Is my business safe in the Cloud?
We know that if you are thinking about moving your business to the Cloud you want to be guaranteed that your data will be safe. This is a priority not only after you have made the migration, but also during the transition from your on premise infrastructure to your new Infrastructure as a Service (IaaS), service provider.
At RSAWEB we offer you peace of mind when moving to our Enterprise Cloud (Virtual Data Centre) platform. The RSAWEB Virtual Data Centre (VDC) is built using a best of breed hardware stack, while the virtualisation layer leverages VMware’s vCentre as the virtualisation software.
Customer safety and security is of the utmost importance. VMware and their security programs are constantly evolving to lock down the ever-changing threat landscape.
VMware Security Engineering, Communications and Response group (vSECR) is responsible for developing software security initiatives, and they take a full lifecycle approach to product security from the product’s inception up until its ‘end of life’.
Here are just some of the security protocols put in place by VMware to ensure your data is protected:
- VMware Security Development Lifecycle (SDL) – A comprehensive program to identify and mitigate software security risks during the software development lifecycle.
- Security Response Center (VSRC) – A mature process to investigate and remediate reports of product security vulnerabilities identified once products have been released to customers.
- Security Engineering – An engineering team focused on solving complex software security problems, developing common security toolkits, and supporting SDL and security response activities.
- Security Advisories – document remediation for security vulnerabilities that are reported in VMware products.
- Security Certifications – A program to drive key products through appropriate security certifications such as Common Criteria, FIPS 140-2, and DISA STIG.
- Security Evangelism – A program to raise security awareness and competency within the broader VMware research and development community through formal and informal training.
- Software Supply Chain Security – A program to develop policy and standards to manage constantly evolving supply chain risks.
- Security Hardening Guides – Provide prescriptive guidance for customers on how to deploy and operate VMware products in a secure manner.
Further to the above mentioned security protocols, VMware has partnered with NetApp and Cisco to create a secure multi-tenancy system that takes the security risk out of transitioning to a Cloud infrastructure. Secure multi-tenancy creates clear lanes up and down the stack, so that separate applications or customers can share the same server, storage and networking infrastructure securely, ensuring sensitive information is never compromised.
Virtual machines are securely isolated from one another using VMware’s vShield zones along with the Cisco Nexus 100V virtual switch. The virtual machines are then connected to storage systems through a network that is segmented and secured using the Cisco Nexus 2000, 5000 and 7000 family of products. These storage compartments are securely isolated from other partitions using NetApps multi-storage technology. Together these technologies ensure clear secure lanes where the VMware vShield zones and the multi store partitions have the same security and networking attributes and the same access and user policies throughout the stack.
This infrastructure gives you:
– Unmatched end-to-end security
– Isolated visualisation environments
– Simplified architecture
– Greater business agility
– Lower cost
– Less risk
All of these systems and protocols are in place to give you the peace of mind that your data is secure and safe, not only while being stored in the Cloud but also during the migration process to the Cloud.
Additionally, whilst RSAWEB retains management of the overall environment each VDC is handed over to the customer for self-management and securitisation. RSAWEB Cloud engineers only have access to the overall VDC environment for support if managed services options are selected. Engineers have no access to individual users or actual disk file data unless given Virtual Machine access by the VDC end user.
For more information on Enterprise Cloud you can contact RSAWEB on 087 470 0000 or [email protected]
Read some of our other Cloud articles here: