The Security-aware Cloud

To build security into the IT infrastructure demands much more than secure software. It is also about having the IT infrastructure products deliver intrinsic security value as a core capability of the product and fully integrated in terms of management and enforcement with the other non-security related capabilities of that product.

The proof-of-concept of the integration of EMC Atmos cloud optimized storage with RSA Data Loss Prevention (DLP) Suite, which we demonstrated at the recent EMC World 2009, is the perfect illustration of how security integrated into the infrastructure can surpass the level of security functionality that any standalone security product bolted onto any infrastructure product can provide.

The-proof-of-concept demonstrates how the policy-driven RSA DLP suite can make EMC Atmos aware of the sensitivity of the data it is managing. An Atmos administrator can then configure Atmos policies that act on the intelligence provided by RSA DLP to securely store the data. The demonstration focused on Atmos using RSA DLP to determine where in the storage cloud the data should be stored, but the concept applies as well for other data handling decisions such as encryption.

Organizations can use such a solution to deploy Atmos cloud storage for data that is either sensitive or governed by regulations. For instance, a private cloud can be deployed that enforces a policy that requires all sensitive data to remain in the internal cloud, while the remaining data can reside on the external cloud. The solution could also be used to comply with privacy regulations that forbid personally identifiable information to leave a specific country.

This integration is just one example in what will be a long chain of new opportunities offered by cloud and virtualization to build security into the infrastructure in new and more effective ways.

About the Author: Eric Baize

Throughout his career, Eric Baize has been passionate about building security and privacy into systems and technology from design to deployment. He currently leads Dell EMC’s Product Security Office and serves as Chairman of SAFECode, an industry-led non-profit organization dedicated to advancing software and supply chain security best practices. At Dell EMC, Eric leads the team that sets the standards and practices for all aspects of product security for the product portfolio: Vulnerability response, secure development, consistent security architecture, and code integrity. Eric joined Dell through its combination with EMC where he built EMC’s highly successful product security program from the ground up and was a founding member of the leadership team that drove EMC’s acquisition of RSA Security in 2006. He later led RSA’s strategy for cloud and virtualization. Prior to joining EMC in 2002, Eric held various positions for Groupe Bull in Europe and in the US. Eric has been a member of the SAFECode Board of Directors since the organization was founded in 2007 and also serves on the BSIMM Board of Advisors. He holds multiple U.S. patents, has authored international security standards, is a regular speaker at industry conferences and has been quoted in leading print and online news media. Eric holds a Masters of Engineering degree in Computer Science from Ecole Nationale Supérieure des Télécommunications de Bretagne, France and is a Certified Information Security Manager. Follow Eric Baize on Twitter: @ericbaize
Topics in this article