Sentrigo has made its database security products available for Amazon EC2.
Sentrigo is looking to bring database security to the cloud by
making its Hedgehog Enterprise and vPatch products available on Amazon
Elastic Compute Cloud (Amazon EC2).
The move is meant to help organizations deal with the compliance
issues posed by storing data in the cloud by providing database
activity monitoring, intrusion prevention and virtual patching.
"It's clear to us that three or five years from now, cloud computing will be a core
of every enterprise IT strategy," said Slavik Markovich, CTO of
Sentrigo. "But for now, organizations still see obstacles to adoption,
and the biggest of those are security and compliance. All the
benefits of cloud computing sound good, but if your applications store
sensitive data, and especially if it is governed by regulations like
PCI-DSS or HIPAA, or SOX, you can't go there yet."
While the cloud doesn't really alter the threat landscape for databases
, the techniques and approaches for securing that data must change, Markovich added.
"Traditional perimeter security models fail, as there really is no
perimeter to protect," he said. "Traditional network monitoring models
fail, as the network topology is highly dynamic and not physically
accessible. Have you ever tried to ship Amazon a security appliance to
install next to your virtual server on EC2? (It) doesn't make sense."
"So, the hacker's life hasn't really changed, but the environment we
are protecting is much more challenging and requires an updated
security approach," he continued. "We think that a distributed
architecture will replace network-sniffing appliances in nearly all
security areas as more and more enterprises move to the cloud."
The company noted that Hedgehog is built on a distributed model
using autonomous sensors to monitor databases wherever they are hosted,
and by packaging Hedgehog into an Amazon Machine Image the products can
be installed on Amazon EC2 in minutes.
"(Enterprises) need to know that the data is safe, and that you can
prove that to your auditors," the CTO said. "For Sentrigo, we have an
architecture that fits perfectly with the cloud, by distributing the
security implementation wherever the servers are, and still managing
and reporting on them centrally from behind your firewall."