Advanced Computing in the Age of AI | Friday, May 7, 2021

Hybrid Cloud Shift Fuels Automated Security 

Cloud infrastructure providers are increasingly looking for ways to automate cloud security as more customers migrate to hybrid cloud configurations in which enterprises maintain an on-premise infrastructure for sensitive data and intellectual property.

Hence, the market for companies offering automated security services like encryption and key management is booming as more IT vendors focus on buttoning up security on virtual product offerings.

Another example emerged this week with an agreement by VMware to expand its partnership with cloud security automation specialist HyTrust Inc. based in Mountain View, Calif. The partners said Tuesday (April 21) that VMware would offer HyTrust's DataControl encryption and key management software on its vCloud Air hybrid cloud platform.

The intent is to help VMware customers secure data across virtual workloads running on private and hybrid clouds. Users would also retain ownership of encryption keys in order to implement their key management policies.

The encryption and key management software is designed to secure data on virtual machines from deployment through archival storage and decommissioning. With more enterprises shifting to hybrid cloud infrastructure, the software is designed so enterprises retain control over encryption keys whether they are operating in private or public clouds, HyTrust said.

The security software vendor also pitches its DataControl approach as a way to meet regulatory requirements for data security. Among these features is the ability to encrypt or re-key data without taking applications or servers offline. That, HyTrust noted, allows users to meet stricter data security compliance requirements such as FedRAMP (Federal Risk and Authorization Program) and federal rules on handling health care data under HIPAA, the federal Health Insurance Portability and Accountability Act.

HyTrust's security approach also reflects the steady shift to virtualization in datacenters. Earlier approaches like whole disk encryption leave data unprotected whenever it is read from disk. The security specialist said DataControl is geared to virtualized, multi-tenant infrastructures while automating data encryption as virtual machines are copied and moved.

VMware stressed that the partnership would allow vCloud Air customers to manage their data encryption lifecycle under a single policy across the virtual cloud platform and existing datacenters.

The partners said HyTrust's DataControl software would be available on vCloud Air beginning in June 2015.

VMware is among a list of "strategic investors" in HyTrust that also includes Cisco Systems, Intel, Fortinet and CIA technology incubator In-Q-Tel.

The VMware-HyTrust partnership was among a batch of hybrid cloud security announcements coming out of this week's RSA security conference in San Francisco. For example, Centrify Corp., an identity management specialist for cloud, mobile and datacenter security announced a cloud-based "privileged identity service." The service is designed to protect critical data, applications and network devices from data breaches.

The new service works by managing shared account passwords to servers, network devices and infrastructure-as-a-service, Centrify said.

Elsewhere, IBM announced this week it is working with software security vendor Citigal Inc. to incorporate an application security testing service into IBM's Application Security Management offering. The goal is to incorporate security into application development at scale, the partners said.

These and other security products underscore the growing market for automated security features as enterprises shift to hybrid clouds.

About the author: George Leopold

George Leopold has written about science and technology for more than 30 years, focusing on electronics and aerospace technology. He previously served as executive editor of Electronic Engineering Times. Leopold is the author of "Calculated Risk: The Supersonic Life and Times of Gus Grissom" (Purdue University Press, 2016).

Add a Comment