Prepare for Future Security Threats
Petra Buhrer, offering manager for Power Systems software, describes how IBM is helping clients navigate multiple eras of risks and threats.
By Petra Bührer08/01/2019
Recent times have shown that security is more important than ever. Companies across industries and employees at all levels list security and compliance as one of their top concerns and have to make it a priority.
Breaches are costly, harmful to an enterprise’s reputation, lead to loss of trust and cause customer churn. These days, we’re no longer talking just traditional vulnerabilities. Hackers are getting more sophisticated and new types of threats and attacks are evolving. One example is side channel attacks such as Spectre and Meltdown that made the news in 2018. The IBM Power Systems* team has done a tremendous job in order to ensure that our complete POWER9* portfolio was shipped with Spectre and Meltdown fixes pre-installed, and have been busy since then to even better prepare for these new types of attacks with POWER10 infrastructure.
Another factor is the digital transformation we’re all finding ourselves in. No longer can you store and secure all of your data on a single server like you could 20 years ago. We’re in the era of cloud, the Internet of Things and mobile devices. Data no longer exists in a single, central place, but is distributed on all kind of devices, which creates security challenges. New technologies such as artificial intelligence and quantum computing promise immense improvements in how clients, partners and IBM run their businesses. On the flip side, these technologies offer new capabilities that could be leveraged for malicious activities and attacks.
That’s why IBM has begun developing solutions to prevent and counter malicious usage of these new technologies. One example is its collaboration with NIST on post-quantum cryptography; factorization algorithms will no longer be sufficient in the era of quantum computing due to the incredible computing power. One such algorithm under consideration by NIST is CRYSTALS-Kyber from the IBM Research lab in Zurich, which is derived from lattice problems. We’ve already have seen good results for CRYSTALS-Kyber key generation, encryption and decryption on our POWER9 systems.
Our fundamental approach to security has allowed us to navigate multiple eras of risks and threats, and address this new security landscape. One of our strengths is our deep integration—bottom to top—with various isolation controls in place to create strong fences between the different workloads running on our systems. Further, integrity controls make sure the workload running inside these separated areas is verified and hasn’t been tampered with. One key element of our overall security story is the IBM PowerVM* hypervisor running on mission-critical servers with an outstanding security track record compared to the competition.
Now, the Power platform is open, and that's one of IBM’s value propositions as well. In contrast to its enterprise systems, open Power Systems servers run KVM as their hypervisor and IBM is investing in that space in terms of security as well. Later this year IBM plans to launch its Protected Execution Facility, introducing the concept of secure objects to make sure sensitive workloads can be appropriately secured. This allows clients to run sensitive workloads in secure memory. Clients will know they are protected even if the KVM hypervisor was compromised.
Stay tuned for what's coming. Want to learn more now? Watch this brief Power Systems security overview.
Petra Bührer is an offering manager for IBM Power Systems (AIX; security).