About the organization
Intility is a complete multi-cloud platform service utilized by more than 600 companies across 2000 locations in Norway and around the world. Intility offers unlimited and scalable access to compute, storage, network, as well as integrated tools for productivity, security and mobility. Intility’s goal is to act as a catalyst for companies that want to exploit the power of technology in order to increase their own productivity and competitiveness.
The challenge: Securing Virtual Machines and Master Key
Intility instantiates many and diverse virtual machines (VMs) for its clientele across a wide geography, as a cost-effective way of deploying servers. As a cloud service provider, Intility needed to ensure that its clients’ VMs and the applications and data contained within are secure against external and internal threats. An intruder or malicious administrator could make a copy of a VM, steal it away from the data center, and boot it up in another environ- ment to access clientele information.
In order to raise the virtualization security bar, Microsoft Windows Server 2016 introduced the concept of Guarded Fabric to increase the security of Hyper-V Virtual Machines (VMs). Intility implements Microsoft Guarded Fabric to protect and secure mission critical systems, custumer data and services. A Microsoft Guarded Fabric consists of a Host Guardian Service (HGS) comprised of the Attestation Service and the Key Protection Service, a Guarded Host and a Shielded VM. The Key Protection Service stores and protects the master key in soft- ware. For enhanced security purposes, Intility wanted to deploy hardware protection for the master keys used by the Host Guardian Service. Intility was looking for a hardware security module that was both cost-effective and easy to deploy.