IBM @CeBIT: Addressing the Cloud with Security

IBM will launch 18 additional availability zones (an isolated cloud instance inside a data center) for its cloud offering, thus expanding to many new regions and customers. IBM is attacking the competition with a recently received C5 certification (Cloud Computing Compliance Control Catalogue from the Germany BSI). PwC was the auditor. IBM also announced that all its infrastructure is C5-compliant and re-emphasized that the company does not – in contrast to most of its competitors – touch any customer data or use it for any algorithms or data pattern searches. Their mantra is: The data belongs to the customer, period.

This is an approach many customers look for, in particular in light of the European GDPR. Security and compliance questions are major concerns of enterprises. It might turn out that this becomes a major advantage for the IBM offering. First customers move their cloud engagements already back into privately managed cloud offerings not to fall into any GDRP traps. This might become expense. IBM supported its announcement with a number of high brand customers (among others, ExxonMobil, Credit Mutual and a series of Germany-based private general insurance companies).

Bottom line: Although IBM's growth rate in the cloud business has lost a bit of steam recently, stronger security and compliance requirements can lift IBM's cloud revenue, since they can offer both: public cloud and private cloud (as well as any shade in between).