Virtualisation and cloud computing are helping companies overcome geographical barriers and establish flexible IT infrastructures without incurring excessive costs. However, as this new wave of IT grows exponentially, so too do concerns over data security and regulations. Step up HyTrust, which hopes to have solved the internal data theft issues and regulation requirements associated with use of the cloud.
While plenty has been done to shield companies against external cyber attacks, internal threats from disgruntled employees or hackers that have gained access to a company's IT administration remain major concerns.
These problems are then compounded with the mobility and greater freedom of access that cloud computing enables.
Eric Chiu, president of cloud security specialist HyTrust, told V3 that internal data security risks are inevitable and companies need to focus on ways to mitigate those risks. "It is naïve and antiquated to think about keeping the bad guys out – you need to assume that they are in and consider what you are going to do about that threat," he said.
Data regulations also act as a barrier to virtualisation and cloud adoption, as laws and restrictions governing data use and access vary across countries.
For example, Germany does not allow any of its data to be hosted beyond its geographical boundaries, while China can demand access to any information stored in data centres on its mainland.
Businesses wanting to adopt cloud computing therefore either have to gamble with the security and regulation threats to their data or opt out of the cloud altogether.
Chiu said the benefits of agility and efficiency that attract companies to the cloud go hand-in-hand with risks to data control and sovereignty. "The inherent portability that enables virtualisation means companies lose control of how their data can be run and where it can go. Risk becomes concentrated," explained Chiu.
With this in mind, HyTrust hopes to have found a silver bullet to internal data theft and regulation stumbling blocks.
The company has partnered with Intel to create Boundary Controls, which gives organisations running cloud and virtualisation IT models the ability to set a series of policies, rules and controls which govern access to data and restrict where it can be stored.
HyTrust achieves this by using Intel's Trusted Execution Technology (TXT) at the core of Boundary Controls. Intel TXT only allows data and virtualised environments to be used on trusted server hardware. This prevents files, documents or private applications from being copied over to other hardware through malicious or accidental activity, thereby preventing the loss of sensitive data.
As Intel TXT is hardware based, it avoids the vulnerability of software security to hacker attacks. Boundary Controls builds upon Intel's technology by enabling TXT technology to support cloud infrastructures.
Essentially, this curtails the risk of internal security breaches within a cloud-powered virtualised environment, without requiring a sacrifice in the mobility or flexibility cloud computing enables.
HyTrust has also given Boundary Controls users the functionality to define and restrict how and where data is stored in data centres.
In effect, polices can be put in place to ensure that data restricted by a nation's law remains within the boundaries of that country. This prevents mishaps or deliberate moves to transfer restricted data to another location beyond the host country's borders, Chiu explained.
For companies working in highly regulated industries and handling private data, such as credit card details and medical records, the ability to create automated policies to stop data leaving a certain jurisdiction could potentially be very valuable and save a business from hefty fines or even potential ruin.
By using Intel's technology at its core, Boundary Controls policies also help companies get the most out of their cloud systems. Boundary Controls can restrict certain virtualised environments to only run on specific hardware configurations, meaning important applications cannot be shifted onto less than optimal hardware.
While Chiu says that virtualisation security risks still remain as there are "so many different attack vectors to consider", HyTrust's Boundary Controls could go some way to mitigate these inherent problems.
With cloud computing still in its early days, any move to alleviate security and data angst is a positive step towards fully realising the potential it promises.
For more information on the cloud, visit the Intel IT Center.
Dubbed Barnard's star B, newly discovered planet is believed to be rocky
Also, what's a USB stick?
Gravitational waves become extremely weak by the time they reach the Earth and require highly sensitive equipment for detection
The reactor topped out at 100 million° C