Cloud Security Summit: The Trend Micro perspective

I’m blogging this morning from CSO’s Executive Seminar Series on Securing the Cloud in Santa Clara, Calif., where security practitioners have gathered to discuss their greatest risks and how to overcome them.

Next up on stage: Dan Reis, director of U.S. product marketing for Trend Micro. The vendor’s moves in cloud security have been extensive of late. In March, during a visit to CSO’s office in Framingham, Mass, CEO Eva Chen explained why she sees cloud computing as one of the biggest security enablers of all time.

Sign up today.

Get your morning news fix with the daily Salted Hash e-newsletter!

Of two product announcements Trend Micro made at the time, Chen said her company’s strategy is to help enterprises benefit from virtualization and cloud computing without bruising their security. Trend Micro unveiled SecureCloud 1.1 for enterprise data protection through encryption in the cloud, and Deep Security 7.5 Update 1.

Here’s a more technical description of the product releases, pulled from the materials Chen brought along:

Trend Micro SecureCloud enhances and extends the customer’s security and data protection as it evolves from virtualization to private and public clouds. Through the use of encryption and policy-based key management, SecureCloud protects data in the cloud and allows the flexibility to move between cloud vendors without being tied to any one provider’s encryption system.

SecureCloud gives control over how and where data is accessed by authenticating the identity and integrity of servers requesting access to secure storage volumes. It defends information against unauthorized disclosure or theft, helps ensure compliance with encryption requirements and automatically facilitates the release of encryption keys.

Advances delivered in this latest SecureCloud release give enterprises additional control over their cloud data. Now customers can manage their encryption keys for Amazon EC2, Eucalyptus and VMware vCloud environments from Trend Micro’s hosted SecureCloud service or from a SecureCloud key server running in their own physical data centers.

Trend Micro Deep Security provides advanced protection for virtualized systems. The current version of Deep Security announced in August 2010 (please see press release here) added agentless anti-malware to an array of other specialized security technologies comprising IDS/IPS, web application protection, firewall, integrity monitoring and log inspection modules. Deep Security is tightly integrated with VMware vShield Endpoint, thereby allowing Trend Micro to provide anti-malware and intrusion prevention for VMs in an agentless manner without requiring a third-party agent to be installed on each VM, thereby consuming fewer VMware vSphere system resources and enabling higher VM densities.

In his talk, Reis covered the following ground:

Cloud security should, among other things

–Encrypt data

–Manage encryption keys

–Authenticate servers requesting data access

–Audit, alerts and reports on key delivery services

Things to worry about with cloud computing

–Who can see your information?

–Where is your data traveling?

–Who is attaching to your volumes?

–What happened when you weren’t looking?

–Are you locked into a single security solution?

–Who has access to your keys?

–Are your security devices recycled securely?

All questions companies will continue to grapple with for some time to come.

–Bill Brenner

one-stop view of latest business threats. We created it for you! Bookmark it! Use it!

CSO’s Daily Dashboard gives you a