Virtualization Technology News and Information
Fortanix 2019 Predictions: It's Time to Trust the Cloud, Your Data is Secure

Industry executives and experts share their predictions for 2019.  Read them in this 11th annual series exclusive.

Contributed by Anand Kashyap, CTO and co-founder, Fortanix

It's Time to Trust the Cloud, Your Data is Secure

Public cloud providers define security as a shared responsibility between themselves and their customers, where they are responsible for the security of their infrastructure but require their customers to secure their data and applications. Security from the cloud will become achievable in 2019:

While customers are expected to bring their own security to the cloud, they are realizing that their existing on-prem security solutions don't translate well to the cloud. To bridge this gap, cloud providers are stepping in to offer security services themselves, such as key management services (KMS), and Cloud hardware security modules (HSM). However, many customers are choosing to not move their sensitive workloads to the cloud because they can't trust their cloud provider to also provide them with the security they require.

Security in the cloud has become increasingly hard to obtain, as the sophistication of attacks have gone up a notch this year. We have seen sophisticated attacks which directly exploit the inner workings of the CPU, for example Spectre, Meltdown, and Foreshadow. The hardware implant-based attack reported by Bloomberg demonstrated that attackers will go to great lengths to compromise the supply chain and insert vulnerabilities early in the lifecycle of a compute machine. When you don't have control of your supply chain, and hardware and software patch management, it becomes increasingly hard to trust the cloud provider for your security.

As customers look for security in the cloud, as well as security from the cloud, they need a security solution which is portable, deterministic, and decoupled from the cloud infrastructure. Runtime Encryption creates a security envelope around an application and ensures that the security that an application depends on travels with the application into the public cloud and is not dependent on the infrastructure security. Runtime Encryption has been used to secure keys in the cloud, but this year, we will see greater adoption for a wide range of workloads, such as databases, machine learning, private analytics, etc.


About the Author

Anand has previously worked at Symantec and VMware, as a researcher and an engineer in the areas of security and networking. He has presented at Financial Cryptography and BlackHat conferences, and has filed over 25 patents. Anand holds a PhD from Stony Brook University and a Bachelor of Technology from IIT Kanpur, both in Computer Science.

Published Monday, December 17, 2018 7:19 AM by David Marshall
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
<December 2018>