Alliance addresses cloud computing's missing ingredient
Harris-led teams work on technologies to ensure security of agencies' data
- By Rutrell Yasin
- Mar 16, 2011
An alliance spearheaded by Harris Corp. aims to accelerate adoption of cloud computing by addressing a primary concern of many government agencies and enterprises: trust.
Harris is working with RSA, the security division of EMC, and the Virtual Computing Environment Company (VCE) to jointly develop and market trusted, multitenant cloud solutions to speed up adoption of cloud infrastructure-as-a-service offerings. Multitenant solutions are designed to provide high levels of isolation to the tenants, quality of services and enhanced security throughout a shared environment.
The Harris Trusted Enterprise Cloud is now fully operational and is being scaled to meet the requirements of government and enterprise organizations. The Harris Trusted Enterprise Cloud will be officially launched in May at Harris’ Cyber Integration Center in Virginia, a state-of-the art next generation facility.
Administration releases federal cloud strategy
NIST guide tackles security challenges of public cloud computing
“The whole issue of 'How much do I trust the cloud?' is the single largest impediment, at the end of the day, to [government agencies’ and enterprise organizations’] migration to the cloud,” said Wyatt Starnes, vice president of Advanced Concepts for Harris’ Cyber Integrated Solutions.
Harris and its partners plan on delivering a higher degree of trust where security is one component along with availability and latency of services, he said.
Harris has a long tradition working with government and is looking to offer civilian and defense agencies IaaS offerings, a cloud delivery model in which users can access on-demand processing, storage, networks and other computing resources.
The Defense Information Systems Agency offers DOD users IaaS services via the agency’s private cloud, known as the Rapid Access Computing Environment. However, Harris is not looking to compete with DISA, which has a very specialized audience for its offerings, Starnes said. However, certainly Harris would like to draw in DOD agencies, he said.
There is a lot of interest in how to get civilian and DOD agencies into the cloud, with some people thinking that price is a major hindrance, Starnes said. However, he said\ he thinks the main reason is to what degree organizations can trust that their secure, confidential – and sometimes classified – data can be secure in someone else’s environment.
“We are seeking to set the bar high to attract [those agencies] setting on the side lines,” Starnes.
As part of the strategic alliance, development teams from Harris, RSA and VCE plan to integrate patented Harris trust enablement technologies with VCE’s Vblock Infrastructure Platforms, an integrated IT offering that combines virtualization, networking, storage, security and management technologies. VCE is a converged infrastructure product and solutions company formed by Cisco and EMC with investments from VMware and Intel.
When fully integrated with the Vblock platforms, Harris Trusted Enterprise Cloud will provide continuous monitoring, assurance and certainty that the software and configurations in the cloud environment are deployed and operating according to specification and have not been compromised.
VBlock is essentially a cloud building block, Starnes said. In order to properly use it, Harris and its partners have to infuse new levels of capabilities into the cloud to improve trust in the platform.
Harris is paying close attention to the development of government regulations and security programs related to the cloud, such as the Federal Risk Authorization and Management Program (FedRAMP), a governmentwide authorization and accreditation program scheduled for release this summer.
In some respects, Harris is out in front of some these efforts, Starnes said.
“We are deploying the facility as Security Content Automation Protocol (SCAP)- compliant,” he said, which means that the Cyber Integration Center and Harris Trusted Enterprise Cloud adhere to the latest National Institute of Standards and Technology and National Security Agency security content automation protocols.
“That is the next wave of certification and accreditation in the cloud that gives the Harris Trusted Enterprise Cloud configuration and vulnerability management in an automated way,” he said.
Additionally, Harris is tracking how the Obama administration’s cloud-first policy will impact agencies. As part of the Office of Management and Budget’s 25-point plan for IT reform, agencies have to move three applications to the cloud within 18 months.
Harris officials are very sensitive about agencies' concerns regarding what applications to move and when is it safe to move them to the cloud. Harris hopes to reduce some of the perceived and actual hurdles by building a higher standard of assurance, compliance and security into its cloud platform, Starnes noted.
Other players in the field also are fortifying their cloud platforms.
For example,Verizon in January agreed to acquire IT and cloud services company Terremark Worldwide. Verizon plans to provide its enterprise and government users with secure, scalable on-demand solutions through a unified enterprise IT platform.