Secure Cloud Infrastructure and Next-Generation Data Centers – An Interactive Discussion
- 1. Secure Cloud Infrastructure and Next-Generation Data Centers
– An Interactive Discussion
Get a smarter, more strategic approach to security and cloud scaling
in this must-attend, interactive, thought leadership event for enterprise
technology and security decision makers.
Second in a three-part series for IS and IT management professionals responsible for
virtualization and data center security, architecture, management, and optimization
© 2012, HyTrust, Inc. www.hytrust.com 1975 W. El Camino Real, Suite 203, Mountain View, CA 94040 Phone: 650-681-8100 / email: info@hytrust.com
1
- 2. Overview
Meet the Experts
Discussion topics:
Next-generation data centers, and the future of IT infrastructure
Key business drivers for virtualization security
Proactive, collaborative best-practices to protect your brand, IP, and “real
security”
Summary
Q&A
© 2012, HyTrust, Inc. www.hytrust.com 2
- 3. Meet the Experts
Hemma Prafullchandra, CTO/SVP Products, HyTrust, Inc.
Janakan Rajendran, CIO, Global Net Access
Bob West, CEO, Echelon One
Eric Chiu, President/Founder, HyTrust, Inc.
© 2012, HyTrust, Inc. www.hytrust.com 3
- 4. Discussion: Data Center of the Future – 3 year Vision
“Rented” Cloud
SaaS Application Infrastructure Self-Service
Access
Identity and
Usage
Consolidation & IT as a
Virtualization Ubiquitous Access
Service
Data Cost
End result of datacenter transformation: IT is delivered as-a-service;
Role of Corporate IT is transformed from operational to control / governance
© 2012, HyTrust, Inc. www.hytrust.com 4
- 5. Discussion: Future of IT Infrastructure?
Intel Cloud Builders Reference Architecture
HyTrust, VMware, and Intel
PCI-Compliant Cloud Reference Architecture
Cisco, VMware, Trend Micro, HyTrust, Savvis, and Coalfire
NIST SP800-125: Guide to Security for Full Virtualization
Technologies
Cisco Validated Design
Cisco, RSA, EMC, VCE, and HyTrust
© 2012, HyTrust, Inc. www.hytrust.com 5
- 6. Audience Poll
When are you planning your next server refresh?
Within 12 months as part of a full data center re-architecture
Within 12 months as standalone server refresh
Greater than 12 months as part of a full data center re-architecture
Greater than 12 months as standalone server refresh
No server refresh or data center re-architecture planned
Unknown
© 2011, HyTrust, Inc. www.hytrust.com 6
- 7. Discussion: Key Drivers and Business Trends?
Virtualize More…
Analyst research shows market is now 52% virtualized,
with many organizations goaled to be 75% virtualized
by 2014. *
Virtualize More Securely…
There are now more than 800,000 vSphere admins.**
“Virtualization increases security risk by 60%.”***
*Forrester Research CISO’s Guide to Virtualization Security 2012
** VMware, Vmworld presentation with EMC, Vmware, HyTrust 2011
***Gartner; “From Secure Virtualization to Secure Private Clouds”; Neil MacDonald & Thomas J. Bittman; 13 October 2010
© 2012, HyTrust, Inc. www.hytrust.com 7
- 8. Organizations are rapidly adopting virtualization
including mission-critical workloads
100%
Cost Savings Compliance Risk
Enterprise Platform
% of Workloads Virtualized
Extensive Production
Limited Production
Mission-Critical Workloads
Develop/Test
Non-Mission-Critical Workloads
0%
Non-Compliant Limited Compliance Compliant Best-Practice
Management & Automation Tools Become Necessary
8
© 2012, HyTrust, Inc. www.hytrust.com
- 9. Discussion: How Best to Align Broader Objectives?
Recent VMware Executive Brief
CFO CIO Implications for CSO
Cost Cost transparency Do more with the Limited or no budget
same/less budget
(Need very compelling event,
Forecast accuracy Resource planning or to tightly align to revenue
generation)
Agility Investment analysis Modernize legacy IT Accountable for security
solution that matches agility of
Select the right cloud virtualization
strategy
Risk Mitigate potential Gain control over Accountable for security of
corporate risk IT workload leakage to virtual assets that
Do Not exist yet.
Adhere to security Manage data and
and Compliance application
security
VMware /CFOWorld , “Aligning CFO and CIO Priorities” 2011 http://www.vmware.com/files/pdf/cloud/VMware_CFOWorld_Aligning_CFO_CIO.pdf
© 2012, HyTrust, Inc. www.hytrust.com 9
- 10. Key Drivers to Protect Brand and Secure IP
87% Percentage of companies that
have experienced a data breach
— IT Compliance
Institute
48% Percent of all breaches that
involved privileged user misuse
— Verizon report, 2010
74% Percentage of breached companies
who lost customers as a result of the
breach
— IT Compliance
Institute
© 2012, HyTrust, Inc. www.hytrust.com 10
- 11. Discussion: Future of IT Talent?
What does the skillset of future IT professionals look like?
Dice.com Survey: Top-ten “Tough-to-fill” IT Skills:
#1 Security
#2 Virtualization
© 2012, HyTrust, Inc. www.hytrust.com 11
- 12. Audience Poll
What security concern ranks highest in importance in your
virtualized environments heading into 2012?
Lack of automation (admin is brought in for every update and change)
Self service for line of businesses to access/manage their virtual machines
Strength of security policies and processes around access and change controls
Insider threat – either malicious or errant
Logging and reporting tools for audit and/or forensics purposes
All of the above
© 2012, HyTrust, Inc. www.hytrust.com
© 2011, HyTrust, Inc. Inc. www.hytrust.com 12
© 2012, HyTrust, www.hytrust.com
- 13. Best Practices and Guidance – What Can You Do Today?
Consider the right access for the right people in your virtual environs
Cut back or eliminate access rights for those not on the projects
Manage the networks as well
Take full inventory on regular basis
Automate to drive scalability
Consider management tools to streamline workflow
Drive security policy automation to prevent mistakes
© 2012, HyTrust, Inc. www.hytrust.com 13
- 14. Best Practices and Guidance – What Can You Do Today?
Create the business case for change
Show costs of Not doing it (i.e. 87%)
Be proactive and collaborative with IT, Security to understand and
identify the business problem
Create a plan
Don’t be scared!
© 2012, HyTrust, Inc. www.hytrust.com 14
- 15. hemma@hytrust.com
jrajendran@gnax.net
bob.west@echelonone.net
eric@hytrust.com
sales@hytrust.com
© 2012, HyTrust, Inc. www.hytrust.com 15
- 16. hemma@hytrust.com
jrajendran@gnax.net
bob.west@echelonone.net
eric@hytrust.com
sales@hytrust.com
© 2012, HyTrust, Inc. www.hytrust.com 16
- 17. hemma@hytrust.com
jrajendran@gnax.net
bob.west@echelonone.net
eric@hytrust.com
sales@hytrust.com
© 2012, HyTrust, Inc. www.hytrust.com 17
- 18. hemma@hytrust.com
jrajendran@gnax.net
bob.west@echelonone.net
eric@hytrust.com
sales@hytrust.com
© 2012, HyTrust, Inc. www.hytrust.com 18