Neil MacDonald

A member of the Gartner Blog Network

Neil MacDonald
VP & Gartner Fellow
15 years at Gartner
25 years IT industry

Neil MacDonald is a vice president, distinguished analyst and Gartner Fellow in Gartner Research. Mr. MacDonald is a member of Gartner's information security and privacy research team, focusing on operating system and application-level security strategies. Specific research areas include Windows security…Read Full Bio

Coverage Areas:

From Secure Virtualization to Secure Private Clouds

by Neil MacDonald  |  October 13, 2010  |  3 Comments

I’ve been out the last week travelling in preparation for Gartner’s US Symposium conference. I’ll be involved in multiple sessions (including interviewing Steve Ballmer). One presentation I’m giving is on how information security is evolving to become context aware and adaptive. Another presentation I am giving is on how cloud-based computing has the potential to be more secure than what we have today.

I’ve been doing quite a bit of research on how information security must evolve to support virtualization and cloud-based computing. While the fundamental principles of information security don’t change, how enterprises provision and deliver security services must change.

I’ve talked about some of these changes in previous posts – for example, the necessary switch to policies based on logical, not physical, attributes and the necessary requirement for information security infrastructure to become context aware.

I’ve just published a research note titled “From Secure Virtualization to Secure Private Clouds” for clients that outlines the changes necessary in security infrastructure to enable your organization to move from secure virtualization to secure private clouds.

I hope to see many of you next week in Orlando to discuss these ideas in person.

3 Comments »

Category: Cloud Cloud Security Next-generation Data Center Next-generation Security Infrastructure Virtualization Virtualization Security     Tags: , , , ,

3 responses so far ↓

  • 1 Manny | Schecter Hellraiser Solo 6   October 13, 2010 at 12:22 pm

    The inability to ensure that privacy and security concerns are planned for and executed properly with cloud based environments has kept the federal government from being able to outsource much of their cloud needs. It will be interesting to see what the next five years brings so that maybe some breakthroughs will help bridge these major gaps that exist today.

  • 2 Neil MacDonald   October 13, 2010 at 5:38 pm

    @Manny –

    Agreed on public cloud which is why I focused my initial research on securing private cloud infrastructure.

    With the federal government, there are multiple initiatives underway to build “community” clouds (semi-private) to help address some of the gaps of public cloud computing.

    Back to private cloud. What we are finding is that most organizations have efforts underway to deliver the benefits of Cloud computing in their own data centers – “private cloud”. To support this change, security must change as well – just as we had to change to support the initial move to virtualization.

  • 3 Cloud Computing   October 13, 2010 at 5:39 pm

    Securing the cloud and virtual environments is one of the major concerns with many clients and end users. I hope cloud providers and virtualization vendors can come up with solid cloud security solutions and address issues raised by customers. Many clients today see cloud security as a missing piece in the “cloud puzzle” and often are reluctant to take up the project.

    Looking forward to the symposium!

    http://www.virtualization.net