past 24 months,” said Peter Rutten, analyst at IDC’s Servers and Compute Platforms Group.
Tougher data protection regulations
This new offering from IBM is also a response to tougher data protection regulations that have come into effect, or are coming into effect in the next year – like the EU General Data Protection Regulation.
IBM Z will help clients build trust with consumers and comply with new standards such as the GDPR that will increase data protection requirements for organisations doing business in Europe starting next year, according to IBM.
GDPR will require organisations to report data breaches to the regulatory authority within 72 hours and face fines of up to four percent of annual worldwide revenues or 20 million Euro, unless the organisation can demonstrate that data was encrypted and the keys were protected.
At the US Federal level, the Federal Financial Institutions Examination Council (FFIEC), which includes the five banking regulators, provides guidance on the use of encryption in the financial services industry. Singapore and Hong Kong have published similar guidance. More recently, the New York State Department of Financial Services published requirements regarding encryption in the Cybersecurity Requirements for Financial Services Companies.
Secure blockchain service
Banks and others in the financial services industry process thousands of transactions per second to keep the world’s financial systems running. The mainframe is more critical than ever for reliably handling high volumes of transaction data.
As blockchain applications become increasingly integrated into core business processes, client’s concerns are naturally shifting to security, encryption, and resiliency – 6 new blockchain services in centres in Dallas, London, Frankfurt, Sao Paolo, Tokyo and Toronto are secured using IBM Z’s industry-leading cryptography technology to help businesses realise this necessary-level of transaction encryption.
“The powerful combination of IBM Z encryption and secure containers differentiates IBM Blockchain services on the cloud by supporting the trust models new blockchain networks require,” said Marie Wieck, general manager, IBM Blockchain. “Enterprise clients also benefit from the ease of use making management transparent to the application and the user.”
The UK’s largest conference for tech leadership, Tech Leaders Summit, returns on 14 September with 40+ top execs signed up to speak about the challenges and opportunities surrounding the most disruptive innovations facing the enterprise today. Secure your place at this prestigious summit by registering here