Regular IT guy

Just a guy – talking about technology … in an uncomplicated way.

Menu
  • Contact
  • Speaking
Menu

Succeed in a hybrid world – without losing control of your data

Posted on December 16, 2014 by Rick
Share on Social Media
twitter facebook linkedin email

Most of us who work in IT generally feel pretty good about the physical and logical security of our data and systems when it resides on-premises.  If you can see and touch the systems, it gives you an added sense of security – especially when you have keycards, biometrics or sometimes just a lock on the door. Augmenting this on premises is easy enough, most times with built in tools like BitLocker or certificate services for a variety of solutions that you can employ to data wherever it lies.

But then we add in a Hybrid connection – to someplace else where you don’t have physical access to the host systems, only remote access to your Guest VMs?  Public Clouds like Azure need some extra assistance if you want the warm-and-fuzzy feeling of your VHDs encrypted while at rest. Now what do you do in order to get the warm fuzzy feelings of keeping control of your data?

Full Volume Encryption with Bitlocker requires a TPM or physical access to the system while booting. At TechEd Europe, my friend Bryon Surace had a session talking about a new partner that was onboarded for the Azure called CloudLink.  They make a two part solution that allows you to centrally manage encryption keys used for boot time decryption on Windows and Linux images as well as data volumes you attach to your machines.

It’s really quite cool – and simple.  Once you have established an relationship with CloudLink, you download their “Cloudlink Center” virtual appliance (a pre-configured VHD), deploy it to an Azure VM (create new VM from image) and login to the Management portal. You then install an agent on Windows based servers that interfaces between Bitlocker and their CloudLink server.  Once the machine boots – it shows up in the management console and you authorize it for operation. Apparently, this can also be integrated into native Linux data encryption mechanisms as well.

Check out their quick demo video on how this logically works – a video is worth a couple thousand words. 😉

https://www.youtube.com/watch?v=jXlym7mh4tc&feature=youtu.be

Note: it also works with your Hoster c0-location options as well as in your on-premises Hyper-V and VMware private clouds as well.

Very cool solution.  I know a number of customers I’ve spoken to that could use this to bolster their comfort and security levels – potentially unblocking their plans to integrate Azure and Public Cloud into their environments.

Share on Social Media
twitter facebook linkedin email

1 thought on “Succeed in a hybrid world – without losing control of your data”

  1. Pingback: Happy holidays from the TechNet NZ team! - Microsoft NZ TechNet Blog - Site Home - TechNet Blogs

Comments are closed.

Follow me on Social Media
twitter facebook youtube linkedin

Recent Posts

  • Moved over to Dreamhost
  • Microsoft Azure HPC goodness
  • Whats new in Azure VM Images
  • Whats New in Azure Managed Disks
  • What up with Azure File Sync

Recent Comments

  1. Farhan Sattar on New Year, New Responsibilities
  2. Frederi on Tuesdays with Corey: Seasons Greetings and Until Next Year!
  3. Leon Han on HowTo: Bootable USB Stick for OS Install
  4. Frederi on Tuesdays with Corey: Seasons Greetings and Until Next Year!
  5. Rick Claus [rclaus@MSFT] on Tuesdays with Corey: Seasons Greetings and Until Next Year!

Archives

  • January 2023
  • March 2019
  • November 2018
  • October 2018
  • September 2018
  • August 2018
  • June 2018
  • May 2018
  • April 2018
  • March 2018
  • February 2018
  • January 2018
  • December 2017
  • November 2017
  • September 2017
  • August 2017
  • July 2017
  • June 2017
  • May 2017
  • April 2017
  • March 2017
  • February 2017
  • January 2017
  • December 2016
  • November 2016
  • October 2016
  • September 2016
  • August 2016
  • July 2016
  • June 2016
  • May 2016
  • April 2016
  • March 2016
  • February 2016
  • January 2016
  • December 2015
  • November 2015
  • October 2015
  • September 2015
  • August 2015
  • July 2015
  • June 2015
  • May 2015
  • April 2015
  • March 2015
  • February 2015
  • January 2015
  • December 2014
  • November 2014
  • October 2014
  • September 2014
  • August 2014
  • March 2014
  • February 2014
  • December 2013
  • October 2013
  • August 2013
  • July 2013
  • March 2013
  • February 2013
  • December 2012
  • November 2012
  • September 2012
  • August 2012
  • June 2012
  • May 2012
  • April 2012
  • March 2012
  • January 2012
  • December 2011
  • November 2011
  • October 2011
  • September 2011
  • August 2011
  • June 2011
  • May 2011

Categories

  • Azure
  • Azure 4 ServerHuggers
  • Azure IT Pro News Roundup
  • CH9 Videos
  • CloudOpsAdvocacy
  • Comments
  • Community
  • Debunking Azure Myths
  • Events
  • Helpful Tech
  • How To
  • interviews
  • Microsoft
  • Networking
  • PatchAndSwitch
  • Personal
  • Presentations
  • Security
  • Server
  • TechEd
  • Troubleshooting
  • Tuesdays with Corey
  • Uncategorized
  • Windows 8
  • Windows Server 8
  • Workarounds

©2023 Regular IT guy