Security Compliance for Cloud Assets
Study after study shows that security is still the biggest barrier to cloud adoption, with compliance and data protection being two of the top concerns for the Chief Information Security Officer (CISO). Enterprises often have a need to enforce policies (based on data sovereignty requirements) that a virtual workloads can only be placed or migrated to specific geography location.
Enterprises need to show the location of the server that the workload is running on, to satisfy the requirements of government and industry regulators. Some others want to launch VMs/Apps/Containers on Servers with Boot Integrity – Platform Trust, while some have a need to extend the chain of trust from platform to workload (VM/Container).
The session featured a customer case study from Visa with technologies from Cloud Raxak (RaxakProtect Security Compliance Platform), Hewlett Packard Enterprise (Helion OpenStack Private Cloud, Proliant Gen 9 servers) , and Intel (CIT, TXT and TPM). The companies demonstrated how Hardware Assured Security Compliance can enable regulated business in financial services, the payment card industry, and retail to achieve continuous compliance with Payment Card Industry-Data Security Standard (PCI-DSS).