Tuesday, March 2, 2010

RSA -- Cloud Computing to Turn the Way Security Is Delivered Inside Out

"Something is holding back the full realization of this cloud vision. And that - in a word - is security," stated Art Coviello, President of RSA, The Security Division of EMC, in a keynote address at the RSA Conference in San Francisco . "With 51% of CIOs* citing security as their greatest concern surrounding cloud computing, security has not kept pace with the evolution to the cloud reflected in today's increasingly virtualized and hyper-extended enterprises. We have severely diminished vision as a result and it shows. In short, people everywhere must be able to trust the cloud even if they literally and metaphorically can't see it."

Coviello outlined what RSA sees as the four, well-defined stages on the journey to the private cloud:

1. Initial adoption of virtualization to consolidate non-mission critical infrastructure, like test and development systems as well as low risk applications. It compels the enterprise to become adept with the tools of virtualization and to begin the process of "hardening" the virtual infrastructure.

2. Virtualize critical business applications and ensure the organization maintains the same level of visibility to the state of compliance in the virtual environment to the physical infrastructure.

3. Develop internal clouds and operate their information infrastructure as a utility consisting of a fully virtualized and automated data center where application workloads are policy- and service-level driven.

4. Outsource infrastructure to external service providers. This phase requires careful selection of service providers based on their demonstrated ability to "enforce policy, prove compliance and manage multi-tenancy."http://www.rsa.com

See also