I have written many times about the need for application-centric data protection and data-centric security. But what these both require is that our data protection, security, management, and networking are data-aware. We use applications, but we thrive on data. The more data we have, the more chance we can make use of it, which has …
Continue reading “Data-Aware Services: Oh, the Places We Could Go!”
When we look at the secure hybrid cloud, there seems to be a missing piece, a piece that is used to validate identity via the role based access control assigned to applications, data, and systems allowed to access that is dynamic instead of normal static firewall rules that are either port or vm-centric. The software defined data center needs security to move with it and not remain static. Yes we could manipulate the rules on the fly, but those manipulations require that we know who is using a particular VM at a given time and in the case of a server, the VM could be used by more than one user at a time, so we need something more dynamic. Privileged access to data needs to be enforced throughout the stack and not just within an application or by encrypting data. This is a key component of the software defined data center.
