Virtual cloud computing makes a lot of contribution to enterprise information security

Technology executives are setting new policies and investing in new technologies to take into account the resilience of public and private clouds, the provisioning of services, and the infrastructure for sharing data. New policies and systems for identity management are being designed as users develop third-party services for use outside the firewall, even within the firewall, to collaborate in a real-world shared environment. In addition, new boundaries for data security and privacy monitoring need to be identified, bearing in mind how migrating to a virtual cloud environment will affect compliance.

The public sphere of Raytheon Corporation in Waltham, Massachusetts, is not risking the use of clouds. To achieve cost savings, the defense equipment manufacturer is developing a shared, proprietary "cloud type service" that can be implemented if it and its partners can test, build, and collaborate on new programs and products that the U.S. Air Force, Army, and navy prefer.

"[In the Virtual cloud computing environment] security issues and controls are more complex," said Michaeldaly, deputy CISOs and IT service director at Raytheon Company. Not just to manage simple change control, but to go through a lot of trust and prayer: ' Hey, is firewall control migrating with [data or services]? When these virtual machines are generated and deleted, are the security keys responsible for encryption maintained? ’”

When it comes to the security of shared environments, like many other IT executives, there are more Daly than answers at this point: How does a company know who needs access to information as the project starts and shuts down? Does the user have permission to access it? How do the parties involved in development on a private cloud agree to cancel a user configuration? This goes beyond the cloud model. The cloud, he says, is a by-product or a means of turning the business model into a business-sharing resource to develop products and services in a collaborative environment.

internal and external identity management

Enterprise users bypass IT department logins to access virtual cloud computing services. So the question becomes, who has the right to dial in and Dial Izumo services?

The IT team at New York Life Investment Management's New York Life Retirement Planning Service (RPS) department in Massachusetts has chosen to block access to third-party Virtual cloud computing services and educate users about the risk of transferring information from their own networks.

"I know that it's very easy [for users] to move to a cloud service, but it poses a lot of risk," said Nealramasamy, managing director and chief information officer at New York Life RPS. I sat down with the requester to find out why they wanted to visit the third party cloud. Considering our company strategy, my goal is not to have four different [cloud providers], but to pick one. ”

When Raytheon's IT department flagged a third-party cloud service request, Daly and his team explained why uploading the document to apps was not a good idea. They then present other security options to business users, such as the Documentum system of the EMC Company approved by the company.

"We have to comply with international traffic in the Itar[arms trade regulations and other regulations, so we can see where we are uploading documents and information and other things to Google, and we need to show people the right way," Daly said. ”

Raytheon is moving to the private cloud, creating a federal identity management system. This means that the Raytheon Company will validate its own employees, but the companies that join the development project will be responsible for their own authentication.

It sounds simple, but that's not the case. "We have to reach a legal agreement between us and let our [cloud] development partners say, ' Well, if we're going to check identities, you're going to check identities the same way, because not always," Daly said. "

(Responsible editor: The good of the Legacy)