The Insider's Guide to Next-Generation BPM
By Ellen Rubin, Founder & VP Products, CloudSwitch , 03/26/2010
Print this article
Email this article
Talk Back!
Write to Editor
Editor's note: What are the best practices in moving data to the clouds? Learn more here!
Many companies would like to take advantage of cloud computing, but concerns about possible security breaches and loss of data hold them back. For cloud computing to gain traction in the enterprise, IT and security executives need to be certain that their company's applications and data are safe. But when security is partly out of enterprise control, it becomes impossible to know if sensitive information has been accessed or compromised.
Security issues associated with third-party cloud environments continue to prevent organizations from taking advantage of the cost savings and flexibility that the cloud can offer. Today, using a public cloud means moving from an internal environment where a company has complete control of data and processes to an environment where that control belongs to someone else, and is often opaque. Within the cloud, applications run in a multi-tenant environment sharing virtual machines with other customers. Companies considering moving an application to a cloud have legitimate concerns about data being compromised or stolen, including unauthorized access by cloud administrators, exposure in the Internet or rogue employees using the cloud to corrupt or leak sensitive information.
One solution is to keep sensitive data within the corporate data center and put the other application tiers in the public cloud. While this approach works well for some use case scenarios, the latency impact of the "reach back" into the data center can be unacceptable for many applications and users. Moving the entire application to the cloud -- including the database tier -- provides better performance and scalability, but this exposes the application to new potential threats such as those mentioned above.
Encryption is a well-known approach to addressing these types of security concerns. For protection in the cloud, the enterprise needs to encrypt all data and communications. While encrypting the application in the initial environment is usually fairly straightforward, extending that encryption to the cloud creates new security issues that have blocked many cloud deployments. In order to run the application in the cloud, the enterprise needs to deliver the encryption keys to the cloud to decrypt the data. This creates additional risks by exposing the keys in the operating environment. In the worst case, poor encryption configuration and management can expose the corporate data center to threats from the cloud.
-1-
Smart Case Management: Why It's So Smart.
Data Virtualization: Putting Your Data to Work for Your Cloud, BPM, MDM, and SOA Projects
Live Discussion: Smart SOA Governance-A Look at Successful Case Studies
The Right Way to Do Data Integration for Composite Applications
The new frontier for life sciences & beyond: Specializing HPC clusters in the cloud: Part 2 
The new frontier for life sciences & beyond: Specializing HPC clusters in the cloud: Part 1
Disaster recovery virtualization vs. cloud
Five Imperatives for Extreme Data Protection in Virtualized Environments
Business Process Assurance: Ensuring Critical Business Processes Are Executed Without Disruption
Concepts and Considerations in Highly Available Data Storage Design
March 10, 2011
The sixth annual BPM in Action 2011 Virtual Conference will explore cutting-edge market developments in BPM and describe how to leverage them for improved business operation and performance. More
Date:Nov 05, 2009
Time:12:00 PM
ET- (17:00 GMT)
Date:Oct 29, 2009
Time:13:30 PM
ET- (17:30 GMT)
In part two of Joe McKendrick's recent podcast with Miko Matsumura, chief strategist for Software AG, they talk about how SOA and IT systems need to change and grow and adapt with the organization around it.
Listen Now
Phil Wainewright interviews David Vap, VP of products at RightNow Technologies, and finds out how sharing best practices can help businesses understand how best to engage with online communities.
Listen Now
Scott Hebner, Vice President of Marketing and Strategy for IBM Rational, discusses a topic on the top of every company's mind today: getting the most from IT investments.
Listen Now
In BI, this tough economy and the increasing role of Web 2.0 and MDM are certainly topics on people's minds today. WiseAnalytics' Lyndsay Wise addresses each of them in this informative podcast.
Listen Now
Deepak Singh, President and CTO of Adeptia, joins ebizQ's Dennis Byron in a podcast that gets its hand around the trend of industry-specific BPM.
Listen NowSmart event processing can help your company run smarter and faster. This comprehensive guide helps you research the basics of complex event processing (CEP) and learn how to get started on the right foot with your CEP project using EDA, RFID, SOA, SCADA and other relevant technologies. Learn More
A lot of people are talking about Enterprise 2.0 as being the business application of Web 2.0 technology. However, there's still some debate on exactly what this technology entails, how it applies to today's business models, and which components bring true value. Some use the term Enterprise 2.0 exclusively to describe the use of social networking technologies in the enterprise, while others use it to describe a web economy platform, or the technological framework behind such a platform. Still others say that Enterprise 2.0 is all of these things. Learn More
|
|
This new publication from our sister site SearchSOA.com explores workflow, business activity monitoring (BAM) and complex event processing (CEP) issues. |
|
|
