IBM Cloud is introducingIBM Cloud Sovereignty Risk Profile, a new tool designed to help give enterprises the visibility, evidence, and operational control needed to demonstrate how they are addressing digital sovereignty requirements with greater confidence.
IBM Cloud Sovereignty Risk Profile is the latest capability from IBM Cloud, which has a long history of working with clients in highly regulated industries to help them responsibly manage valuable enterprise data, according to IBM.
The new tool is also a part of IBM’s larger portfolio of digital sovereignty offerings, which includes the recent launch ofIBM Sovereign Core, a new software platform designed to help organizations build and operate AI-ready sovereign environments and verify their control.
IBM Cloud’s approach to digital sovereignty is built on four foundational pillars that define what sovereignty requires:
- Provability– Ability todocumentcompliance, not just claim it
- Prevention– Retainexclusive controlover data through encryption
- Privacy– Choosewhereandhowworkloads run
- Portability– Avoid lock-in and maintainfreedom of movement
Visibility is the foundation of sovereignty. Without it, organizations cannot demonstrate that operational controls align with legal mandates, IBM said.
The newIBM Cloud Sovereignty Risk Profileis integrated intoIBM’s Security and Compliance Center Workload Protection(SCC-WP), a platform designed to help clients simplify their compliance obligations, manage security and gain insights across their hybrid multi-cloud environments. With continuous monitoring to help enterprises assess that controls are operating across cloud workloads, IBM Cloud Sovereignty Risk Profile aims to give enterprises and governments a practical way to assess and measure control for a host of requirements, including data residency, encryption, resilience, concentration risk and operational independence as AI workloads scale and regulatory oversight intensifies.
IBM’s Keep Your Own Key (KYOK) technology, delivered throughIBM Key Protect for IBM Cloud, is designed to help clients maintain exclusive control over encryption keys. These keys are designed to be backed by FIPS 140-3 Level 4 certified hardware, the highest assurance level for cryptographic protection.
IBM Cloud believes clients should have the freedom to choose platforms, locations and operational models. IBM’s enterprise-grade cloud platform is designed to give clients the flexibility they need to meet regulatory and operational requirements through a range of deployment models. These include dedicated Multizone Regions (MZRs) that operate in-region and allow for public-cloud scale paired with private-cloud security, single-tenant cloud environments to allow for maximum controls, and in some regions, partnerships with local operators that enable data centers to be run by local citizens to help meet strict data protection requirements.
IBM Cloud is built on open technologies, including Red Hat OpenShift, Kubernetes, and open APIs, to help enable interoperability and workload portability across environments. This architecture helps give clients freedom to move workloads across clouds and on-prem environments, address vendor lock-in, and enable consistent operations across hybrid and multi-cloud architectures.
For more information about this news, visit www.ibm.com.