Close

Request a demo

CliQr's groundbreaking technology makes it fast and efficient for businesses to move, manage and secure applications onto any private, public or hybrid cloud environment.

CliQr is now part of Cisco Learn More About Cisco
Request a Demo

Tag Archive: cloud security

  1. Guest Post: Getting Into ‘The Cloud’ – A Practical Perspective

    Leave a Comment

    As we’ve all been hearing for the last few years, “The Cloud” is going to revolutionize our lives with scalable, on-demand computing and storage resources to suit all our software requirements. Soon we will require only a simple device to access our digital needs from anywhere in the world, and that ugly beige box under our desks can disappear. As the first generation of applications made its way to the cloud, it seemed as if the promise of the technology may already be a reality – witness Netflix hosting their entire video-on-demand service on Amazon’s cloud. However as user demand grows, and the next generation of software that runs mission critical operations in businesses and healthcare begin their cloud deployments, the situation becomes more complex. Each cloud provider is beginning to differentiate themselves to stand out from the crowd, and the choice of which cloud to host your service on is becoming a significant component of both the technical and business decision making process.

    At Transformatix Technologies Inc., and our subsidiary BioLinQ, we encountered this issue early in the process of porting our software to the cloud. As providers of digital healthcare services, we felt that offering our Continuum suite as cloud based Software as a Service (SaaS) was a straightforward business decision – rapidly scalable, on-demand, and no hardware installation or support issues. As we began our selection of our cloud providers however, we began to see that the picture was not so clear. With four major components of the Continuum suite to port we quickly found that each component had its own unique requirements that resulted in there being no single cloud provider that could deliver optimum performance.

    The Transformatix Continuum components had the following needs:

    A biobank specimen tracking package—24/7 access, fast interface response, but low bandwidth, storage, and computation needs

    A medical data warehousing and collaboration tool—huge storage requirements, high bandwidth for data in, low computation needs

    A medical image sharing and annotation tool—large storage requirement, high bandwidth for data out, global access, moderate computation

    A bioinformatics toolkit—huge storage requirements, intense computation, high bi-directional bandwidth

    Apart from the need for security (HIPAA compliance) each application had widely varying requirements and in our estimation we would need to be using at best two, and likely three, different cloud providers to achieve best results for each component. Making a decision today to hard-wire our apps to any one cloud could significantly reduce required flexibility in the future. How then, to direct our development resources to best provide the Continuum suite as SaaS?

    It was during this dilemma that we encountered CliQr, with their ability to ‘lift and shift’ applications quickly into a cloud, and between clouds. Working with their team, we at Transformatix imported one of our tools to their platform to test, and found that we achieved comparable performance to any dedicated single cloud implementation, with less effort than performing that implementation ourselves. While the ease of implementation was a benefit, it was the ability to shift between clouds quickly, that rapidly became the most useful feature to us.

    With CliQr, as the cost of moving and testing to each cloud was effectively zero.  We began to test each cloud for their applicability for our tools, and in a few weeks had narrowed down the top performers for each tool. We could setup each tool to work with the best provider, and then in the event of an outage failover to the next choice.

    The capability to rapidly test multiple clouds’ performance, and deploy accordingly, is invaluable to Transformatix in ensuring best performance for the customer, lowest cost to us, but also the most important thing – maximum uptime.

    It’s a rapidly changing world, and for Transformatix, it’s clear we need to be moving just as fast to provide the needed capabilities to our customers.

    Paul Reynolds, Ph.D.
    CTO
    Transformatix Technologies Inc
    reynolds.paul@trfx.com

  2. CliQr Completes Security on Public Clouds (Part 2)

    Comments Off

    CliQr’s CloudCenter platform completes the security requirements on clouds by using the mechanisms that clouds provide (see Part 1), and well-known standards-approved third-party technologies to secure applications and data on clouds, ultimately taking this hassle away from the enterprise. While this security is turned on by default, an enterprise can optionally disable some of the features and customize the security settings.

