Gartner Blog Network

From Secure Virtualization to Secure Private Clouds

by Neil MacDonald  |  October 13, 2010  |  3 Comments

I’ve been out the last week travelling in preparation for Gartner’s US Symposium conference. I’ll be involved in multiple sessions (including interviewing Steve Ballmer). One presentation I’m giving is on how information security is evolving to become context aware and adaptive. Another presentation I am giving is on how cloud-based computing has the potential to be more secure than what we have today.

I’ve been doing quite a bit of research on how information security must evolve to support virtualization and cloud-based computing. While the fundamental principles of information security don’t change, how enterprises provision and deliver security services must change.

I’ve talked about some of these changes in previous posts – for example, the necessary switch to policies based on logical, not physical, attributes and the necessary requirement for information security infrastructure to become context aware.

I’ve just published a research note titled “From Secure Virtualization to Secure Private Clouds” for clients that outlines the changes necessary in security infrastructure to enable your organization to move from secure virtualization to secure private clouds.

I hope to see many of you next week in Orlando to discuss these ideas in person.

Category: cloud  cloud-security  next-generation-data-center  next-generation-security-infrastructure  virtualization  virtualization-security  

Tags: adaptive-security-infrastucture  cloud-security  next-generation-data-center  next-generation-security-infrastructure  virtualization-security  

Neil MacDonald
VP & Gartner Fellow
15 years at Gartner
25 years IT industry

Neil MacDonald is a vice president, distinguished analyst and Gartner Fellow in Gartner Research. Mr. MacDonald is a member of Gartner's information security and privacy research team, focusing on operating system and application-level security strategies. Specific research areas include Windows security…Read Full Bio

Thoughts on From Secure Virtualization to Secure Private Clouds

  1. The inability to ensure that privacy and security concerns are planned for and executed properly with cloud based environments has kept the federal government from being able to outsource much of their cloud needs. It will be interesting to see what the next five years brings so that maybe some breakthroughs will help bridge these major gaps that exist today.

  2. Neil MacDonald says:

    @Manny –

    Agreed on public cloud which is why I focused my initial research on securing private cloud infrastructure.

    With the federal government, there are multiple initiatives underway to build “community” clouds (semi-private) to help address some of the gaps of public cloud computing.

    Back to private cloud. What we are finding is that most organizations have efforts underway to deliver the benefits of Cloud computing in their own data centers – “private cloud”. To support this change, security must change as well – just as we had to change to support the initial move to virtualization.

  3. Securing the cloud and virtual environments is one of the major concerns with many clients and end users. I hope cloud providers and virtualization vendors can come up with solid cloud security solutions and address issues raised by customers. Many clients today see cloud security as a missing piece in the “cloud puzzle” and often are reluctant to take up the project.

    Looking forward to the symposium!

Comments are closed

Comments or opinions expressed on this blog are those of the individual contributors only, and do not necessarily represent the views of Gartner, Inc. or its management. Readers may copy and redistribute blog postings on other blogs, or otherwise for private, non-commercial or journalistic purposes, with attribution to Gartner. This content may not be used for any other purposes in any other formats or media. The content on this blog is provided on an "as-is" basis. Gartner shall not be liable for any damages whatsoever arising out of the content or use of this blog.