Thanks Dell.

Securing the cloud is a big undertaking, but one has to start somewhere. We at AFORE are used to building products on a solid foundation, so we took a similar approach to Cloud security. We have built a Cloud Trusted Multitenacy platform out of a few foundational blocks:

Connect
Embracing the cloud starts with building an on-ramp to the cloud. Just vanilla VPN does not do it for customers with mission-critical workloads. Tools such as ‘ping’ and ‘traceroute’ that most IT folks use to gauge the operation of their connection are so last century. We think Cloud IaaS customers deserve better. Things like carrier-grade performance monitoring tools that give them precise historical throughput, latency and packet loss data. Or fault management capabilities that allow isolating network failure down to a specific vSwitch port.

Encrypt
It’s not enough to give custodians of sensitive data a policy-based protection. Only strong cryptographic protection, for data in motion and at rest, gives them the desired peace of mind. Not to mention that it goes a long way towards passing a security audit.

Observe
Some threats and attacks the existing technology cannot protect against. We thought it would be useful to combine protection with detection by installing a remotely controlled “security camera” inside the Cloud-based virtual datacenre and reporting the offending behavior by co-tenants, intruders and administrators.

Control
Being able to add, modify or delete workloads at will, assign enterprise IP addresses, withdraw encryption keys to render data under attack instantly unusable… In other words, to maintain the complete ownership of their assets in the cloud – this is what puts customers in control.

Manage
Nothing is as crucial for successful deployment to the cloud as the ease and robustness of management tools. Role-based authentication, ability to use the browser, compliance with data logging standards – all this makes difficult life of an enterprise IT manager easier and contributes to the success of cloud deployments.

This new CloudLink blog will deal with issues related to enabling Trusted Multitenancy in the Cloud. This subject is related to several key disciplines that we pride ourselves being experts in: networking, security and virtualization. This is what we look forward to discussing with you. That and occasional fun topics, like keeping those college kids in check ☺

image from sitetrail.com

There is an evolution in the young Cloud Service Provider market taking shape.  With high cost savings, immediate access to increased capacity and lower operational expense, the Cloud Service Provider is an attractive partner for government and enterprises.  But mass deployment to the cloud is restricted by the lack of security and compliance.

With more and more concerns being expressed and more security compliance requirements being imposed on Cloud deployments, Cloud Service Providers need to move to proving that there is trust in their Cloud Service offering.

Cloud providers that invest in network encryption, storage encryption for data at rest, IT management best practices, SLA for both performance and security policy and compliance with industry security standards to build the trusted cloud, will be the premium class of providers.  These Trusted Cloud Providers will be able to capture the most lucrative of the enterprise and government markets.

With the $100+B market (depending on which analyst you agree with) Cloud Service market emerging and with standards such as the US Federal Risk and Authorization Management Program (FedRAMP), the Trusted Cloud providers will rise above the commoditization of Cloud services and be the winners in this market.