It takes a platform to achieve Cloud Security
They say that for an IT guy (or gal) to put an enterprise workload in the cloud is like sending a kid to college – paying money for something you have very little control of. But this is where the analogy ends – unlike grown up kids, IT assets can be and shall be protected and controlled by their custodians.
Securing the cloud is a big undertaking, but one has to start somewhere. We at AFORE are used to building products on a solid foundation, so we took a similar approach to Cloud security. We have built a Cloud Trusted Multitenacy platform out of a few foundational blocks:
Connect
Embracing the cloud starts with building an on-ramp to the cloud. Just vanilla VPN does not do it for customers with mission-critical workloads. Tools such as ‘ping’ and ‘traceroute’ that most IT folks use to gauge the operation of their connection are so last century. We think Cloud IaaS customers deserve better. Things like carrier-grade performance monitoring tools that give them precise historical throughput, latency and packet loss data. Or fault management capabilities that allow isolating network failure down to a specific vSwitch port.
Encrypt
It’s not enough to give custodians of sensitive data a policy-based protection. Only strong cryptographic protection, for data in motion and at rest, gives them the desired peace of mind. Not to mention that it goes a long way towards passing a security audit.
Observe
Some threats and attacks the existing technology cannot protect against. We thought it would be useful to combine protection with detection by installing a remotely controlled “security camera” inside the Cloud-based virtual datacenre and reporting the offending behavior by co-tenants, intruders and administrators.
Control
Being able to add, modify or delete workloads at will, assign enterprise IP addresses, withdraw encryption keys to render data under attack instantly unusable… In other words, to maintain the complete ownership of their assets in the cloud – this is what puts customers in control.
Manage
Nothing is as crucial for successful deployment to the cloud as the ease and robustness of management tools. Role-based authentication, ability to use the browser, compliance with data logging standards – all this makes difficult life of an enterprise IT manager easier and contributes to the success of cloud deployments.
This new CloudLink blog will deal with issues related to enabling Trusted Multitenancy in the Cloud. This subject is related to several key disciplines that we pride ourselves being experts in: networking, security and virtualization. This is what we look forward to discussing with you. That and occasional fun topics, like keeping those college kids in check ☺