At a time when cloud services continue to grow exponentially the need to have a good cloud security solution is of outmost importance. The frequency of data breaches is largely due to a lacking presence of a robust mitigation strategy as part of adopting the cloud infrastructure. The cloud security automation company, HyTrust, in conjunction with Intel announced Aug. 26th, 2014 the brand new release of boundary controls that enhance security in virtualized and cloud environments.
What differentiates the boundary controls and makes it unique is the ability to restrict virtual machines to physical locations. Furthermore, the HyTrust solution can provide a policy-based encryption of data in the cloud, which ensures that decryption only happens in authorized locations as well.
“The initial premise came from customers that were looking to embrace and expand their use of virtualization and cloud; however, needed greater control and security over their data,” said President and Co-founder of HyTrust Eric Chiu. “The demand has increased given that organizations are looking to virtualize their crown jewels (intellectual property, customer data, top secret information) that need the highest assurance that they are only running in authorized locations. In addition, European country regulations have increased the need given that European organizations want to embrace cloud, but need to ensure that data does not leave country borders.”
How is HyTrust Boundary Controls built? It is built upon Intel’s asset tagging and attestation services with roo-of-trust supported, Intels Trusted Execution Technology and Intel TXT. All of this helps hardware-based technology allows to be utilized to establish trust of server hardware, BIOS, and hypervisor. In other words, it will allow sensitive workloads to run on a trusted platform, according to the press release.
Elsewhere the primary factors for driving the need for boundary controls in the cloud were the following:
- Geographical mandates
- Availability and uptime
Cloud deployments once they reach different parts of the globe they blur the lines of business and there is an obligation to respect privacy or data sovereignty laws. Therefore you can address these complex operations and allocate as it fits best to the organization’s needs.
Thanks to the zoning within the Boundary Controls solution companies will be able to create secure zones and enclaves within consolidated infrastructure, according to the solution brief.
Datacenter downtime is one of the nightmares for any business, enterprise, or organization. So another neat feature to reduce the significant human error with downtime a virtual machine can be suspended or deleted with a click of a mouse. This will increase and maximize availability of services.
“Cloud enables great agility, efficiency and cost savings; however, it concentrates risk and enables any administrator (or someone who steals their credentials) to copy, move and delete any virtual machine -- this is a huge problem for most organizations with sensitive information since it can be moved anywhere (stolen and sold to a competitor or foreign government; regulated data running in an unregulated environment, or moved to the public cloud without authorization). HyTrust` can ensure that data stays where it needs to be while allowing organizations to embrace virtualization and cloud,” concluded co-founder of HyTrust Chiu.