Landesbank Baden-Württemberg (LBBW) protects data in its cloud environment using encryption technology from IBM. The Unified Key Orchestrator (UKO) is powered by IBM Cloud and enables LBBW to protect data wherever it is, while meeting the high data security requirements set by regulations and directives.
HeyAs is well known, financial institutions are under enormous pressure to modernize in order to enable continuous innovation and continuous improvement in the quality of customer service. On the one hand, the industry has benefited from the digitization drive of recent years, but above all cloud security risks, increased cyber security incidents and a large number of data protection regulations pose new challenges for institutions and financial service providers.
This is also the case at LBBW, which strives to gather growing, deep customer trust and new opportunities through digitalization. As part of the digitalization concept, the bank decided to increasingly use services from public and private clouds in the future in order to take advantage of the cloud’s scalability and innovative advantages. Because with the help of proper orchestration, cost and efficiency benefits can be created.
However, since clouds in particular are increasingly targeted by cybercriminals and data security and confidentiality is a top priority for LBBW, it was necessary to ensure that the high regulatory requirements for data security were met. This also includes BaFin guidelines such as the C5 (Cloud Compliance Criteria Catalogue), the General Data Protection Regulation (GDPR) and European regulations such as DORA.
Security for a multi-cloud future
In order to provide the best possible protection for data in the cloud, LBBW chose IBM Unified Key Orchestrator, a multi-cloud encryption technology offered as a managed service. With this approach, the cloud user retains full control over the data and even the cloud provider or hyperscale operator cannot access it. Therefore, a viable way to prevent gateways as part of a multi-cloud strategy.
IBM UKO offers LBBW several advantages here because the service was developed for today’s hybrid cloud environments and can therefore be used across multiple clouds or data storage. So it doesn’t matter if the data is in your own cloud or a third-party cloud or in an on-premises environment. Investments in additional hardware and software are not necessary because it is a Software-as-a-Service (Saas) solution. The effort required to create, back up and manage keys remains manageable and allows the IT team to protect critical company data using such keys. Above all, the company can use the encryption technology for other cloud projects – also as part of a multi-cloud environment with solutions from different manufacturers.
stands for us the trust of our customers is always the focus of our actions. This means that we have to take data protection and data security issues very seriously. Thanks to IBM encryption technology and collaboration with IBM teams, we can continue to combine digital innovations in the cloud with the highest level of security for our customers’ data.“
Christine Vorspel, CIO of LBBW
LBBW and IBM worked closely together to develop the solution. The idea for the use of technology at LBBW and the technical design was developed as part of the IBM Garage concept, an agile method of finding solutions, in close cooperation between experts, consultants and the bank.
Protecting critical data across multiple platforms can be incredibly complex. We give our customers a single point of control so they always know who has access to their data.“
Andreas Wodtke, vice president and banking leader of IBM DACH;
Trust and freedom of choice should be just as important as the safe path to a multi-cloud world, which creates space for digital innovation and customer trust. This is especially true in regulated industries like banking, Wodtke explains. partially