Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

Nearly half of IT Directors left out in the cold on virtualisation security

Clavister : 26 March, 2009  (Technical Article)
With over 40% of key IT decision makers being unaware of the specific security conditions for operating in a virtual environment, Clavister releases white paper on the technology
While adverse global economic conditions may be affecting other sectors of the IT market, the virtualization explosion continues. However, in the rush to take advantage of the cost benefits of virtualization, many firms may be compromising their security, according to IP-based security and unified threat management (UTM) specialist, Clavister.

A recent YouGov survey commissioned by Clavister found that more than 40 per cent of IT directors and managers that have implemented server virtualization may have left their IT networks open to attack because they wrongly believed that security was built in.

This lack of understanding is one of the most dangerous misconceptions surrounding virtualization and it was recently highlighted as the target for new security threats by respected analyst firm, Gartner.

Andreas Ã…sander, VP product management at Clavister said: 'Securing the virtual environment cannot be approached in the same way as the physical environment as virtualization offers new points of attack and gives access to a far wider number of applications than a traditional physical server.

"It is vital that IT staff take steps to achieve the same level of security as their physical environment, but by its very definition, the virtual environment is constantly changing and so it is impossible to use the same security solutions.'

The misconception is that everything is secure because the environment is still protected by a firewall but the reality is that this is absolutely not the case. In the virtual environment traffic does not have to leave the virtual infrastructure at all so is therefore not checked and protected by the firewall.

Ã…sander continues: "Problems can come from employees who have direct access that is not protected by firewalls and a worm or Trojan can infect a less secure machine, such as a community portal or forum on the Web server. Segmentation in a physical environment prevents these from spreading but in a virtualized environment you do not have that segmentation so a hacker in your Web system can easily jump over to your financial systems or databases."

Clavister has developed a four step strategy to ensure that the virtual environment is secured:

* Understand how virtualization will affect data security in your new environment
* Incorporate virtualization into your security policy
* Ensure that you know what you need to do to maintain security in a virtualized environment
* Check that you have the right technology solutions in place to meet the needs of your particular organisation and the most appropriate tools and processes for smooth implementation and efficient administration.

For more information on virtualization security you can listen to a podcast with Andreas Ã…sander and download a whitepaper on this much misunderstood technology at the Clavister web site.

Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo