Is virtualization risky?

becker

 

A former IT staffer pleaded guilty to using a secret vSphere console to wipe out 15 VMware hosts running 

multiple servers each.

http://www.itworld.com/it-managementstrategy/194445/fired-techie-created...

 

Doesn't this prove that virtualization carries greater inherent risks than had the techie been forced to log in to 100 servers individually, rather than only 15 host servers?

 

Tags: VMWare
Answer this Question

Answers

2 total
jimlynch
Vote Up (17)

I agree with jlister. It seems to me that the incident you mentioned was not necessarily due to virtualization. I think it happened because of poor security practices by that particular company.

There are too many advantages to virtualization to let an isolated example like that determine a company's policy.

VMWare has an interesting page up that covers some of the advantages of virtualization:

Virtualize Your IT Infrastructure
http://www.vmware.com/virtualization/

jlister
Vote Up (14)

The problem wasn't that virtualization was inherently risky; it was that this criminal needed to have more oversight at work, and when he left, all the passwords should have been replaced so he couldn't login to any server, physical or virtual. As for the secret vSphere console, there should be some kind of mechanism for network admins to track the installation of the vSphere console anywhere on their domain.

 

I'm glad they caught the guy. He sounds like a real jerk.

Ask a question

Join Now or Sign In to ask a question.
The latest release of Oracle's software for managing virtual machines offers the same set of features to Sparc users as to those who manage virtual machines on x86 servers.
VMware is for the first time inviting anyone to beta test the next version of vSphere, the company's virtualization platform.
Oracle has just released its Communications Application Orchestrator designed to address the Network Functions Virtualization (NFV) requirements for communications service providers. Virtualized infrastructures are increasingly popular, both in the enterprise and in service provider infrastructures. Oracle's new solution is also designed to work with Oracle Communications Core Session Manager, a solution that helps CSPs virtualize network infrastructures to support NFV efforts.
Pluribus Networks lets Arrow spearhead server/switch hardware sales while it focuses on network hypervisor software.
PLUMgrid brings cloud networking to OpenStack, lands another $16M in funding and wins over Swisscom.
Some developers have turned to MIDI devices, for fun or relief, to write software
As if tracking down bugs in a complex application isn't difficult enough, programmers now must worry about a newly emerging and potentially dangerous trap, one in which a program compiler simply eliminates chunks of code it doesn't understand, often without alerting the programmer of the missing functionality.
One of the better-known remote-desktop clients for the iPad, Parallels Access, has expanded into the iPhone and Android spaces with Parallels Access 2.0, including special access controls for businesses, too.
Code from the very early days of Simula, the first OO programming language, has surfaced
Docker 1.0 has officially arrived, giving organizations a proper chance to use the emerging cloud technology to create and run applications with even more agility.