IDN speaks with HighCloud CTO and co-founder Steve Pate.
HighCloud Security 2.0 aims to reduce attack vectors, de-mystify encryption for IT admins moving to clouds, and remove cloud-driven concerns over data privacy and compliance, according to HighCloud CTO and co-founder Steve Pate.
"As organizations seek to take advantage of the elasticity and IT cost savings of the cloud, data security is often the gating factor," Pate
"Would you put your family jewels in a safe and give someone else the key for it?"
CTO and co-founder
Moreover, virtualization architectures introduce a whole new [set of] security and compliance challenges, he
When data is distributed across virtual and physical environments, backups and snapshots can leave sensitive data highly vulnerable.
"The fact that data leaves the building and is in the hands of others [thanks to clouds] makes most IT managers very nervous," Pate
You never have to worry about your data sitting on backup tapes in geographies that would concern you," Pate
Further, IT can safely decommission the data from the cloud with only a few mouse clicks, he
HighCloud Security works with all public IaaS cloud environments and all cloud frameworks (OpenStack, CloudStack, etc.), Pate said.
two key products, and how they secure virtual environments.
Virtual Machine Vault (VMV) solution was designed to allow organizations to protect the whole VM including snapshot and suspend files.
We provide for encryption of all parts of the VM and provide encrypted backup images," Pate
Data Security Module (DSM) provides encryption within the VM to provide a full encrypted path - all the way from the VM, the hypervisor to storage.
"This alleviates any concerns around VM administrators with too much privilege," Pate
This seamless integration is possible because "HighCloud's
approach is transparent to hypervisor, storage or other security technologies," he
Notably, HighCloud's VM-based data security module works on Linux, which is the dominant OS among public IaaS environments, Pate said.
Used together, HighCloud's
VMV and DSM (along with full multi-tenancy within the HighCloud Key and Policy Server) provides a comprehensive solution to allow cloud users to meet the new PCI virtualization guidelines, he
also detailed the steps HighCloud follows to provide security.