RSA and NetApp address cloud computing data privacy

When using a multi-tenancy private or public cloud service, it is essential to ensure access to data and applications is correctly configured and secure.

Cloud computing

Compliance and security are two major issues in any IT environment but none more so than in the cloud.

At the IP Expo in London today, RSA Security and NetApp outlined their very different methods of access control in a cloud computing environment.

Julian Wheeler, systems engineering manager at NetApp, said: "The reduced spend of IT departments means that the days when departments had five times the resources they needed are truly over. It is now generally seen that you can't have low utilisation anymore."

The solution, he said, is to have a multi-tenancy data centre with virtualised servers, but this then raised security and privacy concerns.

NetApp believed a unified storage architecture is essential to satisfy the differing requirements of different applications and users.

To offer end-to-end security in the multi-tenancy environment, NetApp has partnered with Cisco and VMware to offer IT as a Service (ITaaS).

Wheeler explained that entrusting security to the storage controller allows each application to be treated as separate entities. Data can be moved or refreshed without having to take the system offline.

"This gives us one vision for a unified, virtual infrastructure which can securely isolate stored resources," Wheeler said. "It also offers savings."

He pointed out the case of Nottinghamshire Healthcare Trust which adopted NetApp's product with deduplication and compression enabled. This allowed them to reclaim 50 per cent of their storage, using 75 per cent less rack space and reduced their cooling requirements by 67 per cent.

"With government cutbacks coming into effect these savings are allowing the Trust to save money without having to make drastic cuts to their services."

RSA Security has also created an end-to-end secured cloud. RSA is part of EMC, so the company's choice of storage partner was obvious - VMware and Cisco who are becoming a common factor with many cloud computing suppliers.

Rashmi Tarbatt, RSA's chief security architect for the EMEA region, said moving to the cloud does not mean scrapping current security practices.

"The difference is that the composite stack of cloud infrastructures offer a better view of what is going on," she explained.

This does have a spin-off effect in that roles of staff have to change.

"People that function historically as network administrators, systems administrators, and suchlike, all come together in a single function. This does not necessarily mean that you only need one person but the correlated view of all that is going on will mean that these roles have to be redefined."

When a policy has been defined, the result is often hundreds of logs so there is a need to decide which logs have priority - which are more important to the business processes. Within the policies, there will also be certain governance, risk management and compliance regulations that need to be applied.

RSA's acquisition of Archer has brought a useful tool, Tarbatt said. The Archer eGRC Suite allows the application of compliance rules to be automated ensuring that everything is standardised.

Though their companies may differ in the detail, both Tarbatt and Wheeler agreed cloud infrastructures are set to free up administrators to concentrate on more pressing issues of how the systems can better serve the business.

Featured Resources

Defeating ransomware with unified security from WatchGuard

How SMBs can defend against the onslaught of ransomware attacks

Free download

The IT expert’s guide to AI and content management

How artificial intelligence and machine learning could be critical to your business

Free download

The path to CX excellence

Four stages to thrive in the experience economy

Free download

Becoming an experience-based business

Your blueprint for a strong digital foundation

Free download


The IT Pro Podcast: Can 5G close the digital divide?

The IT Pro Podcast: Can 5G close the digital divide?

6 Aug 2021
Cisco launches Webex for Defense for the Pentagon

Cisco launches Webex for Defense for the Pentagon

7 Jul 2021
Cisco flaw under attack after researchers publish exploit PoC

Cisco flaw under attack after researchers publish exploit PoC

28 Jun 2021
Cisco lands $1 billion defense IT contract

Cisco lands $1 billion defense IT contract

15 Jun 2021

Most Popular

What are the pros and cons of AI?
machine learning

What are the pros and cons of AI?

8 Sep 2021
Zoom: From pandemic upstart to hybrid work giant
video conferencing

Zoom: From pandemic upstart to hybrid work giant

14 Sep 2021
Citrix mulling potential sale after tumultuous 2021
mergers and acquisitions

Citrix mulling potential sale after tumultuous 2021

15 Sep 2021