An IBM global survey of more than 500 IT managers revealed that 77% of businesses think that adopting cloud computing requires privacy trade-offs, 50% worry that clouds lead to data breaches, and 23% fear that cloud computing will weaken corporate security.
To address these concerns, IBM has announced new strategy roadmaps and security assessments, and new hosted services for security event and log management and vulnerability management.
IBM highlighted that it has several cloud security research projects under way, such as its Integrated Trusted Virtual Data Center project to harden infrastructure by isolating more of its components.
Underlying security mechanisms can verify the integrity and correct configuration of infrastructure components, such as hypervisors, to help prevent low-level attacks such as spoofing or deceiving computer systems or other computer users by hiding or imitating one's internet identity, the company said.
Some of those capabilities have been added to the IBM Smart Business Test and Development cloud, as well as to IBM Systems Director VMControl.
IBM said it has added "introspection monitoring" to its IBM Virtual Protection System to detect potential malware attacks from outside the virtual machine.
This extends the approach to virtualization security of most other current introspection systems, IBM said.
The enhanced system can detect the presence of malicious code or exploits aimed at fooling the virtualized operating systems into granting inappropriate access rights, the firm said.
"IBM understands the 'one size fits all' cloud security strategy will not work for most businesses," said Steve Robinson, general manager, IBM Security Solutions.
"Our enterprise clients are looking for a trusted advisor to provide the right mix of security consulting services and offerings to match. By offering these new services and innovations, we aim to help clients create tailored solutions that will allow them to get the most out of their cloud environments," he said.
This story was first published by Computer Weekly