Much has been written recently about how willing enterprises are to migrate some of their operations into the cloud. That move to the cloud would proceed much faster if security weren't still an overwhelming worry and consideration.
In the second half of 2013, Forrester Research conducted its usual Forrsights Hardware Survey and found enterprise hardware buyers more than willing to make use of cloud servers, but they were limiting their use because of unresolved concerns over security. In that survey, 73% of IT decision makers were concerned about public cloud security, and 51% were concerned about their own private cloud security.
The cloud now represents not only concentrations of compute power and storage, but also a concentration of security, given the potential for mischief or disaster if those centralized resources fall into the wrong hands. Whether it's a private cloud in the virtualized enterprise datacenter or a public cloud, new levels of "layered" security will need to be built in. Furthermore, such security will need to operate in a highly automated fashion and be driven by well-crafted and relentlessly applied policies, said Eric Chiu, president of HyTrust, in an interview in advance of the RSA Security Conference in San Francisco this week.
Chiu is co-founder of HyTrust, founded in 2009 with the explicit purpose of focusing on the new and rapidly evolving virtual environments. VMware, Citrix Systems, and Cisco Systems, which all had a stake in keeping virtual machines safe, were among its early investors. Intel Capital joined in a third round of financing last August that brought the Mountain View, Calif., firm another $18.5 million. Chiu says its primary focus has moved beyond the hypervisor and VM environment to securing cloud operations, with several initiatives underway to make it an innovator in "layered" cloud security.
[Think virtualized production systems stand little risk of being deleted? Better read about the ill-tempered Jason Cornish affair. Virtualization Security: No One Product Does It All.]
Chiu says he subscribes to a commonly held view that more data in the virtualized cloud must be encrypted when stored, including the VM itself. But the popular references to "2014 as the year of encryption" don't mean the public and private cloud, with more encryption, will be secure. It will take more than that. The cloud must monitor both its low-level users and privileged, empowered operations managers and impose on them secure practices in a way that prevents a single person from copying sensitive data, as Edward Snowden did at the NSA, or maliciously deleting production VMs.
HyTrust made its first acquisition, HighCloud Security, in November for an undisclosed amount, giving it new encryption capabilities. Virtual machines often run a few hours a day when needed, then are shut down by their owners to minimize hourly charges. In their sleeping state, the data they delivered to disk drives or databases is frequently stored with automated encryption. Chiu says the software that includes the VM itself, its copy of an operating system, and the application running inside should also all be encrypted at rest.
"By mid-year, we'll take encryption to the virtual machines themselves" rather than merely encrypting sensitive data sent to storage," he said. HyTrust is currently busy integrating HighCloud's capabilities into its product line.
Another part of enhanced security in the cloud would be protecting the encryption keys used to unlock the VMs and their data. HighCloud offers a means for enterprise IT managers to secure and protect the encryption keys outside the cloud where the VMs are running, setting another barrier to potential attackers.
HyTrust's Appliance already provides policy-driven supervision of system administrators and other cloud infrastructure managers, assigning them a role and privilege level that restricts the kinds of actions they can take. It monitors their actions and tests the activities it sees in cloud software events to make certain the person executing them has the right privilege level. By mid-year, HyTrust will build into that system an ability to impose a "two-man rule," that forbids copying, major changes, or deletions of production VMs by one system admin without the approval of another.
Through its integration with Microsoft's ActiveDirectory, HyTrust Appliance can also authenticate cloud users and assign them proper privilege levels. It monitors all activity that affects host-server hypervisors, inspecting code the hypervisor will run. In the process, its Appliance log file creates an audit trail that leads to the intruder or malicious insider who's attempting to make unauthorized changes. Such a system would have quickly spotted Snowden's copying activity, said Chiu.
There's one other safeguard, propelled in part by Snowden and the revelations about NSA snooping, that will become available as a cloud security feature by mid-year, and that's "geo-fencing" data. Britain, Germany, France, The Netherlands, and other countries have laws governing the privacy of their citizens' data and where it may be stored. In Germany, routine business and other normal data that originates within the country's boundaries must be stored in Germany.
Data-location compliance is made more difficult by the tendency of virtualized environments, as they strive for maximum utilization of resources and lower costs, to move VMs around, putting them on powerful servers during their peak demand and consolidating them with other VMs as traffic winds down.
Soon, Chiu said, it won't be uncommon for a VM to be moved 10 times during the business day, and all of its security policies and access controls must move with it.
HyTrust will have the means to identify data and, through automated policies, ensure that location restrictions are met. In some cases, government agencies or healthcare institutions have policies that data they originate must stay within their own datacenters. The geo-fencing mechanism will make sure they are compliant.
Only when user and administrator supervision, encryption, and attached security measures are fully automated for each cloud workload will the cloud have the necessary layers of protection to make it a secure place.
"That's where we're focused now, automated policies and security for the cloud," he said. As long as key measures remain human based, time and operations-staff limits guarantee that mistakes will be made and breaches will occur. With the acquisition of HighCloud, HyTrust is a company with 75 employees devoted to the issue. And VMware, Cisco and Intel are banking on it to keep the cloud safe.
Engage with Oracle president Mark Hurd, NFL CIO Michelle McKenna-Doyle, General Motors CIO Randy Mott, Box founder Aaron Levie, UPMC CIO Dan Drawbaugh, GE Power CIO Jim Fowler, and other leaders of the Digital Business movement at the InformationWeek Conference and Elite 100 Awards Ceremony, to be held in conjunction with Interop in Las Vegas, March 31 to April 1, 2014. See the full agenda here.Charles Babcock is an editor-at-large for InformationWeek and author of Management Strategies for the Cloud Revolution, a McGraw-Hill book. He is the former editor-in-chief of Digital News, former software editor of Computerworld and former technology editor of Interactive ... View Full Bio