IBM Begins Cloud Confidentiality Push

IBM has positioned its cloud offering against the unique security, compliance and confidentiality needs of specific vertical markets with a sharp focus on finance and banking. These same benefits could also appeal to health care, big pharma, government and military opportunities. The critical difference in their approach is that they trade off ease of use and aggressive pricing against security and compliance benefits critical to all of these markets.  

One element that showcases their difference is how they approach assurance. There is an inherent or contractual promise with most cloud providers that they won’t access the customer’s data. This level of assurance is called operational assurance, and it can be effectively voided by request from a government to provide the data. IBM provides technical assurance, and this removes the cloud provider’s ability — in this case, IBM — to access the data so that, even if ordered, IBM won’t provide it, because they can’t. IBM does not hold the description or access rights,  only the customer does.  

See more: How Intel, IBM, And Microsoft Could Change The Cloud Forever

IBM gets creative with advocacy

While this is interesting, just as interesting is how they presented their case, because when talking about assurance, the vendor is a poor choice. After all, they are biased. But individual customers lack the breadth needed to provide reliable advocacy: Any vendor can make one or two engagements work or look like they work, but, if the solution doesn’t scale, it will still fail at volume. The vendor can also co-fund the effort ensuring its success.  

I first ran into this in the 1990s when a vendor had a demo day, where they tried to showcase that their servers could replace mainframes. They had a large tire company as their proof case, and I had an interesting chat with the CIO. He said the servers were working great, and they did replace the mainframe. But had he paid for the deployment, he could have bought five mainframes for the cost of the server alternative. And, by the way, he couldn’t talk, because a bunch of those servers were down, and the CEO wanted his head. Not exactly a great testimonial.  

IBM did something savvy. Instead of using end customers, they used system integrators (SIs). IBM presented their approach to the cloud in a powerful way. They had several third-party SIs that service mostly banks, ranging from large to small, and have adopted the IBM Cloud speak to its advantages. These SIs were Hex Trust, Talium and Mainstream Managed security.  

The reason SIs are more powerful is that even one of them would be wicked expensive to fund, because you’d have to co-fund all of their deployments, making the effort far too expensive. In addition, these companies aren’t deploying this technology in their shop, but in their customers’ shops. And if it fails, the company will likely fail and gain a reputation not to be trusted.  

This dynamic makes SIs incredibly credible, because their loyalty to their revenue stream will exceed anything a vendor could likely pay them. Put differently, they won’t sacrifice their survival for a few extra vendor dollars and are more than happy to share any problems that adversely impact that revenue stream.

These SIs pointed out that banking was moving very slowly into the cloud because of regulatory and compliance issues, making a cloud service focused almost exclusively on compliance and assurance differentiating features attractive to their customers. One even highlighted that they tried to get access to a customer’s data to fix a problem and weren’t able to, validating that only customers can access their data. Access is blocked for both IBM and anyone else lacking proper credentials.

See more: Dell APEX: Our Path Back To The Old IBM Service Model

Wrapping up

IBM has a uniquely powerful Cloud offering if you are in an industry that requires a high level of assurance, compliance, and confidentiality. Using SIs, IBM was better able to showcase how their solution benefited the end customers who were using it. IBM gave SIs the solution they needed to address the needs of their banking customers, regardless of size.  

When listening to a vendor pitch an enterprise offering, it is pretty hard, even with customer advocates, to tell if they are over-promising and likely to under-deliver. But suppose they use SIs instead of customers like IBM did. In that case, their relative credibility jumps up, because SIs, at least large ones like IBM used, are far more credible than end customers, because their business depends on products such as IBM Cloud and their credibility. Thus, using SIs is not only a best practice for pitching a product with high credibility, but it is a best practice for investing in technology — because the information is more likely to be true.  

See more: NVIDIA’s New Grace ARM/GPU Solution Puts X86 On Defense