From the Founder & VP Products at CloudSwitch

Ellen Rubin

Subscribe to Ellen Rubin: eMailAlertsEmail Alerts
Get Ellen Rubin via: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn

Related Topics: Cloud Computing, PC Security Journal, Cloudonomics Journal, Enterprise IT: Moving CapEx to OpEx , Security Journal, CIO/CTO Update, Telecom Innovation, CloudSwitch on Ulitzer, Private Cloud

Private Cloud: Blog Feed Post

True Isolation Makes the Public Cloud Work Like a Private Cloud

How can you incorporate a multi-tenant public cloud in your IT computing strategy without taking a big risk?

Security is always mentioned as a key factor limiting cloud adoption, but what does “security” really mean in the cloud? To understand the potential risks of cloud computing—and how to address them—we need to be more specific. Once we’ve accurately defined the problems, we can address them with the right technology and processes.

When you get into specifics with CSOs and risk managers, security concerns in the cloud can essentially be boiled down to two main issues:

  • It’s a shared environment: In a multi-tenant public cloud, you’re sharing resources—servers, cloud networks, and storage—with other companies (possibly even a competitor). Obviously you don’t want them to get access to your data and applications. In this shared environment, data needs to be encrypted, which means you have to develop and deploy an encryption solution that can span the data center and cloud services, and run across a range of operating systems and applications — something that many IT managers and CSOs find outside their comfort zone.
  • It’s outside enterprise control: You have to depend on the cloud provider’s security measures, policies, and assurances that your data will not fall into the wrong hands. This can be a non-starter especially given that some aspects of cloud environments are opaque. Loss of control also has another aspect: the cloud provider can make changes to their environment (kernels, storage, software, etc.) that could disrupt the trusted security processes and models that you already have in place.

These are the potential risks that enterprises are anxious to avoid. Therefore they make compromises that allow them to gain at least some cloud capabilities, while maintaining an acceptable level of security. They may choose to partner with a managed service provider to build and manage a dedicated environment for their applications. Or they may pull back completely and build an internal cloud, with applications sharing a pool of resources inside the corporate firewall. But these private cloud models only hint at the agility, efficiency, and on-demand performance available within a public cloud.

Isolation in the Cloud

So how can you incorporate a multi-tenant public cloud in your IT computing strategy without taking a big risk? For an application to run safely in a public cloud, it needs to be isolated from the environment around it at all times. This isolation is not just a matter of keeping things in (protecting data and applications from threats or prying eyes), but also keeping things out (unwanted changes by the cloud provider that could compromise your existing security processes). With our Cloud Isolation Technology, CloudSwitch provides the two-way protection that makes the cloud safe for enterprise use.

How does this isolation layer work? CloudSwitch software automatically builds a secure envelope that extends from the data center to a target cloud that encompasses your entire cloud deployment. Within this envelope, applications and data are encrypted end to end, from inside the corporate firewall, across the Internet, and within the cloud environment—in storage (at rest), during processing, and in transit through the cloud network. Encryption keys are stored within the enterprise data center and are securely transmitted to the cloud only when they are needed and are completely contained within the isolation layer. Control of encryption keys, and thus, control of the data, stays with the customer at all times. Cloud providers have no access to enterprise data at any point—and neither does anyone else.

Inside the secure envelope, the isolation layer maps cloud resources (processors, memory, storage, etc.) to match the execution requirements of the original server. Using this approach, servers and applications run in a cloud “as is” without requiring modification or redesign, and without having to worry about the cloud provider’s configuration or changes to their environment. Further, since all data entering the cloud provider’s environment is encrypted with customer-controlled keys, the data is isolated from processes and changes implemented by the cloud provider. The cloud becomes an integral part of the enterprise IT environment, while the cloud provider sees only an encrypted connection running into one of its servers, and encrypted data flowing to the storage devices.

Agility + Security: Taking Control in the Cloud

Using CloudSwitch technology, the same level of privacy and control that you would expect in a dedicated environment now becomes available in a multi-tenant public cloud. Companies can take full advantage of cloud elasticity and cost savings without being exposed to the inherent risks. True isolation lets you have your cake and eat it too—reaping the benefits of cloud computing (agility and reduced cost) while maintaining enterprise security and control.

Read the original blog entry...

More Stories By Ellen Rubin

Ellen Rubin is the CEO and co-founder of ClearSky Data, an enterprise storage company that recently raised $27 million in a Series B investment round. She is an experienced entrepreneur with a record in leading strategy, market positioning and go-to- market efforts for fast-growing companies. Most recently, she was co-founder of CloudSwitch, a cloud enablement software company, acquired by Verizon in 2011. Prior to founding CloudSwitch, Ellen was the vice president of marketing at Netezza, where as a member of the early management team, she helped grow the company to more than $130 million in revenues and a successful IPO in 2007. Ellen holds an MBA from Harvard Business School and an undergraduate degree magna cum laude from Harvard University.

Comments (0)

Share your thoughts on this story.

Add your comment
You must be signed in to add a comment. Sign-in | Register

In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.