RSA and NetApp address cloud computing data privacy

When using a multi-tenancy private or public cloud service, it is essential to ensure access to data and applications is correctly configured and secure.

Cloud computing

Compliance and security are two major issues in any IT environment but none more so than in the cloud.

At the IP Expo in London today, RSA Security and NetApp outlined their very different methods of access control in a cloud computing environment.

Julian Wheeler, systems engineering manager at NetApp, said: "The reduced spend of IT departments means that the days when departments had five times the resources they needed are truly over. It is now generally seen that you can't have low utilisation anymore."

The solution, he said, is to have a multi-tenancy data centre with virtualised servers, but this then raised security and privacy concerns.

NetApp believed a unified storage architecture is essential to satisfy the differing requirements of different applications and users.

To offer end-to-end security in the multi-tenancy environment, NetApp has partnered with Cisco and VMware to offer IT as a Service (ITaaS).

Wheeler explained that entrusting security to the storage controller allows each application to be treated as separate entities. Data can be moved or refreshed without having to take the system offline.

"This gives us one vision for a unified, virtual infrastructure which can securely isolate stored resources," Wheeler said. "It also offers savings."

He pointed out the case of Nottinghamshire Healthcare Trust which adopted NetApp's product with deduplication and compression enabled. This allowed them to reclaim 50 per cent of their storage, using 75 per cent less rack space and reduced their cooling requirements by 67 per cent.

"With government cutbacks coming into effect these savings are allowing the Trust to save money without having to make drastic cuts to their services."

RSA Security has also created an end-to-end secured cloud. RSA is part of EMC, so the company's choice of storage partner was obvious - VMware and Cisco who are becoming a common factor with many cloud computing suppliers.

Rashmi Tarbatt, RSA's chief security architect for the EMEA region, said moving to the cloud does not mean scrapping current security practices.

"The difference is that the composite stack of cloud infrastructures offer a better view of what is going on," she explained.

This does have a spin-off effect in that roles of staff have to change.

"People that function historically as network administrators, systems administrators, and suchlike, all come together in a single function. This does not necessarily mean that you only need one person but the correlated view of all that is going on will mean that these roles have to be redefined."

When a policy has been defined, the result is often hundreds of logs so there is a need to decide which logs have priority - which are more important to the business processes. Within the policies, there will also be certain governance, risk management and compliance regulations that need to be applied.

RSA's acquisition of Archer has brought a useful tool, Tarbatt said. The Archer eGRC Suite allows the application of compliance rules to be automated ensuring that everything is standardised.

Though their companies may differ in the detail, both Tarbatt and Wheeler agreed cloud infrastructures are set to free up administrators to concentrate on more pressing issues of how the systems can better serve the business.

Featured Resources

Unlocking collaboration: Making software work better together

How to improve collaboration and agility with the right tech

Download now

Four steps to field service excellence

How to thrive in the experience economy

Download now

Six things a developer should know about Postgres

Why enterprises are choosing PostgreSQL

Download now

The path to CX excellence for B2B services

The four stages to thrive in the experience economy

Download now

Recommended

VMware patches critical flaws in vRealize AI platform
hacking

VMware patches critical flaws in vRealize AI platform

31 Mar 2021
Google extends Cisco networking relationship with cloud-based network management
cloud computing

Google extends Cisco networking relationship with cloud-based network management

24 Mar 2021
Accenture and VMware launch joint business group to aid cloud migration
Cloud

Accenture and VMware launch joint business group to aid cloud migration

11 Feb 2021
What is SD-WAN?
software-defined wide area network (SD-WAN)

What is SD-WAN?

5 Feb 2021

Most Popular

Microsoft is submerging servers in boiling liquid to prevent Teams outages
data centres

Microsoft is submerging servers in boiling liquid to prevent Teams outages

7 Apr 2021
How to find RAM speed, size and type
Laptops

How to find RAM speed, size and type

8 Apr 2021
Roadmap 2021: What’s coming from 3CX
Advertisement Feature

Roadmap 2021: What’s coming from 3CX

30 Mar 2021