IBM doubled down on confidential computing with Fortanix and said its Fortanix-powered IBM Cloud Data Shield now supports containerized applications on IBM Cloud Kubernetes and RedHat OpenShift. This allows businesses to move and secure applications in the public cloud by running them in a secure enclave on Intel Software Guard Extension (SGX) hardware.
Intel SGX is hardware-based technology that isolates specific application code and data to run in private regions of memory, thus protecting select code and data from disclosure or modification.
IBM Cloud Data Shield is based on Fortanix’s technology that runs on Intel SGX hardware and encrypts data at rest, in transit, and while in use, thus allowing general-purpose computation on encrypted data. The companies first partnered on the cloud-delivered security service in late 2017 and made Cloud Data Shield (formerly called Cloud Data Guard) generally available earlier this year.
About 10 customers including banks and financial institutions use the confidential computing service, said Nataraj Nagaratnam, CTO and director of cloud security for IBM’s Cloud and Cognitive Software business unit.