IT Brief New Zealand - Technology news for CIOs & IT decision-makers
New Zealand
Guides
#
artificial intelligence
#
digital transformation
#
disaster recovery
#
internet of things
#
work from home
Search
Story image
#
Breach Prevention
#
Cloud Services
#
Virtualisation
Virtualisation provides single point of defence.
Thu, 1st Nov 2012
FYI, this story is more than a year old
By Staff Writer
Follow us

The stellar rise of virtualisation raises interesting and unique security challenges for most organisations. Not least amongst them is the notion that with virtualisation 'all the eggs are in one basket', as many guest workloads that require security may be located on a single host system. This means that if that single host system gets compromised, all the data within the guest operating environments potentially gets lost.

The benefit of a virtualised approach is that although there may be one single point of compromise - the host server - security measures only need to focus on that single host system. Growing up in Scotland gave me plenty of exposure to historic castles. Imagine you are building different walls to protect many different smallholdings. Moving all those environments to a single, large castle means that one can deploy different layers of stronger security at a lower cost and with easier management that maintaining many different fortifications.

For example, a single castle may have an outer wall, an inner wall, a moat, be strategically placed on the landscape and may even have a garrison of soldiers within to patrol the walls: far more security and much easier to protect than trying to defend individual farmhouses in the valley below. Detection of breaches also becomes an easier task. That’s why virtual environments can be made more secure than physical ones - there are more logical boundaries that can be defended than physical ones.

However, securing against intrusion or attack from outside is one thing. More common is attack from within the organisation. It is often accidental but can lead to data loss that is damaging to the business, and sometimes with a crippling effect. Therefore it is also worth considering security in business continuity terms: “What is the financial security of my business in the event of a major data loss?” This loss could be due to malicious intrusion but may be inadvertent deletion, hardware failure or a even natural disaster. Any security plan needs to take these scenarios into consideration.

Auditing and log management for virtualisation infrastructure

Any security plan should also have at least partial emphasis on reporting. In virtualised environments that may encompass intrusion detection systems and anti-malware reporting at the hypervisor level. Equally important is the ability to track changes in the virtual environment and look for patterns that may be indicative of malicious activity or offer signs that data loss may be imminent. In industries with strict regulatory and/or compliance requirements, organisations are well advised to use tools that provide tight administrative control. Audit logs provide forensic information if a breach has occurred.

Being able to identify who did what, where and when can be useful for recognising a guilty party but also provides insight when the security breach is inadvertent. This is not necessarily to apportion blame, but simply to ensure that any outage can be avoided in the future. Monitoring and alerting on the underlying virtual infrastructure might provide early warning signs of an outage, and steps can then be taken to avoid breaches in the future.

Consider the consequences of data loss

In most environments, the risk is less among the virtual machines and more with the basic security controls of the infrastructure itself as well as appropriate reporting and administration solutions.

Tools dedicated to virtualisation in virtual environments make it easier to implement multiple layers of security around one object: the host containing those sensitive guest workloads, rather than around many systems. The flexibility and capability of both virtualisation hypervisor technology and its supporting vendor ecosystems also allow to replicate entire guest workloads from host to host across geographies, and the best virtualisation-dedicated backup solutions allow recovery of individual data items and even entire virtual systems within minutes.

So when considering security for virtual environments take a step back and consider what the high-level goals are: to keep your data securely intact and prevent data loss in all its forms.

Related stories
New report reveals stark divide in global AI progression
How to ensure your finance transformation project is an unqualified success
FPT & NVIDIA partner to develop AI & Cloud services hub
Cognizant & Microsoft deepen partnership to democratise GenAI
Cayosoft reports 56% revenue leap due to AD recovery solution demand
Top stories
Zscaler introduces enhanced ZDX service for improved IT operations
The importance of cybersecurity training for software developers
HID acknowledged as Leader in Gartner Magic Quadrant for Indoor Location Services
Exclusive: How Darktrace is tackling AI-driven cybersecurity
Dropbox unveils new features for remote work, enhances Microsoft integration