InformationWeek - Cloud Computing - ‘Cloud computing erases many traditional physical boundaries that help protect an organization’s data assets’

Welcome Guest | |

Home
Global CIO 2010
Case Studies
Special Features
Interviews
Top News
Section
Vertical
- BFSI
- IT/ITES
- Government
- FMCG
- Telecom
- Manufacturing
- Pharma
- Services
Special Property
Editor Zone
Analytics & Reports
International News

| | | | | | | | | | |

Cloud Computing

‘Cloud computing erases many traditional physical boundaries that help protect an organization’s data assets’
Thomas Heiser, COO, RSA, on how cloud security issues revolve more around process and policies—than technology By Harshal Kallyanpur, InformationWeek, June 02, 2010

How does the premise of regulations and compliance change with cloud computing?
As companies move their IT infrastructure to the cloud, they effectively relinquish some control over their information infrastructure and processes, even while they are required to bear greater responsibility for data confidentiality and compliance. This shift has wide-ranging implications for a broad set of corporate stakeholders, especially leaders who are responsible for information.

Cloud environments pose some new challenges to ensure regulatory compliance since the cloud's lack of physical borders makes it difficult to comply with jurisdiction-specific privacy legislation. Many of the technologies, services, methodologies and much of the know-how needed to secure data and user identities in the cloud already exist in the enterprise and need to be strategically extended into the cloud.

How can some of these challenges be tackled leveraging the cloud environment itself?
One of the significant advantages of cloud computing is that the virtualization layer provides unprecedented visibility into just about every activity involved in providing application services.

In the cloud, security protocols can be built into the virtualization layer—not just imposed at the application level where they are typically enforced. By embedding security policies deeper in the technology stack and diffusing them throughout the virtual infrastructure of the cloud, enterprises can establish stronger, smarter security to protect their users and data.

Today the hardware and virtualization layers which were formerly a ‘black box’ within the cloud can now be inspected, analyzed and reported for compliance just as the cloud’s top-most application services layer. With this previously unimagined level of visibility, cloud providers can now develop infrastructure-level policy controls and end-to-end security attestations to handle the most demanding security requirements.

What are vendors such as RSA doing to encourage an ecosystem conducive to the adoption of cloud computing?
We have been working very closely with cloud service and solution providers and have designed solutions to work with the environment ground up. We also have strategic relationships with partners such as VMware, Cisco, Microsoft and EMC, and are already delivering cloud-ready security solutions along with these companies.

blog comments powered by Disqus

About Author

Harshal Kallyanpur

Add description here