One of the factors stunting the development of hybrid clouds is the degree of exposure that's created when companies move corporate data and legacy applications over the Internet to a public cloud location. A young company, Virtustream, announced at Structure 2012 in San Francisco that its second generation xStream product will coordinate public and private cloud communications behind three layers of encryption.

Virtustream requires all messages to be sent via a VPN or multiprotocol label switching (MPLS) tunnel for encrypted communications. It requires the data to be encrypted before being sent and invokes the Trusted Execution Technology function on Intel chips that verify the integrity of a key used to encrypt the rest of the message.

Virtustream was cited as a factor in helping some large companies adopt hybrid cloud computing in a "Why CIOs Are (Finally) Getting Over Cloud Phobia" session at Structure 2012 in San Francisco Wednesday. The speaker was Joseph Coyle, CTO of systems integrator Capgemini, who termed Virtustream a "pioneer" in cloud software.

Virtustream CTO and co-CEO Kevin Reid said in an interview that adopting xStream 2.0 will allow companies to meet strict security standards, such as the Defense Department's DIACAP and ICD 503 standards as well as the credit card industry's PCI and federal government's FISMA standard, while running their workloads in the public cloud.

"We are a significant step up in security and compliance from a normal public cloud offering," he said.

[ Learn more about using micro-VMs to boost security. See Startup Taps Virtualization To Stop Security Threats. ]

Virtustream created its management software by first offering infrastructure-as-a-service for legacy systems from its own data centers. It then created a software product, xStream, out of its management systems for customers' use in building on-premises clouds in their own data centers, Reid said. With xStream 2.0, it is claiming to offer an advanced degree of secure joint operation of public and private clouds. The public cloud at this time will be Virtustream infrastructure, available through its data centers in North America, Europe, and Asia. Reid said Virtustream will soon offer its management software to other public cloud service providers.

XStream 2.0, still in beta, will become generally available in August. It will be offered as packaged software, a standalone appliance, or a managed service in the cloud.

Virtustream is seeking a patent on a micro hypervisor that it uses to subdivide a cloud workload, running each part in its own micro-VM. By doing so, it can track the use of each particular resource, rather than charging by the hour for a virtual machine that's presumed to use a combination of networking, CPU, memory, and storage. "The bill is calculated on resources used, not hours used," and comes closer to allowing the customer to pay only for what's been used, he said. In some cases, customers will save 25% on what they would pay for the more generalized, per-hour use of a Xen, ESX Server, or Hyper-V virtual machine, he added.

Virtustream's xStream has been on the market for three years. Its 500 customers include Domino Sugar, Allied Irish Bank, Diesel Direct, Marine Resources Group, and Digital Chocolate.

Virtustream recently closed a second round of funding with Columbia Capital, Intel Capital, Noro-Moseley Partners, QuestMark Partners, TDF, and Top Tier Capital Partners, bringing its total venture funding to $75 million.

Geared specifically toward the federal government, its agencies, and third parties, FISMA is a set of requirements aimed at establishing a baseline level of computer and network security. In our FISMA Lifts All Compliance Boats report, we show that when you reach FISMA compliance, you'll likely be compliant with just about every security mandate out there. (Free registration required.)