    Here are a few of the important security features that CliQr provides:

    – Data Encryption: CliQr keeps all data in rest and in motion (in transit to/from the cloud or within the cloud) encrypted at all times. CliQr maintains shared cloud storages on a per customer basis that are encrypted using AES-256 at block level. CliQr also provides a secure storage agent that can be used for syncing data to and from these storages. No cloud keys are needed for this and the agent will authenticate over mutual auth SSL with our platform using your unique CliQr credentials.

    – User Authentication/Authorization: CliQr uses SHA-256 with salting to store one-way hashed user passwords in a user database. These passwords cannot be reverse-engineered from the hash. Moreover, the salting prevents dictionary attacks. The user auth module also supports interfacing with third party Single Sign-On (SSO) mechanisms, such as SAML.

    – Key Management: While both cloud-provider keys and CliQr encryption keys are a great way of securing cloud resources, private keys need secure key management. If downloaded by end users to non-secure destinations, such as personal laptops, these keys are subject to being stolen or lost. CliQr does not allow key downloads (unless otherwise requested by Authorized Security Admins) and stores these keys in a secure database vault. Despite the fact that keys are not downloaded, CliQr maintains complete infrastructure transparency and flexibility, allowing end-users to access cloud resources such as VMs and storage using browser-based secure terminals and desktop sessions. The secure database vault is fully encrypted using a key stored in a different security domain such as Hardware Security Module (HSM). Only authenticated users will be able to retrieve their own key without being able to peek into other users’ keys.

    – Application Network Isolation: Depending on the application type, CliQr secures the port and firewall settings for applications so that such VMs cannot be accessed by any third party, whether external or internal to the cloud. Only those ports that are required for application are opened. The strictest settings are chosen by default, with flexibility to modify at application on-boarding stage.

    As noted, security is complex and often the level of complexity is intimidating, preventing enterprises from taking full advantage of the elasticity the cloud provides. With CliQr’s CloudCenter, we aim to break down the barriers of moving to the cloud by providing seamless and secure cloud application management for enterprises.

  3. Can the cloud really be more secure than datacenters?

    Comments Off

    As enterprises continue to rely more and more on software applications to run their core businesses, application and data security are critical for any company. At the same time, security is a complex problem touching all seven layers of the software-networking stack, from physical resources up to application and data layer security. With the multitude of vendors and variables to work with, implementing security is both an intimidating and costly exercise.

    Wouldn’t it be much easier if enterprises didn’t have to worry about security and received a standard security package designed by experts, which took care of all their security needs, including updating and staying current with the latest best-practices? Cloud computing enabled by CliQr does exactly this. CliQr-enabled clouds are even more secure than most datacenters as there is often a piece of the security puzzle that has been overlooked at the datacenter level. Let us begin with cloud security in general.

    Clouds have been developed and designed by companies that host large infrastructures. These companies often use the very same cloud infrastructure to run their core mission-critical applications. Needless to say, these companies have already invested a lot of resources and hired teams of experts to secure their infrastructures. Today’s cloud providers offer very sophisticated layers of security including:

    – Highly secured facilities that host the physical resources

    – Best practice security regulations, configuration control and administration

    – Compliance such as SAS 70 Type II, SOC 1, SOC 2

    – Security audits like PCI, HIPAA, ISO, etc.

    While this takes care of infrastructure layer security, in the interest of flexibility, clouds do not directly implement application and data security, but rather provide the means to complete a business’ security needs on their infrastructure.

    Some ways in which clouds do this are by providing:

    – Secured PKI mechanism for accessing and managing the cloud environments

    – APIs for configuring network firewall settings

    – VLAN constructs for creating isolated private networks

    – Data encryption on storage

    Today it is an enterprise’s responsibility to complete these security requirements on a cloud environment using the above mechanisms and manage the keys securely. In Part 2, I will discuss how CliQr completes this security by taking care of these aspects for the enterprise.

CliQr Technologies, CliQr CloudCenter and CloudBlades are trademarks of CliQr Technologies, Inc. All other registered or unregistered trademarks are the sole property of their respective owners.