What's missing in the market today?

Intelligent Workload Management Security

Categories:
Intelligent Workload Management: Cloud Computing, Data Center, Intelligent Workload Management, Security, Virtualization
Companies : Google, IBM, Novell, SAP

Entities Mentioned


Authors


  1. What's missing in the market today?

    The cost and flexibility of cloud computing make it particularly appealing. So what’s holding businesses back from moving to this agile new environment? In my opinion, it comes down to trust and technology.

    The number one hurdle is trust. Before we can consume cloud applications, we need assurances that workloads can move around, in and out of the cloud, without breaching security or compliance mandates.

    According to the Cloud Security Alliance, “cloud computing is about gracefully losing control while maintaining accountability, even if the operational responsibility falls upon one or more third parties.” And that’s the primary goal of the alliance. They’ve come together to create best practices for providing security assurance within the cloud. To do so, they first sought to uncover how the architecture, technology, processes and human capital requirements vary in cloud computing services.

    Now the non-profit organization is taking an exciting next step. They’re defining cloud security certifications, much like the SSL certificates we’re accustomed to when shopping online—giving people necessary confidence in cloud computing. As a result of this work, we will have clearly defined expectations of how the cloud security landscape should be managed.

    With this foundation in place, enterprises can begin to consider the various technological approaches to enabling security and compliance to their cloud environments. Ideally, businesses would have the ability to create self-managing cloud environments, much like self-healing networks. This would involve building intelligence into the workload itself. People often ask how you make a workload intelligent.

    One way is to tag the intelligent workload with a global cloud identifier (universally unique identifier) and associated metadata (data about data), which identifies key characteristics. Attributes of the metadata are both inherited as well dynamically generated, such as the workload being CPU bound versus IO-bound, workload's CPU affinity, workload being factored into on versus off-premise servers, identity-driven security policies, data privacy constraints with regard to premise or geographic location and more. Further, as the workload moved through its lifecycle, it would generate additional run-time intelligence to bring greater visibility and manageability to the environment.

    And of course any such environment will also require compliance and monitoring tools to oversee all of the workload activities in a coherent way. Today's physical, virtual and cloud environments each have a different set of management tools. Within 3-5 years businesses would be able to have a scorecard or heat map index to visualize in real-time and at a glance how secure their cloud environment is at the touch of a button.

    What do you envision as the future of cloud security?

    Bookmark or Share this article


    Related Articles

Login to comment.