Everyone knows that virtualization and cloud computing can introduce new security risks and limit visibility and control. VMs are mobile by design, which means that they can move from a secure to an insecure server or migrate from a secure internal data center to the public cloud. Virtual workload mobility also adds the risk of physical or cyber-theft, where a VM containing mission-sensitive data may be stolen and then reveal all its secrets while running on a generic hypervisor. In spite of this reality, many government agencies and organizations continue to secure virtual environments with legacy security technologies that serve to only increase IT risk.
So what’s needed to overcome this challenge? A solution that mitigates the risks that virtualization and the cloud create, by securing the most important elements in virtualized datacenters – applications and data – against the loss of control in cloud environments.
HyTrust, through its technology collaboration with Intel, has taken this a step further. Built upon Intel® asset tagging and attestation services with root-of-trust supported by Intel’s Trusted Execution Technology (TXT), or Intel TXT, this solution leverages Intel’s TXT to provide processor-level attestation of the hardware, BIOS and hypervisor.
The combination of HyTrust’s policy engine and Intel TXT can enable government and other organizations to set policies ensuring that sensitive applications and data workloads can only run on authenticated trusted hosts, physically located in specific trust zones, data centers, or geographic locations.
Want to know more about how you can enable secure, logical data and workload boundaries, which allow mixed workloads on the same platform without any data contamination? Please read the whitepaper Winning the war on mission-critical security challenges