The fallout from the NSA leaks has forced service providers to question the way they handle cloud security, with some looking to add another layer of defense on top of encryption. This issue of data sovereignty is also pushing technologies that allow firms to specify where they don't want to store their data.
In the post-Snowden era, Paul To, Spirent’s director of SDN and cloud, asked what is the trust level of encryption?
During a panel session on cloud security at a recent NetEvent’s conference near San Jose, To said he sees an opportunity for the industry to add another layer of security and defense on top of encryption, because he thinks encryption isn’t going to be the only answer.
“There are things like being able to have a policy engine where I can specify where I don't want to locate my storage and VMs. Maybe I want to avoid a certain geo-political region.”
To noted that the technology to do geo-location is there, but he’s not sure service providers are adopting it for security/privacy reasons, but added that European providers are showing interest in geo-political, co-region based cloud providers.
“There's going to be a need for this kind of policy based enforcement of where I want to locate my VM [virtual machine] and data and also where I want my data communication path to flow.”