News

Virtualisation delivers data protection, says security expert

Virtualisation is the key to better information security in cloud computing, says Eric Baize, a board member at cross-industry security initiative, SAFECode.

The technology is now beginning to deliver on that promise as suppliers announce products with a clear implementation of wider, more finely grained data controls, Eric Baize said.

Enterprises are becoming more comfortable with virtualisation, said Baize, who is also senior director of the product security office at RSA, the security division of EMC.

But, he said, increasingly security-aware enterprises are now demanding greater visibility of what is happening in the virtual environment.

Virtual desktops are a good example of how virtualisation can already provide a greater level of security, Baize told Computer Weekly.

Virtualisation enables IT departments to maintain a consistent configuration and patch levels. Virtualisation can also isolate corporate workloads from the rest of the desktop, he said.

According to Baize, this is especially useful as a growing number of employees are buying their own laptops for combined work and private use.

EMC is planning to roll out virtual desktops to all employees so they can run and isolate their work environments on any PC or laptop computer, he said.

Because it is largely enabled by virtualisation, cloud computing can provide greater clarity of where virtual workloads are at any given moment. They can also shed light on compliance with internal or external policies or regulations.

"The latest virtualisation products are designed to enable CIOs to manage compliance across physical, virtual and cloud computing environment," said Baize.

After giving the enterprise greater visibility of the virtual environment, the next step was giving the enterprise greater control over workloads, he said.

Baize cites as an example, Intel's work with VMWare and EMC to tie virtual machine workloads with specific hardware.

This means businesses can now define policies to restrict workloads involving sensitive data to hardware located in the European Union to comply with regional data protection directives.

"It is an important step forward to be able to work across physical, virtual and cloud environments because we are likely to see them co-existing for quite a while," said Baize.

All new investment by business organisations is likely to focus on technologies that will remain relevant in a cloud computing environment, he said.

This is particularly true of security, as it becomes part of the cloud and virtualisation budget because of the increased number of critical applications moving into these environments.

Rather than being an afterthought, security will become increasingly integrated into future technology planning and investment alongside compliance and risk management, according to Baize.

"Visibility into risk is important and will remain highly necessary in the cloud," he said.


Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
 

COMMENTS powered by Disqus  //  Commenting policy