Mountain View, Calif. – June 28, 2016 – HyTrust today announced successful collaboration with industry leaders including NIST, Intel, RSA and VMware on the development of NIST IR 7904 and a proof of concept blueprint that can be used to implement trusted geolocation in the cloud.
Heavily virtualized environments like software-defined data centers (SDDC) and IaaS environments enable the dynamic movement of virtual machines to different physical hosts – a process that ensures optimal efficiency and agility but also makes it more difficult to control and enable where a particular virtual machine or workload may execute.
Trusted geolocation implementations allow control over where a virtual machine or workload is deployed, and allowed to execute. They rely on either hardware-based tags that are provisioned and integrity protected with Intel Trusted Execution Technology (TXT) and a Trusted Platform Module (TPM) or software-based tags to tie virtual machines to specific physical hosts. This foundational functionality has many different applications including compliance with data sovereignty and privacy requirements as well as enhancing security against internal and external threats.
“The NIST IR 7904 proof of concept effort is an excellent example of government and industry working together to drive innovation,” said Donna Dodson, chief cybersecurity advisor in NIST’s Information Technology Laboratory and director of its National Cybersecurity Center of Excellence. “With deep expertise from both the public and private sectors, we’ve been able to develop a useful blueprint to help organizations keep track of where their data reside in the cloud.
“In a world where it is increasingly assumed that any virtual machine can run anywhere, security controls are needed that can enforce placement/instantiation policy for where and how workloads are deployed. HyTrust solutions today address many of these security challenges and we are always looking ahead and working with organizations like NIST and Intel to develop technologies and blueprints for tomorrow’s challenges,” said Hemma Prafullchandra, CTO and EVP Products at HyTrust.
To learn more about the HyTrust BoundaryControl solution and how trusted geolocation is used to enforce policy-based virtual machine deployment and en/de-cryption visit:
- HyTrust Boundary Control (Video)
- ESG’s Jon Oltsik on Virtual Security with Boundary Controls from HyTrust and Intel
- Building Trust and Compliance in the Cloud with Intel TXT
- NIST IR 7904: Trusted Geolocation in the Cloud (HyTrust Blog Post)
HyTrust’s mission is to make private, public and hybrid cloud infrastructure more trustworthy for enterprises, service providers and government agencies. HyTrust provides solutions that automate security controls for software-defined computing, networking and storage workloads to achieve the highest levels of visibility, granular policy control and data protection. Areas of focus include the automation of security controls for infrastructure management, workload encryption and key management, infrastructure integrity checking and global workload placement and migration.
HyTrust customers benefit from being able to accelerate cloud and virtualization cost savings while improving their security posture by automating and enforcing security policy in real time, adapting quickly to compliance requirements, and preventing unplanned outages.
Headquartered in Mountain View, CA, HyTrust is backed by the leading providers of strategic IT infrastructure including VMware, Cisco, and Fortinet; by the vanguard of innovative solutions for the intelligence community, In-Q-Tel; and by a world class group of financial investors including AIT Ventures, Granite Ventures, Trident Capital and Vanedge Capital.