Every business is trying to save money and reduce complexity in their IT departments, and many are accomplishing this today by using virtual machines such as VMware and moving to the cloud. With these technologies they can consolidate resources and “rent” space in the cloud to run their applications. However, this can be a dangerous move for businesses with applications and servers that contain sensitive information that must be protected under industry regulations such as PCI-DSS, GLBA/FFIEC, and HIPAA/HITECH. That’s why encrypting this data in virtual environments and in the cloud is critical.
However, businesses need to remember that encryption is only half of the solution. They must securely manage their encryption keys as well. How can they accomplish strong key management in a VMware instance, you ask? With virtual encryption key management, of course.
Virtual encryption key management is available to VMware users, and will make your decision to move to virtual environments easier than ever. If your concern over data security is preventing you from using a virtual environment, there are 7 reasons why choosing a virtual key manager can help you make that step.
1. Strong and defensible security in the virtual world - Encryption key management is required or strongly recommended by most industry regulations. This is because in today’s cyber environment, just using strong passwords and firewalls to deter hackers is not enough. Encrypting data at it’s source and using strong key management is the only way to prevent data loss and exposure. If a hacker or malicious users gain access to the encrypted data, and the keys are protected, then the data will be “scrambled” and useless to the intruder.
2. Less expensive - Virtual environments were designed to help businesses reduce costs and complexity by allowing them to run multiple operating systems on a single piece of hardware Instead of having to buy a hardware system for each operating system. The cost of virtual key management is also less expensive since it has no hardware components and is installed directly onto the virtual platform.
3. Less complex - Without the burden of hardware, virtual encryption key management is easier to deploy than the traditional hardware security module (HSM).
4. Helps you meet compliance - If meeting compliance regulations is a concern, encryption key management for VMware will get you in line with several compliance requirements such as PCI-DSS and GLBA/FFIEC. You should always use NIST FIPS 140-2 compliant key management software to ensure your key management meets the highest standards.
5. Data protection where you need it - Every business’ IT environment is different. Even if you are moving to a virtualized environment for most of your applications, you may still want to run some databases and applications with very sensitive data on their own dedicated servers. If you choose to, you can manage your encryption keys for that data using the virtual key manager as well.
6. Virtual HA and failover - With virtual encryption key management you can choose to use virtual machines for your high availability (HA) and/or failover key managers as well. Of course you can always choose the option of using an HSM for these services as well.
7. Prepares you to move to the cloud - The amazing thing about virtual environments is that once you have your data center running in them, moving them to the cloud is a piece of cake. In fact, VMware supports a direct move from VMware to vCloud. Many businesses with sensitive data opt for a private cloud option which offers a little more peace of mind; however, most cloud providers including public vCloud are acceptable if you are using encryption and strong key management to protect your data in the cloud!
Townsend Security’s Alliance Key Manager for VMware enables enterprises to lower operational costs, meet compliance requirements, deploy encryption key management in the cloud, and accelerate deployment of mission critical security technology through a virtualized encryption key manager. Alliance Key Manager for VMware supports VMware ESX, VMware vSphere (ESXi), and vCloud Townsend Security is a VMware Technology Alliance Partner (TAP).