Professional Provider of Enterprise IT Solutions

Unitiv Blog

Subscribe to Unitiv Blog: eMailAlertsEmail Alerts
Get Unitiv Blog via: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn

Related Topics: Virtualization Magazine, Sarbanes Oxley on Ulitzer

Blog Feed Post

Top 3 Virtualization Security Issues

virtualization securityVirtualization presents some unique possibilities to IT, but it also presents some unique problems. One of the biggest areas of concern for IT managers and CIOs is the area of security. It isn’t so much that virtual servers are somehow not as secure than other servers; instead, the fact that many applications can run on a single physical server means that the server suddenly becomes a more important security object. Having one physical server which supports one application compromised is concerning; having a server that supports many applications compromised is dangerous.

Here are a few of the key virtualization security issues that matter most to your organization:

  1. Oversight. One of the grey areas that virtualization has created is that of server oversight. Who’s ultimately responsible for virtual servers is sometimes up in the air. While physical servers are, as a matter of course, under the direct purview of the data center, it’s not as straightforward for virtual servers. Whether it’s the business unit that uses the server, the closest IT manager to the actual physical server, or a central system admin, someone needs to have clear authority to act and responsibility to manage the virtual server.
  2. Maintenance. Flowing out of that oversight confusion is the issue of upkeep and patching. Virtual servers tend to be launched and then their image tucked away, and it may or may not be recreated when patches or configuration changes take place. Taking regular snapshots of a virtual server so as to keep current with things like patches and antivirus reduces risk.
  3. Visibility. One of the risks involved with having significant virtualization is that those network controls that used to segment specific applications off due to reasons of compliance and security often aren’t virtualized. Indeed, virtual servers develop something of an invisible network between them, quite apart from the normal firewalling and monitoring controls that take place between physical servers. This, of course, can lead to issues with HIPPA and other security regulations. Compounding this problem is the fact that the virtualization vendors haven’t yet implemented the kind of robust sniffer, tracking, and firewalling tools that the physical server world has.
Virtualized environments can be just as secure as physical server environments, but you need to make sure you’re aware of the unique concerns that virtualization poses.

Read the original blog entry...

More Stories By Unitiv Blog

Unitiv, Inc., is a professional provider of enterprise IT solutions. Unitiv delivers its services from its headquarters in Alpharetta, Georgia, USA, and its regional office in Iselin, New Jersey, USA. Unitiv provides a strategic approach to its service delivery, focusing on three core components: People, Products, and Processes. The People to advise and support customers. The Products to design and build solutions. The Processes to govern and manage post-implementation operations.