ESG analyst Ogren says the sheer complexity of managing multiple encryption keys will be a major headache for users of virtualization. Key management has already been highlighted as a challenge by CIOs encrypting physical data, and Ogren warns that virtual machines give users even more keys to worry about. (See Orlando, Observed and Security Smorgasbord on Show.)
"The challenge is using keys to manage different applications running on the same machine," he says. "The big thing is working out how the keys interrelate -- how do you modify keys and change them as the system goes forward?"
The analyst warns that this is particularly tricky in the medical sector, where some records may need to be kept for 100 years, while others may only need to be kept for much shorter periods. Data lifespans also are subject to changes in compliance regulations such as the Health Insurance Portability and Accountability Act (HIPAA). (See Retention Rules Set to Change, Top Tips for Compliance , and Content Capture Considered.)
Vendor Neoscale has attempted to address the multiple key issues by teaming with Symantec, Optica Technologies, and Entrust to create software that manages encryption keys from different vendors. (See Multivendor Management Locked Up, All Keyed Up With NeoScale, NeoScale Centralizes Management, and NeoScale Faces Up to 4-Gig Encryption.)
To realize the benefits of cloud-native software, an application must actually be cloud-native—designed to run in the cloud, interacting with disaggregated cloud services, fully manageable as code—to deliver the expected benefits.
By combining resources and expertise, the AI-Enabled ICT Workforce Consortium will offer a blueprint for how industries can adapt to an AI-dominated future.
IT leaders should heed the guidance of cybersecurity insurance providers who think businesses should prioritize security education, incident preparedness, regular internal audits, and ongoing vulnerability scanning and patching.
