HPC in the Cloud

Dedicated to Covering Enterprise & Scientific Large Scale Cloud Computing

 
HPC in the Cloud >> Blogs

Blog: Behind the Cloud

Behind the Cloud | Main Blog Index

July 28, 2010

Digital Breadcrumbs: Audit Trails in the Cloud


Data verification, audit trails, e-discovery, and compliance officers are all terms very familiar to the enterprise  market, and the larger the organization, the more focus there is on ensuring a fully compliant computing environment.   The end game is always the same – ensuring a company that can withstand any kind of public or private scrutiny, and a business that that delivers strong ROI for its stakeholders. 

Most enterprises are required to maintain strict data retention policies for up to 7 years and often beyond.  Still, large companies are not the only ones that are subject to regulation or compliance requirements. Their smaller mid-market counterparts are just as likely to be subjected to strict guidelines and scrutiny when it comes to their backed up and archived data. 

Typically, mid-sized and enterprise organizations can easily prove data integrity and assurance to a compliance officer, auditor or stakeholder, because they can show where their data physically resides and who has direct access to it. The ability to walk an auditor into the server room, show the rack that holds the server drives that holds the organizations data and the “who has access” list has for years been the standard practice for a data audit trail.
      
Now, however, with the emergence of the public cloud, the world of data assurance has dramatically changed.  For example, if an organization were to archive its data to Amazon’s S3 cloud and a year from now needed to provide an audit list, they would find themselves in a precarious situation.  The company couldn’t simply knock on Amazon’s door and ask to see who accessed its data during the last 3 years.   public clouds weren’t  designed for that. They are built to provide easy access to lots of data (securely of course) through multiple tools and points. 

 The ability to audit, or audit ability, is critical and is lacking in the public cloud.

There are 3 key areas that an enterprise needs to assess when they look at utilizing the public cloud to store their data:
 
        1.      Regulatory compliance and the ability to audit their data

        2.      Vendor Lock-in

        3.      Information control and access

Regulatory compliance and the ability to audit data  

Storage and cloud companies are starting to take this matter seriously as they realize that simple data warehousing is not the solution.  The realization is setting in that digital breadcrumbs, and file and session tagging will become the key to enterprises confidently adopting available cloud technologies.  Look for solutions from companies focusing on this space to emerge in 2010, and as they do so, the landscape for data storage assurance will change dramatically. 

Businesses will then flock to the cloud knowing they can store their data in an auditable and compliant manner, and can rest assured that any e-discovery requirements or compliance tests  they encounter can be easily accommodated with confirmed receipt of when the data was stored, by whom and that it has not been touched since the date it was archived.  

Vendor lock-in

Vendor lock-in is always a big challenge for the enterprise and something that always needs to be considered when faced with a purchase decision.  Past situations where companies where forced to pay for years for upgrades and updates to a vendor’s proprietary software is often top of mind of many CIOs and CFOs.  In today’s world with so many choices and a constantly and rapidly changing technology landscape, companies should strive to ensure that they don’t get locked into one particular vendor, particularly when it comes to anything cloud.   Put simply, CIO’s need to ensure that they can easily migrate their data to their vendor of choice, when they want, under terms that are never punitive.  And those operating in the cloud industry and serving the mid and enterprise markets need to be able to provide portability of their stored data from one cloud to another should the customer want this. 

Information control and access

Information control and access have always been requirements within the enterprise network, and most vendors have provided for rich feature sets and capabilities within their data and document management tools.  With single admin access and no advanced capability to tier access to the data, cloud providers are going to need to step up in a similar way if Enterprises are to adopt Cloud storage solutions.  The alternative is for cloud and storage vendors to take this responsibility on themselves and build out their own access management tools that tie into the public clouds.  Look as well to recent industry announcements for advances in the control and access space and for solutions that allow the enterprise to garner the control they need and are accustomed to.

Posted by Joshua Geist - July 28 @ 11:00AM, Eastern Daylight Time

(Digg, Technorati, more)

Discussion

There are 0 discussion items posted.  

Sponsored Links

Joshua Geist

Joshua Geist

Joshua Geist is the founder and CEO of Geminare Incorporated, an innovator in cloud-based enablement technologies for the Recovery as a Service market. Combining a degree in Physics with over 20 years of technology experience, Joshua's passion lies in solving technology challenges for the mid-sized business market.

