Friday, 29 March 2019

IBM Cloud Hyper Protect Crypto Services is Now Available on IBM Public Cloud

A new offering from my IBM Z organisation: -

...
IBM offers now two choices for key management. IBM Cloud Key Protect supports Bring Your Own Key (BYOK) for protecting data at rest. Today, IBM Cloud is announcing the general availability of IBM Cloud Hyper Protect Crypto Services, a dedicated Key Management and Cloud HSM Service designed especially for customers looking for greater control over their data encryption keys and the hardware security modules (HSMs) that protect these keys. The service is now available in US South region, based out of Dallas, Texas.

 Hyper Protect Crypto Services supports Keep Your Own Key (KYOK), which allows data encryption keys to be protected by a dedicated, customer-controlled HSM that uses FIPS 140-2 Level 4 certified hardware. Built on IBM LinuxONE technology and being part of the IBM Cloud Hyper Protect portfolio of services, this service guarantees that privileged users—including IBM Cloud administrators—have no access to customer keys. This provides an ideal base to onboard sensitive apps to the cloud. Key Protect and IBM Cloud Hyper Protect Crypto Services use a common Key Provider API to provide a consistent approach for managing keys.
...
High availability and disaster recovery: IBM Cloud Hyper Protect Crypto Services, which now supports three availability zones in a selected region, is a highly available service with automatic features that help keep your applications secure and operational. You can create IBM Cloud Hyper Protect Crypto Services resources in the supported IBM Cloud regions, which represent the geographic area where your IBM Cloud Hyper Protect Crypto Services requests are handled and processed.

 Scalability: The service instance can be scaled out to a maximum of six crypto units to meet your performance requirement. Each crypto unit can crypto-process 5,000 keys. In a production environment, it is recommended to select at least two crypto units to enable high availability. By selecting three or more crypto units, these crypto units are distributed among three availability zones in the selected region.
...

 IBM Cloud Hyper Protect Crypto Services is Now Available on IBM Public Cloud
at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Note to self - use kubectl to query images in a pod or deployment

In both cases, we use JSON ... For a deployment, we can do this: - kubectl get deployment foobar --namespace snafu --output jsonpath="{...