The customer controls the keys to the encrypted data, by design. From there it's up to the enterprise to pick whether to employ a key management product on premise or use a third-party key management service.
The two depths of security that come into play for virtualized networks - whether private, public and private - address virtual machine security.
"Sometimes the enterprise security team doesn't have a say in how virtual machines get spun up within a provider's cloud. But they should, because that is a fundamental point of security in the cloud. You want to push to make sure your security policy travels with your virtual image no matter where it is running," says Rand Wacker, vice president of products for CloudPassage, a cloud server security vendor.
NJVC's Jackson says Intel's Trusted Execution Technology (TXT) could help IT departments in the near future with the basic issue of being able to trust the servers running your applications in the cloud. TXT is a hardware-based security measure built into all Intel Xeon servers which is designed to detect and prevent BIOS attacks and evolving forms of stealthy malware, such as rootkits.
The main benefit, Jackson says, is an understanding that your virtual instances will be spinning up on a trusted machine.