AFORE Solutions’ goal has been to provide not only data at rest encryption but also data in motion encryption at all levels of the cloud stack, such that not even the cloud providers can see or change your data. This level of confidentiality does not exist within existing public or private clouds without a little help. AFORE Solutions started with SecureVSA, which provided encryption at rest but had the limitation of requiring the cloud providers to be involved in the process. Now, they have two new products that provide data at rest (and in motion) encryption without the cloud providers being in the know. Actually, the cloud providers do not need to do anything. This is a big win, in my opinion, as if you encrypt data, no one but those with that ability should be able to decrypt the data. Continue reading News: AFORE Adds SecureVM and SecureFile to Cloudlink
When we look at the secure hybrid cloud, there seems to be a missing piece, a piece that is used to validate identity via role based access controls assigned to applications, data, and systems. An identity that allows control of dynamic instead of the normal static firewall rules that are part and parcel of most environments. The software defined data center needs security to move with it and not remain static. Yes we could manipulate the rules on the fly, but those manipulations require that we know who is using a particular VM at a given time and in the case of a server, the VM could be used by more than one user at a time, so we need something more dynamic. Privileged access to data needs to be enforced throughout the stack and not just within an application or by encrypting data. Validating against an identity is a key component of the secure software defined data center and secure hybrid cloud.