‘The system makes it possible to encrypt every level of a network’

IBM, one of the world’s largest technology companies said that it had achieved a breakthrough in security technology that would allow enterprises from banks to health care companies to retailers to encrypt their customer data at a large scale.

The New York-based technology major said its system makes it possible for the first time to ‘pervasively encrypt’ every level of a network, from applications to cloud services and databases and prevent theft of information.

This has been made possible by IBM Z (z14), a next-generation mainframe unveiled by the company in July. It is capable of running more than 12 billion encrypted transactions per day.

“Data is the currency. It is equivalent to the future energy,” said Gururaj S. Rao, IBM Fellow and vice president, Systems Integrators, IBM z Systems, in an interview. He said that digitisation was providing value, but was coming with the challenge of information security as “data theft is on the increase.”

Indian team

IBM, which reported a revenue of $79.9 billion in 2016, said that its India hardware and firmware team had made significant contributions to the z14 system and microprocessor development. It said that more than 100 engineers from its India labs worked on key components of both the core and the processor in the areas of logic design, verification, custom circuit design and tool development. The team has also contributed to the base firmware development, next-generation input/output enablement and in building newer virtualisation management capabilities.

One of the key units designed by the India team is the encryption unit, that gives an unparalleled security feature to the z14 mainframe, said Mr. Rao.

Known as ‘big iron’, a mainframe is a high-performance computer used primarily by large organisations for applications such as credit card payments, flight bookings and ATM transactions.

Pervasive encryption

Of the more than nine billion data records lost or stolen since 2013, only 4% were encrypted, according to IBM. This makes the vast majority of such data vulnerable to organised cyber crime rings, state actors and employees misusing access to sensitive information. The company said IBM Z’s new data encryption capabilities are designed to address the global epidemic of data breaches, a major factor in the $8 trillion cybercrime impact on the global economy by 2022.

Mr. Raosaid that data could be travelling, sitting on a cloud device or on the application. He said the new system could encrypt everything without requiring application level changes. “Regardless of where the data is, we will protect it. Other than IBM, no other vendor has been able to do it,” said Mr. Rao, a PhD from Stanford University.

Another concern for users is the protection of encryption keys. In large firms, hackers often target encryption keys, which are routinely exposed in memory as they are used, the company said.

It said IBM Z can protect millions of keys, as well as the process of accessing, generating and recycling them. It does this in ‘tamper responding’ hardware that causes keys to self-destruct at any sign of intrusion and they can then be reconstituted in safety.

The Big Blue said it was now betting big on India to sell its new system to customers such as the government, large banks and healthcare companies. Viswanath Ramaswamy, director, Systems, IBM India and South Asia, said that with the growth in digital transactions in India across banking, finance and government, “our focus is to work with our ecosystem of partners and developers to deliver these new capabilities of IBM z14.”.