In an effort to address one of customers’ most persistent worries  about using public cloud infrastructure, IBM has teamed up with AT&T Corp. to provide private connections to its Softlayer data centers.

The partnership will give organizations the option of linking up their environments to IBM’s public cloud through AT&T’s NetBond service, thereby matching IaaS kingpin Amazon.com Inc. and other providers such as Microsoft Corp., which also offer direct connectivity. Dedicated lines have become a must-have among corporate consumers of cloud services for their reliability and inherent security.

NetBond has the added benefit of being integrated with AT&T’s virtual private network software, meaning that admins can treat a public cloud deployment as if it were just another internal destination, which takes much of the hassle out of the hybrid cloud model. The addition of dedicated links builds on the recent introduction of hardware-based policy enforcement technology to SoftLayer instances to ensure that sensitive information stored on its cloud doesn’t accidentally find its way to a facility in a foreign country where its legal status may be compromised.

That functionality is especially useful for organizations in regulated industries such as the financial services sector. As computing environments become more distributed, the need for banks to keep sensitive details in their home jurisdictions creates tremendous challenges.

While Big Blue is trying to help customers ensure that everything is where it’s supposed to be, CDN operator CloudFlare Inc. is tackling a different part of the problem with a new technology called Keyless SSL that eliminates the need for users to relinquish control of security data.

In order to establish a secure connection, a server must exchange cryptographic tokens known as keys with the requesting browser. Tight regulations mean that financial institutions can’t trust a third party with that information, which effectively rules out the use of content delivery networks such as CloudFlare. That leaves banks to fend for themselves against distributed-denial-of-service attacks wherein large numbers of requests are sent to a website with the goal of overwhelming the underlying infrastructure and causing a shutdown.

Keyless SSL provides a workaround through the use of intermediary servers that request keys stored on a bank’s internal infrastructure and route the data to web users, thereby avoiding the need to move tokens outside the safety of the firewall. The technology opens up CloudFlare’s platform to a market that has been entirely shut out of the benefits of the public cloud until now, paving the way for accelerated growth as the rapid evolution of the threat landscape drives organizations to seek outside help with their security needs.

photo credit: opensourceway via photopin cc