More security in the cloud

Security concerns, 49 per cent of IT managers from large companies and 51 per cent of small and medium-sized enterprises believe that they do not use cloud computing services. According to a study conducted by Forrester Research, 2200 IT managers in North America and Western Europe were interviewed.


From theory to practice


The view in practice shows that the concerns are justified. Cloud providers rely on virtualization. However, this is accompanied by new safety risks. This allows virtual machines (VMs) to be easily copied, and the now more extensive rights of the administrators are no longer sufficient for efficient control mechanisms.


Data security in the NAS


This significantly increases the data misuse risk. If you want to be safe, security measures should also be implemented directly within the virtual instances for reasons of liability. Companies can not always rely on the cloud provider to provide the necessary security.


Appropriate security solutions ensure control over data and compliance with governance policies within the cloud. Above all, encryption software makes virtual machines and storage volumes almost as secure as physical servers and storage in stable, secure business environments. This protection is not only available in the cloud: sensitive data can also be protected against misuse in the own data center.


In this way, business-critical applications can be migrated to virtual and cloud environments while ensuring adherence to compliance policies, data governance, and the control of sensitive information. It has proven to be useful to centralize the encryption management of virtual machines. This allows you to specify user roles, encryption policies, and access rights for VM.


Complete VM encryption in conjunction with pre-boot authentication and hardware-based certificate management provides comprehensive VM security and data isolation. The result is uniform security guidelines throughout the company and the protection of sensitive data in virtual environments. As far as administration is concerned, it is recommended to use a cross-platform key management.


Data storage on network-attached storage systems (NAS) is also a risk that confidential data will get into the wrong hands. Therefore, companies should set access rights on a granular basis and encrypt confidential information. It is important that the encryption does not reduce the data throughput. Therefore, such a solution should encrypt the data granularly at multiple Gbps speeds.


The granularity also allows companies to isolate data usage in the NAS, and storage administrators can easily work without having access to highly-sensitive data in the plaintext. If necessary, such a solution also provides for an emergency: compromised data is rendered useless.