PORTLAND, Ore.— SafeNet Inc.—an information technology security provider based in Belcamp, Md.—recently adapted its encryption, authentication and virtualization security suites to run on cloud computers, with Amazon Elastic Compute Cloud (Amazon EC2) the first to sign up.
"SafeNet has been working to provide security as a shared responsibility between the cloud provider and customers," said Dean Ocampo, Solutions Strategy Director at SafeNet. "Now users of Amazon Elastic Compute Cloud can safeguard their data as well as control user access with just as much security as they had with their in-house servers."
Cloud computers can cut costs over in-house servers by allowing users to rent virtual machines and storage. Unfortunately, sharing resources also opens business to extra security risks since resources are shared with other customers—perhaps even your competitors. To remedy
SafeNet's cloud security fabric includes ProtectV encryption for virtual machines and storage as well as authentication services for virtualized applications and transactions. SafeNet's Trusted Cloud Fabric supports both VMware and Xen hypervisors. The company also provides hardware security modules to safeguard security keys within virtualized and cloud environments. Users can also take advantage of fast hardware encyrption engines for securing Ethernet links both to the clouds and on-site.
SafeNet's trusted cloud security fabric uses ProtectV encryption to secure virtual machines and storage plus supports VMware and Xen hypervisors.
I think some hardware binding as far the client communications are concerned will somewhat reduce the risk of getting it all mixed up. Some hard coding of the allowed IP addresses for a given client in the cloud services will create such barriers which cannot be easily hacked.
It is not so easy to replicate physical isolation using software, which makes security in cloud computing a strategy of risks vs economy trade off. Any way you look at it, it is a hassle to ensure data security and confidentiality when there are multiple clients with similar kind of businesses opting for cloud resources.
Some kind of managed hardware solution could be the key to make it more secure.
Pretty much anytime some third party is setting up shared resources there is the possibility of getting it messed up as Rich points out. A temporary "walled garden" while being used would probably be of some help, but then there always seems to be a glitch or hack that gets around that.
Join our online Radio Show on Friday 11th July starting at 2:00pm Eastern, when EETimes editor of all things fun and interesting, Max Maxfield, and embedded systems expert, Jack Ganssle, will debate as to just what is, and is not, and embedded system.