AFORE Solutions’ goal has been to provide not only data at rest encryption but also data in motion encryption at all levels of the cloud stack, such that not even the cloud providers can see or change your data. This level of confidentiality does not exist within existing public or private clouds without a little help. AFORE Solutions started with SecureVSA, which provided encryption at rest but had the limitation of requiring the cloud providers to be involved in the process. Now, they have two new products that provide data at rest (and in motion) encryption without the cloud providers being in the know. Actually, the cloud providers do not need to do anything. This is a big win, in my opinion, as if you encrypt data, no one but those with that ability should be able to decrypt the data.
Articles Tagged with Virtual Disk Encryption
The 5/31 Virtualization Security Podcast we spoke to High Cloud Security about encryption as a defense in depth, and where to place encryption within the virtual environment. This lead to an intriguing discussion about what is actually missing from current virtual environments when it comes to encryption. We can encrypt within each VM and we can encrypt within the networking fabric, as well as within the drives themselves, but currently that leaves several vulnerabilities and unencrypted locations that can be used as attack points. While we concentrated on vSphere, what we are discussing applies equally to all hypervisors.
The Virtualization Practice was recently offline for two days, we thank you for coming back to us after this failure. The reason, a simple fibre cut that would have taken the proper people no more than 15 minutes to fix, but we were way down on the list due to the nature of the storm that hit New England and took 3M people off the grid. Even our backup mechanisms were out of power. While our datacenter had power, the rest of the area in our immediate vicinity did not. So not only were we isolated from reaching any clouds, but we were isolated from being reached from outside our own datacenter. The solution to such isolation is usually remote sites and location of services in other regions of a country, this gets relatively expensive for small and medium business, can the Hybrid Cloud help here?
When you think of backup security, many people think of ensuring tapes are off-site or even encryption on media, but what is really required for backup security? There is quite a bit going on when someone performs a backup within the virtual environment, so where does security begin and end for making a single or multiple backups?