More Joshua Geist



Recent Comments

Re: Virtualization is Not Cloud...But Does Make It Shine by pcalcada

Re: Virtualization is Not Cloud...But Does Make It Shine by miha123

Re: Virtualization is Not Cloud...But Does Make It Shine by dparrilla

Re: Virtualization is Not Cloud...But Does Make It Shine by Scott

renewable energy powered IT by Paul Halsey

Re: HPC, the Cloud, and Core Competency by Scott

I agree with Scott by null

Excellent post Miha! by apurkiss

Cloud Adapter by miha123

Fresh air at Univa by miha123

Re: Elite HPC and the Cloud Culture Clash by Badri

Consistent with what I've been seeing by rgillen

Presentation available by in_the_crease

IB EDR is 104Gb/s by in_the_crease

IB EDR is 104Gb/s by in_the_crease

Of a simple number and overflow by Wolfgang Gentzsch

Of Number and Overflow by jbernstein

Parallelism by Scott

ISV part 2 by ScottClark

ISV part 1 by ScottClark

Impact on the ISV community? by peterdenyer

Parallelism by Ron Van Holst

Why we chose Cloud Computing (part 2) by JonathanWeedon

Why we chose Cloud Computing (part 1) by JonathanWeedon

about vmware by faheem

Feature Articles

On Par for 2 Billion: 3PAR Discusses Cloud Strategy

Storage vendor 3PAR has been at the heart of an intense bidding war between HP and Dell due to its unique refinements and developments in virtualized storage platform concepts. Thin provisioning and a focus on the needs of large-scale enterprises and cloud providers have catapulted the company into the public eye but as 3PAR's Craig Nunes discusses with HPC in the Cloud, the cloud strategy has been consistent since 1999--even if the world is just taking notice now.
Read More...

Busting the "Cloud in a Box" Myth

The concept of private clouds is gaining traction and due to the buzz, more enterprises are taking a much closer look at the possibility—if they haven’t taken steps to virtualize some or all of their infrastructure already. For those who have not yet made the transition, a lack of understanding of the complex process behind private cloud implementation is at the core of hesitancy, therefore vendors are looking for ways to convince users to fear not, the private cloud is not only within reach—but simple to step into.
Read More...

Achieving Ultra High Performance in the Cloud

Companies in competitive domains, such as financial services, create large data repositories containing significant amounts of data collected from daily operations. Using supercomputers to analyze these massive datasets might yield the highest level of performance, but this is prohibitively expensive. Using proprietary, custom-built HPC atop cloud environments is also a viable option--although one that does come with a series of drawbacks that must be mitigated to achieve critical performance levels.
Read More...

Around the Web

Application Flexibility and the New Enterprise Architecture

Aug 31 | Application delivery strategies must be shaped with flexibility in mind as the number of platforms delivering core applications is bound to change with time. Since a greater number of devices and platforms are entering the infrastructure mix, those who do not adapt quickly face being locked into strategies that do not mesh well with new developments. Read more...

A Maturation Stage for Storage Virtualization

Aug 27 | Storage virtualization has been gaining momentum as it moves from concept to practice but some suggest the offerings in this realm have not matured sufficiently and require a longer maturation process before wider adoption occurs. Read more...

HP Seeks to Boost Cloud Service Automation Capability

Aug 27 | Although it was lost in the chaos of the 3PAR bidding war between, HP announced news that it acquired cloud service automation firm Stratavia to bolster its cloud management offering and further its strategy in the arena. Read more...

NASA CIO Weighs in on Nebula, Public Clouds

Aug 26 | In an interview from the NASA IT Summit last week, the agency's CIO, Linda Cureton weighs in on developments with Nebula platform and the adoption of the open source code by other agencies looking to the cloud. Read more...

Facing the Realities of Private Cloud Building

Aug 24 | While private clouds are getting far more attention than they received at the beginning of the cloud buzz boom, the realities of the complexities of actual building them--not to mention the financial and time investments--are often overlooked. Read more...

Featured Whitepapers

Increase IT Performance from the Enterprise to the Cloud with WAN Optimization

Aug 30 | | Enterprises face a paradox today: while workers become increasingly distributed, IT infrastructure is rapidly consolidating. Virtualization has made it possible to create consolidated, elastic pools.

Grid Computing in the Cloud White Paper

May 14 | | Empower business users, scientists and researchers with their own grid computing infrastructure in the cloud.

Multimedia

Webcast: Storm Clouds - Security Issues in the Cloud and How to Address Them

This Webinar will highlight the four critical areas of concern when securing cloud infrastructure services and managed enterprise applications.

Webcast: Confronting HPC Cloud Computing Security Concerns

Escalating energy and operational costs of building and maintaining data centers are forcing enterprises to adopt cloud computing models. But are Infrastructure as a Service (IaaS) solutions like IBM's Computing on Demand (CoD) really cost effective? Join the discussion as industry experts discuss how you can exploit cloud computing for maximum ROI.

Blogs by Topics

Blogs by Author

Cloud Blogroll



Featured Events

Cloud Expo Live
High Performance Computing Financial Markets
2010 Cloud Computing Conference
Cloud Summit
SC10
  • November 13-19, 2010
    SC10
    New Orleans , LA
    USA

Home | Around the Web | Features | Blogs | HPC Cloud Markets | Events | Job Bank | About HPC in the Cloud | Contributors | Editorial Calendar | Reprints | Site Map | Write for Us | Multimedia | Subscrbe | Virtualization | Networking | Public Clouds | Private Clouds | Storage | Research | Applications | Cloud Management | Security | Standards | Compliance | Datacenters | Hardware | Backup / Recovery | Vendor News | Use Cases | Other Topics | Whitepapers
HPC in the Cloud
Tabor Communications
Tabor Communications