Get started today by installing the Helm chart: https://cloud.ibm.com/kubernetes/helm/iks-charts/ibmcloud-data-shield

Protect data while it is in use by running IBM Cloud Data Shield to encrypt your app’s memory at runtime. You can run IBM Cloud Data Shield on IBM Cloud Kubernetes Service and OpenShift clusters.

Run your app code and data in trusted areas of memory on the worker node, known as CPU-hardened enclaves, to protect the critical aspects of your apps. Enclaves help to keep code and data confidential and prevent modification. If you or your company require data sensitivity because of internal policies, government regulations, or industry compliance requirements, this solution might help you to move to the cloud.

Integrate the service with your DevOps toolchains to seamlessly convert your existing containers into runtime-encrypted counterparts with a single API call. The service extends SGX capabilities from C and C++ to Python and Java and makes the attestation process effortless by distributing attestation reports through certificates that are signed by the Enclave Manager.