Recently, Ken Kartsen, Vice President of Federal Sales at McAfee, sat down with the editors of Iron Bow’s TechSource to talk about how to embrace new technologies and all the advantages they bring against the inherent security risks. As well as giving a brief ‘state of the union’ on the state of cybersecurity and cyber readiness in 2013, so far, Kartsen shares his insights on how government agencies are dealing with the challenges presented by virtualization, mobility, BYOD.
We’ve included a brief excerpt below, but for the full interview click over to TechSource.
We hear public sector IT managers discussing their virtualization implementations as essential for continuity of operations, telework, data center consolidation and other initiatives. What security concerns come with the benefits of virtualization?
Many of the biggest issues facing virtualization initiatives are based in function, not security.
Customers demanded security platforms for virtual machines, and the security industry moved quickly to ensure that customers can accomplish what they’re looking to achieve – fast-moving virtual machines that are secure.
However, this means securing each individual endpoint. This has led to the creation of hypervisors and other technologies that ensure security is embedded in virtual machines without having to install it on each individual virtual endpoint.
What about cloud solutions? Are security issues keeping the federal government from moving to the cloud?
We’re continuing to see customers move in the direction of the cloud, but it’s a slow process. And we’re getting closer and closer to the time when Google, Amazon and other cloud providers have important functions within the federal government. However, to combat security issues, we’re seeing the defense and intelligence industries embrace private clouds.
Ultimately, clouds are based in data centers, so securing the cloud is more about securing the data center. In addition, when dealing with the cloud, organizations need to focus on identity management; when people connect to the cloud, the cloud needs to ensure that the person is exactly who they say they are.
The perfect solution is security embedded in both the hardware and the software. This would ensure that when an individual accesses the cloud, they can ensure the integrity of who the person is and identify what data they should be able to access.