@CloudExpo Authors: Zakia Bouachraoui, Pat Romanski, Carmen Gonzalez, Yeshim Deniz, Liz McMillan

Related Topics: @CloudExpo, Cloud Security

@CloudExpo: Blog Feed Post

Security Automation – A Fundamental Promise to Cloud ISVs

Software vendors that use their cloud have an intense need for security, and they need it packaged with cloud friendly APIs

In a recent conversation with a public cloud provider, the message was loud and clear. Software vendors that use their cloud have an intense need for security, and they need it packaged with cloud friendly APIs (Application Program Interfaces).

This is actually a deep point. There have been a lot of recent debates trying to define “what is cloud”, yet arguably one of the most interesting definitions requires the ability to automate the infrastructure using APIs.

Typical APIs in the cloud are web service APIs, using technologies such as XML and HTTP. But the topic is not really a technology topic – its a fundamental business model topic.

When functionality in the cloud can be automated via API, the benefit is elasticity and flexibility. Servers and storage can be added and removed at will, and the “will” is not just an administrators will but can be an automated script that modifes resources based on changing demand.

This is a Good Thing. Indeed, it is the fundamental promise of cloud technology, along with pay-as-you-go economics.

ISVs (Independent Software Vendors) understand this even more than most, since their entire business depends on the ability to use the cloud infrastructure in an automated way without human intervention.

Now mix in security. Everyone “knows” that security is the barrier to adoption in the cloud. Yet there is a dearth of cloud-friendly security solutions out there. To be truly cloud friendly, a security solution must have APIs that allow:

  • Start, stop, restart, and termination of security functionality
  • Attaching security functionality to a specific cloud storage resource, e.g. to a virtual disk
  • Modifying access control rules for the storage
  • Locking (and unlocking) access to data
  • Managing alerts and reports, and routing them to appropriate management applications.
  • Managing encryption keys associated with the secured storage (such keys, by the way, cannot be stored in the virtual cloud environment, but that’s a different story).

A few security specialists have started to notice this, notably Porticor. Such API-driven automation allows dealing with the security barrier while respecting the fundamental cloud model.

No wonder our friends in the cloud provision community see this as a high priority.

Read the original blog entry...

More Stories By Gilad Parann-Nissany

Gilad Parann-Nissany, Founder and CEO at Porticor is a pioneer of Cloud Computing. He has built SaaS Clouds for medium and small enterprises at SAP (CTO Small Business); contributing to several SAP products and reaching more than 8 million users. Recently he has created a consumer Cloud at G.ho.st - a cloud operating system that delighted hundreds of thousands of users while providing browser-based and mobile access to data, people and a variety of cloud-based applications. He is now CEO of Porticor, a leader in Virtual Privacy and Cloud Security.

CloudEXPO Stories
Public clouds dominate IT conversations but the next phase of cloud evolutions are "multi" hybrid cloud environments. The winners in the cloud services industry will be those organizations that understand how to leverage these technologies as complete service solutions for specific customer verticals. In turn, both business and IT actors throughout the enterprise will need to increase their engagement with multi-cloud deployments today while planning a technology strategy that will constitute a significant part of their IT budgets in the very near future. As IoT solutions are growing rapidly, as well as security challenges growing exponentially, without a doubt, the cloud world is about to change for the better. Again.
Isomorphic Software is the global leader in high-end, web-based business applications. We develop, market, and support the SmartClient & Smart GWT HTML5/Ajax platform, combining the productivity and performance of traditional desktop software with the simplicity and reach of the open web. With staff in 10 timezones, Isomorphic provides a global network of services related to our technology, with offerings ranging from turnkey application development to SLA-backed enterprise support. Leading global enterprises use Isomorphic technology to reduce costs and improve productivity, developing & deploying sophisticated business applications with unprecedented ease and simplicity.
On-premise or off, you have powerful tools available to maximize the value of your infrastructure and you demand more visibility and operational control. Fortunately, data center management tools keep a vigil on memory contestation, power, thermal consumption, server health, and utilization, allowing better control no matter your cloud's shape. In this session, learn how Intel software tools enable real-time monitoring and precise management to lower operational costs and optimize infrastructure for today even as you're forecasting for tomorrow.
Andrew Keys is co-founder of ConsenSys Enterprise. He comes to ConsenSys Enterprise with capital markets, technology and entrepreneurial experience. Previously, he worked for UBS investment bank in equities analysis. Later, he was responsible for the creation and distribution of life settlement products to hedge funds and investment banks. After, he co-founded a revenue cycle management company where he learned about Bitcoin and eventually Ethereum.
At CloudEXPO Silicon Valley, June 24-26, 2019, Digital Transformation (DX) is a major focus with expanded DevOpsSUMMIT and FinTechEXPO programs within the DXWorldEXPO agenda. Successful transformation requires a laser focus on being data-driven and on using all the tools available that enable transformation if they plan to survive over the long term. A total of 88% of Fortune 500 companies from a generation ago are now out of business. Only 12% still survive. Similar percentages are found throughout enterprises of all sizes.