Keeping information safe has been one of today's most challenging tasks for IT personnel, as new technologies and solutions evolve and become more widely utilized in the enterprise. Traditionally, chief information officers and other decision-makers could use one physical server to store confidential records and simply limit access to it. Today, with the advent of virtualization, security becomes more complicated, according to an SC Magazine report by Joe Baguley.
Data security used to consist of implementing firewalls around sensitive information. But now that businesses are using desktop and server virtualization to achieve unlimited scalability, reduce IT costs and become more flexible, the threat landscape has changed. The virtualization adoption trend will not slow either, as research firm TechNavio predicts the global enterprise server virtualization market will expand at a compound annual growth rate of 32 percent through 2014. Reducing infrastructure costs will be one of the key drivers for this increase in adoption.
Data protection should still be one of the focal points for any IT department, however, especially as many cybercriminals today can bypass old security tools, Baguley said.
When a company uses virtualization technologies, it no longer makes sense to safeguard physical components, as the critical information is now digital and moving inside virtual machines. Organizations should create security policies that incorporate the hypervisor, or the virtualized environment that exists between the operating system and hardware, as it is the hypervisor's responsibility to take on security, rather than the OS's, Baguley noted.
Advanced threats tend to enter the virtual environment through a single vulnerability, Baguley asserted, meaning that each entity within the architecture constantly needs to have the most up-to-date protective tools applied to it. By taking a data-centric approach to virtualization security, decision-makers can keep sensitive information more secure throughout cloud and other virtual environments.
Unfortunately, many of today's businesses fear technologies they cannot see and touch, making virtualization and cloud computing security major concerns that often slow down technological progress. According to a report by Kuppinger Cole, one of the major inhibitors from implementing virtualized security is a lack of expertise within the workplace.
As more organizations deploy the cloud and desktop or server virtualization, it is important that IT personnel know how to properly secure these environments. Training and education should be at the heart of the process of implementing a new technology.
Virtualization Security News from SimplySecurity.com by Trend Micro