Securing the Cloud

The biggest barriers holding back enterprise adoption of public cloud computing offerings are well documented and consistent across every report published on the subject - auditing and security.

These concerns – and the associated risks - are higher in complex multi-tenancy public clouds that are highly dynamic and built on highly abstracted file systems. File systems that make forensics difficult, if not impossible. The greater the vendor value add, the lower the control.

Auditing is crucial to ensuring good governance, managing risk and proving compliance. Cloud computing providers will remain highly reluctant to allow customers to audit their systems.

Moving to a cloud-based model delivered by a SaaS provider means you are outsourcing more than just data – you’re also outsourcing control, including privileged access. Administrators frequently surf the net from the same machine that they carry out privileged actions.

VigilancePro® can support cloud computing strategies adding significant value in the following areas:

• Delivers 360 degree visibility of all user activity, including outsourced administrators
• Provides comprehensive monitoring and alerting across the environment
• Provides a visual pre-forensics audit trail supporting investigations and slashing the cost of discovery

And of course while the cloud may be virtual from the customer’s perspective it manifests itself in the physical world in the data centre. Through patented integration with physical security systems, VigilancePro is uniquely capable of providing very high security around cloud computing provider’s facilities.

A survey published in May 2010 by the Ponemon Institute found “the most difficult risks to minimise were found to be securing the physical location of data assets and restricting privileged user access to sensitive data.”

For more information on how VigilancePro can be used to Secure the Data Centre.