Professional Provider of Enterprise IT Solutions

Unitiv Blog

Subscribe to Unitiv Blog: eMailAlertsEmail Alerts
Get Unitiv Blog via: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn

Related Topics: Virtualization Magazine, Desktop Virtualization Journal, Security Journal

Blog Feed Post

Five Security Principles for Virtualized Environments

Virtualization has created a much more efficient environment for our technology, but raised some new types of security risks

Over the past decade, we’ve become much more robust in our approach to information security. We recognize that our company’s largest vulnerabilities have to do with its computer systems, and that data security is at the core of loss prevention, disaster recovery, and even normal operations.

Virtualization has created a much more efficient environment for our technology, but it’s also raised some new types of security risks. If you’re going to keep business running as usual and keep it secure, you need to know how to mitigate some of these risks.

Here are some things to keep in mind when considering security and your virtualized environment:

  1. Virtualization is not, in itself, necessarily insecure. It’s not the virtualization technology that creates risk; rather, it’s the way that virtualized applications and workloads are being implemented and deployed that creates the problem.
  2. Security should be part of the discussion from the beginning. According to one Garter survey, as many as 40% of virtualization projects didn’t look at the involvement of the security team until after the initial planning and design stages were well underway, or even complete.
  3. The hypervisor is the area of the most potential risk. The hypervisor has the ability to oversee multiple workloads on a single physical server. In the past, a threat that occurred to one physical server only threatened one workload. Now, a threat to one physical server threatens many workloads.
  4. Workloads should be consolidated in line with trust levels. Whenever possible, you want to build a security architecture that is able to address both physical and virtual environments with the same security policies and reporting.
  5. Even simple security issues like antivirus scheduling are part of the virtualization discussion. For example, if you simply accept the default scanning times for server instances, you might have a number of virtual servers all decide to scan for viruses at the same time and wind up with a significant overload on the physical machine.

Virtualization providers are well aware of the kinds of implications that the technology has on security, and as time goes on they’re providing more and better tools to handle these complex concerns.

Read the original blog entry...

More Stories By Unitiv Blog

Unitiv, Inc., is a professional provider of enterprise IT solutions. Unitiv delivers its services from its headquarters in Alpharetta, Georgia, USA, and its regional office in Iselin, New Jersey, USA. Unitiv provides a strategic approach to its service delivery, focusing on three core components: People, Products, and Processes. The People to advise and support customers. The Products to design and build solutions. The Processes to govern and manage post-implementation operations.