In a previous post, Rethinking Data Security in the Public Cloud, I alluded to a Private Cloud management post. So in spirit of SecureDoc Version 6.1—let’s talk Private Cloud (or #PrivateCloud to all of you Twitter geeks like me).
Plainly understood, the Private Cloud is basically a model of providing services similar to that provided by online internet based services, but visible only to the Enterprise. The clients are the multiple departments that make use of these centralized services.
Private Cloud is generally managed as an amalgamation of two differing IT infrastructure management models: Centralized and De-centralized.
The Centralized Cloud contains all resources and services so that there is no redundancy and there is consistency across the departments. However, managing private cloud in this way puts immense pressure on the single group of IT Admins to be on top of the macro and micro details of managing stored information. They may choose to manage the Enterprise centrally with the best intentions, but they may also lack the thorough understanding of the departmental requirements necessary to manage and protect the Enterprise’s individual departments on a day-to-day basis.
This is in contrast to the De-centralized Model that segments the role of the administration. This decentralization delegates administrative responsibilities to the multiple departments, but sacrifices consistency and cross-departmental communication.
I’m very excited about this as WinMagic has just recently launched our Private Cloud-ready encryption management solution; SES Web: a web based management interface for SES, SecureDoc’s encryption policy and key management server. It combines both the centralized and de-centralized model that makes it relevant for Private Cloud deployments.
The new SES Web centrally deploys a single SES server to have a consistent set of policies applicable to controlling the encryption of all devices within the Enterprise. Central administrators can delegate administrative tasks to departmental admins including: limited admin rights and folder accessibility. Now the nosey people in the Marketing Department can’t access your information goldmine in the Development department (please don’t kick me off this blog Marketing Team). Additionally, with limited admin rights, the Administrators of the Marketing or Development department are prevented from doing certain tasks which only the central administrator is allowed to do.
The first screenshot below illustrates how a central admin can configure the rights of Mike_Admin, a departmental admin of the Development department of a company:
In the next screenshot below, Mike_Admin is limited to only manage the Development department’s policies pertaining to users, devices and keys:
SES Web also, conveniently, allows admins to access the SES interface from any device as the interface is web based. Imagine the power you will wield…you can open any computer or device connected to the enterprise network and access the SES Web Console through the browser to make updates and set policies.
Have you upgraded to SES Web yet? What are you biggest Private Cloud challenges that pertain to data security? Tell me what you think by either commenting below or on Twitter with #SESWeb.