@CloudExpo Authors: Zakia Bouachraoui, Elizabeth White, Liz McMillan, Pat Romanski, Yeshim Deniz

Related Topics: @CloudExpo, Cloud Security

@CloudExpo: Blog Feed Post

Security Automation – A Fundamental Promise to Cloud ISVs

Software vendors that use their cloud have an intense need for security, and they need it packaged with cloud friendly APIs

In a recent conversation with a public cloud provider, the message was loud and clear. Software vendors that use their cloud have an intense need for security, and they need it packaged with cloud friendly APIs (Application Program Interfaces).

This is actually a deep point. There have been a lot of recent debates trying to define “what is cloud”, yet arguably one of the most interesting definitions requires the ability to automate the infrastructure using APIs.

Typical APIs in the cloud are web service APIs, using technologies such as XML and HTTP. But the topic is not really a technology topic – its a fundamental business model topic.

When functionality in the cloud can be automated via API, the benefit is elasticity and flexibility. Servers and storage can be added and removed at will, and the “will” is not just an administrators will but can be an automated script that modifes resources based on changing demand.

This is a Good Thing. Indeed, it is the fundamental promise of cloud technology, along with pay-as-you-go economics.

ISVs (Independent Software Vendors) understand this even more than most, since their entire business depends on the ability to use the cloud infrastructure in an automated way without human intervention.

Now mix in security. Everyone “knows” that security is the barrier to adoption in the cloud. Yet there is a dearth of cloud-friendly security solutions out there. To be truly cloud friendly, a security solution must have APIs that allow:

  • Start, stop, restart, and termination of security functionality
  • Attaching security functionality to a specific cloud storage resource, e.g. to a virtual disk
  • Modifying access control rules for the storage
  • Locking (and unlocking) access to data
  • Managing alerts and reports, and routing them to appropriate management applications.
  • Managing encryption keys associated with the secured storage (such keys, by the way, cannot be stored in the virtual cloud environment, but that’s a different story).

A few security specialists have started to notice this, notably Porticor. Such API-driven automation allows dealing with the security barrier while respecting the fundamental cloud model.

No wonder our friends in the cloud provision community see this as a high priority.

Read the original blog entry...

More Stories By Gilad Parann-Nissany

Gilad Parann-Nissany, Founder and CEO at Porticor is a pioneer of Cloud Computing. He has built SaaS Clouds for medium and small enterprises at SAP (CTO Small Business); contributing to several SAP products and reaching more than 8 million users. Recently he has created a consumer Cloud at G.ho.st - a cloud operating system that delighted hundreds of thousands of users while providing browser-based and mobile access to data, people and a variety of cloud-based applications. He is now CEO of Porticor, a leader in Virtual Privacy and Cloud Security.

CloudEXPO Stories
When applications are hosted on servers, they produce immense quantities of logging data. Quality engineers should verify that apps are producing log data that is existent, correct, consumable, and complete. Otherwise, apps in production are not easily monitored, have issues that are difficult to detect, and cannot be corrected quickly. Tom Chavez presents the four steps that quality engineers should include in every test plan for apps that produce log output or other machine data. Learn the steps so your team's apps not only function but also can be monitored and understood from their machine data when running in production.
Adding public cloud resources to an existing application can be a daunting process. The tools that you currently use to manage the software and hardware outside the cloud aren’t always the best tools to efficiently grow into the cloud. All of the major configuration management tools have cloud orchestration plugins that can be leveraged, but there are also cloud-native tools that can dramatically improve the efficiency of managing your application lifecycle. In his session at 18th Cloud Expo, Alex Lovell-Troy, Director of Solutions Engineering at Pythian, presented a roadmap that can be leveraged by any organization to plan, analyze, evaluate, and execute on moving from configuration management tools to cloud orchestration tools. He also addressed the three major cloud vendors as well as some tools that will work with any cloud.
DXWordEXPO New York 2018, colocated with CloudEXPO New York 2018 will be held November 11-13, 2018, in New York City and will bring together Cloud Computing, FinTech and Blockchain, Digital Transformation, Big Data, Internet of Things, DevOps, AI, Machine Learning and WebRTC to one location.
With more than 30 Kubernetes solutions in the marketplace, it's tempting to think Kubernetes and the vendor ecosystem has solved the problem of operationalizing containers at scale or of automatically managing the elasticity of the underlying infrastructure that these solutions need to be truly scalable. Far from it. There are at least six major pain points that companies experience when they try to deploy and run Kubernetes in their complex environments. In this presentation, the speaker will detail these pain points and explain how cloud can address them.
Discussions of cloud computing have evolved in recent years from a focus on specific types of cloud, to a world of hybrid cloud, and to a world dominated by the APIs that make today's multi-cloud environments and hybrid clouds possible. In this Power Panel at 17th Cloud Expo, moderated by Conference Chair Roger Strukhoff, panelists addressed the importance of customers being able to use the specific technologies they need, through environments and ecosystems that expose their APIs to make true change and transformation possible.