Government // Mobile & Wireless
News
10/22/2010
01:38 PM
Connect Directly
RSS
E-Mail
50%
50%
Repost This

IBM Targets Cloud Computing With Security Infrastructure, Services

Seeking to allay widespread fear of data breaches, IBM introduces security assessments, SaaS offerings and hosted vulnerability management.

Slideshow: Cloud Security Pros And Cons
Slideshow: Cloud Security Pros And Cons
(click image for larger view and for full slideshow)
IBM on Wednesday announced initiatives aimed at overcoming many enterprises' current hesitation over adopting cloud computing: security.

According to a study also released on Wednesday by IBM, 77% of businesses think that adopting cloud computing requires privacy trade-offs, 50% worry that clouds lead to data breaches, and 23% fear that cloud computing will weaken corporate security. Those results come from a global survey of 556 IT managers.

To help address those security concerns, IBM outlined these moves: strategy roadmaps and security assessments; actual SaaS offerings, such as hosted security event and log management; and hosted vulnerability management.

In addition, IBM said it has research projects under way aimed at bolstering cloud security. Its Integrated Trusted Virtual Data Center project aims to harden everyday infrastructure by isolating more of its components.

For example, the underlying security mechanisms can "verify the integrity and correct configuration of infrastructure components, such as hypervisors, to help prevent low-level attacks such as spoofing or deceiving computer systems or other computer users by hiding or imitating one's Internet identity." Some of those capabilities have been added to the IBM Smart Business Test and Development cloud, as well as to IBM Systems Director VMControl.

Moreover, IBM has added "introspection monitoring" to its IBM Virtual Protection System. This capability provides a more holistic approach to virtualization security than current introspection systems do, said IBM, because it can look beyond just the inside of any given virtual machine. IBM said the capability "detects potential malware attacks from outside the virtual machine and scans the operating systems inside to confirm they are running properly." Accordingly, it can detect the presence of malicious code or exploits aimed at fooling the virtualized operating systems into granting inappropriate access rights.

Comment  | 
Print  | 
More Insights
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Government, May 2014
NIST's cyber-security framework gives critical-infrastructure operators a new tool to assess readiness. But will operators put this voluntary framework to work?
Video
Slideshows
Twitter Feed
Audio Interviews
Archived Audio Interviews
GE is a leader in combining connected devices and advanced analytics in pursuit of practical goals like less downtime, lower operating costs, and higher throughput. At GIO Power & Water, CIO Jim Fowler is part of the team exploring how to apply these techniques to some of the world's essential infrastructure, from power plants to water treatment systems. Join us, and bring your questions, as we talk about what's ahead.