Virtualisation solves cloud security issues

CIO.

In a keynote address at the RSA Security Conference here, Coviello struck an optimistic tone on cloud security issues. While he acknowledged some of the concerns enterprises might have about moving data and applications to the cloud, he said that approaches to addressing any issues are closer than many think.

"Trust in the cloud is achievable today," Coviello said, adding that the key is to stop depending on security controls designed for physical infrastructures. Instead, companies need to be thinking about leveraging virtualisation technologies to enable the enhanced security, visibility and control they want in cloud environments.

According to Secure Computing he said the proof comes when by leveraging virtualisation technology, we demonstrate better control and visibility the key elements of trust in cloud environments.

“Virtualisation is the silver lining in the cloud. If leveraged properly virtualisation can also be the pathway of surpassing the level of control and visibility that physical IT offers.”

Detailing his premise, Coviello said in virtualised environments boundaries were "logical" and information centric rather than "physical"; in clouds security must be built-in and automated and thirdly, security becomes risk based and adaptive in the cloud.

“It may seem counter-intuitive to use the technology enabling the cloud, virtualisation, to secure the cloud. But we can,” he said.

eWeek says the conference included a new session track about cloud computing, and the topic was the subject of the keynote by Art Coviello, executive vice-president at EMC and executive chairman of the company's RSA security division. Virtualisation and cloud computing have the power to change the evolution of security dramatically in the years to come, he said

“At this point, the IT industry believes in the potential of virtualisation and cloud computing," he said. "IT organisations are transforming their infrastructures. But in any of these transformations, the goal is always the same for security-getting the right information to the right people over a trusted infrastructure in a system that can be governed and managed."

EMC's RSA security division kicked the week off by announcing the Cloud Trust Authority, a set of cloud-based services meant to facilitate secure and compliant relationships between organisations and cloud service providers by enabling visibility and control over identities and information.