nyi-nj-security

How Government IT Uses Virtualization to Lock Down Clouds

Add Your Comments

cloud-security-470

At the core of the cloud and modern IT platforms sits the hypervisor. This technological innovation allows data center operators to  carve up servers resources among numerous virtual machines and services. Virtualization has helped many organizations become more agile and much more efficient.

Today, we’ve come far beyond simple server virtualization technologies, and corporate organizations are not the only ones reaping the benefits of a virtualization infrastructure. Government entities quickly saw the infrastructure benefits of going virtual. However, these benefits weren’t only for the data center; there were key security gains as well. Both federal and local governments still have to process data, support a large number of users, and deliver workloads which are critical to both government and social services. In using virtualization, they are not only improving their data center efficiency, but they’re also gaining greater control over the data that is being delivered.

Government IT needed to look at other ways to deliver cloud-ready workloads to the end-user, and do so securely. Let’s make sure a couple of notes are clear. There are many different types of government organizations. And those with very strict security protocols will be deploying even greater measure to secure their environments. Still, there are numerous data center services which are dedicated to standard government agencies, processing data which helps government operate.

In working with government, IT shops have to abide by much more than just good security policies. In most cases regulations and compliance policies govern how an entity manages their cloud and data platform. This is where virtualization can actually help with a cloud initiative.

  • Creating the Golden Cloud Image. Unlike independent end-points, application and desktops, virtualization can create a truly powerful cloud deployment. The platform can be stored, controlled and secured at the government data center level and can be distributed as needed. In working with virtualization and cloud computing, administrators are able to create golden – locked down – images. Once created, these secured images can be either certified or stored. Changes to that golden image cannot take place unless proper authorization has occurred. End-points and users will always receive this golden image and any changes that the user makes will not be saved. Each reboot will see the original desktop or workload appear. For some compliance-driven agencies, this can save a lot of time during the management process.
  • Incorporating Policies. One of the great things about virtualization, and even cloud computing, is that it can be much easier to deploy security policies to a virtual instance than it is to a physical end-point. Using two-factor authentication, Active Directory and next-generation security technologies can really work to lock down a cloud deployment. In working with virtualization, it’s always important to have proper security policies in place. This is even more vital for agencies which are regulated. Plan out your deployment, understand where virtualization, cloud computing and security are the right fit and incorporate optimal control practices to properly secure the infrastructure.  
  • Using Provisioning and Automation Services. Similar to creating a golden image, provisioning servers (PVS) can take the process several steps further. Aside from just controlling the virtual and cloud environment, provisioning and automation services can control the master image of other servers as well. So, core operational servers can have a golden image, application servers can have one, and you can still have your locked down image for cloud. Aside from being able to lock down a golden image, administrators can test and deploy updates into a sandbox, or development, environment. Prior to releasing an update to a set of cloud servers, an update can be applied to an image placed into test or maintenance mode. Once the testing is complete, and the image is recertified, it can be merged with the live running golden image to create the new master instance. The other big component is the ability to revert. This means that if an update has some negative results (and some inevitably do) administrators are able to roll back the golden image back several iterations to the last known stable image.
  • Staying Compliant. Within government, staying compliant is a job and process all on its own. This is why using intelligent technologies can make the management process much easier. Government IT departments must find ways to deliver applications, desktops, and complete cloud solutions in a more efficient manner which allows them to stay agile and scale the environment as needed. This is why virtualization for cloud computing can really help out. Image certification, the updating cycle, and how images are tested are all simplified by using a core centralized cloud-control instance.

Remember, even though it’s government, there are still IT people, data centers and services to deliver. And since government IT must follow certain types of regulations, it’s important to still try and stay agile within the IT infrastructure. Complacency within any IT shop can be detrimental to growth. So, using virtualization technologies to deliver power cloud solutions (in a smart and efficient manner) can help keep you compliant, scalable and most importantly, secure.

About the Author

Bill Kleyman is a veteran, enthusiastic technologist with experience in data center design, management and deployment. His architecture work includes virtualization and cloud deployments as well as business network design and implementation. Currently, Bill works as the National Director of Strategy and Innovation at MTM Technologies, a Stamford, CT based consulting firm.

Add Your Comments

  • (will not be published)