The dark side of the Cloud: Eyjafjallajökull eruption (takk Ole-Kristian Sivertsen, RES)

At Synergy 2011 I made the case that the biggest barrier to the adoption of service-provider offered cloud services is the (understandable) lack of trust on the part of enterprise customers. Clouds are viewed as risky, and potentially insecure, at a time of rising cyber-crime, and there is also the issue of reliability. Here’s a quick summary:

  • I challenged the perception that enterprises are more vulnerable to infrastructure failure when using cloud based services than if they build their own private clouds. The opposite is in fact true.  Any credible cloud provider will do a better job of running their infrastructure via automation, than a human-powered IT org.  The most successful cloud service providers will  be those that can assemble the skill-set required to develop the complex software required to correctly automate the delivery of services across hundreds of thousands or millions of components – much like the few successful vendors of complex systems such as jet airplanes.  Small providers that simply purchase software from an enterprise software vendor without a deep understanding of its capabilities and limitations will do no better than the average enterprise IT shop in delivering highly available infrastructure.  I recommend that customers use two vendors of cloud infrastructure (whether for building their private clouds or when selecting service providers) to mitigate the risks in the event of failure of any one.  Finally, we need a new focus on the architectural principles of application design for the cloud, to ensure that apps are robust to the effects of infrastructure failures.
  • I believe that cloud providers need to create an organization with a charter similar to that of the FAA in the air travel industry: Independent oversight of cloud services to ensure that customer concerns for safety and security are the foremost concerns of their providers.
  • I think that the network layer is in reasonably good shape, other than the lack of security in many Internet protocols (such as BGP) and over reliance on manual procedures (For attacks see here.) You might therefore want to use a dedicated link to your cloud provider and your traffic should always be encrypted in flight.  I also showed how Citrix can help to “enterprise up” the cloud via is adoption of the OpenVSwitch in XenServer and with its rich cloud-centric networking portfolio, including:
    1. NetScaler Cloud Bridge to securely connect the enterprise private cloud to provider-operated infrastructures,
    2. NetScaler Cloud Gateway for SSO and secure employee access to any cloud service used by the enterprise, and
    3. NetScaler MPX, SDX and VPX to protect and secure the delivery of desktop, enterprise web or SaaS based services to employees or customers over any network
  • While CIOs have many valid concerns about the security of their data in third party clouds, I do think we (collectively) understand how to address most of them at a technical level.  I think fears are always hard to change, and if we are going to make progress we have to openly and actively work to give customers confidence.  It is not unreasonable to expect that customer  data is encrypted at all times in the cloud, other than when it is being processed by a known-good application/workload. Crypto must be managed using keys provided by the enterprise or a trusted third party (not the provider).  Use of TPM/TXT facilitated attestation as to the correct posture of the infrastructure itself, combined with fast crypto and well established procedures for key management are fundamental requirements.
  • Finally, I observed that the majority of attacks on enterprise infrastructure occur via compromised enterprise clients.  I cited by way of example the recent RSA attack, and the first Chinese attack on Gmail. You can’t protect your cloud unless you protect your clients, so the same infrastructural requirements therefore apply to enterprise clients: TPM/TXT based attestation and continuous protection of the computing environment, encryption at rest for all data, and  granular isolation of employees’ personal and corporate activities, such as afforded by XenClient, can help to reduce the attack surface.

Whether you cast these challenges into the context of the consumerization of IT, cloud computing, desktop virtualization, data loss prevention or a broader lack of security, the technological challenges remain the same.  There is an urgent need to dramatically shift the odds in favor of the good guys, and I remain firmly of the view that virtualization can offer a new toolset that can help to deliver a more secure and trustworthy computing infrastructure. So much so, that with the goal of delivering trustworthy infrastructure for the cloud Era, Ian Pratt and I have announced today that we are leaving Citrix to join Gaurav Banga (the creator of  Phoenix Hyperspace) to co-found a new company, Bromium, Inc..

Bromium is not ready to disclose its technology or products.  We are fusing deep virtualization and security systems DNA to build a powerful set of tools that can offer continuous endpoint protection.  Bromium does not intend to compete with any virtual infrastructure or security vendor.  There is much more to tell, but we have a lot of work to do first.

Bromium is proud to have as investors Andreessen Horowitz (board member: Peter Levine), Ignition Partners (board member: Frank Artale) and Lightspeed Venture Partners.  We are also proud to welcome George Kurtz, Worldwide CTO and EVP at McAfee, as a board member.   Ian and I will remain active in our stewardship, contribution to, and promotion of  the key building blocks of open infrastructure:,,, the Open Networking Foundation and other projects.  Bromium will remain in stealth mode for some time, but we are actively recruiting gods and goddesses of deep systems software  and security to join our teams in Cupertino, CA and Cambridge, UK.

It has been an enormous privilege to serve Citrix, its partners and customers for the last four years – without doubt the most enjoyable of my career. Amongst you I count the closest of friends and best of colleagues.  I know that we will remain close, and believe there will be many opportunities to continue our journey together.  It has been a privilege also to partner with great companies such as Microsoft, and to compete head to head with other industry leaders: Competition keeps us all on our toes and drives innovation, which in turn delivers value to our customers.

I look forward to continuing to learn from the virtualization and cloud community, and will occasionally set myself up for a take-down,  at, or on twitter.