Server Virtualization: Top Five Security Concerns
In surveys of senior-level IT managers, security is consistently one of the top five concerns, along, specifically, with security related to the hot technology of the moment. Most recently those worries have included social-networking technologies such as Twitter and Facebook and other outlets through which employees could turn loose company confidential data. But the security of virtual servers and virtualized infrastructures also rank near the top of the list -- and rightly so, according to analysts.
It's not that virtual servers are any less secure than any other server, according to Neil MacDonald, security and infrastructure analyst at Gartner. In many ways virtual machines are more secure than standalone servers, if only because they are more isolated and because they depend on a single host server, which makes the physical security issue much simpler than if each were on a separate piece of hardware, he says.
"Each one of those virtual servers is still its' own separate server, though," MacDonald says. "Each one has its own operating system and configuration that may or may not be according to the standard set by the parent company. And every one of them has to be patched and maintained the same way a non-virtual server does to keep up with potential vulnerabilities; a lot of people forget about that, but it makes the situation a lot more complicated."
It's theoretically possible for hackers to attack the hypervisor layer specifically, or to take over a VM and use it to attack other VMs, according to according to Chris Steffen, principal technical architect at Kroll Factual Data, a credit-reporting and financial-information services agency in Loveland, Colo. But this has never happened "in the wild," so the threat remains theoretical for now. (For more detail on real versus theoretical threats, see CIO.com's How to Find and Fix 10 Real Security Threats on Your Virtual Servers.)
"You could also have a virus aimed at the BIOS chip on your machine, but we don't see too many BIOS viruses, any more," Steffen says.
The biggest problem with VMs, Steffen and MacDonald say, is the potential for IT or security managers to lose control of them simply by not being able to see the risks as they crop up.
The National Security Agency has taken that concern not only to heart, but to software development labs, coming up with a virtual-server management scheme called NetTop that requires a configuration preventing VMs running on the same machine from interfering with one another. It doesn't solve all the potential configuration problems, but it does concentrate all the security processes within a specific technology layer and development process.
Sign up for ITworld's Daily newsletter
Follow ITworld on Twitter @IT_world
On Twitter now
virtualization
Powered by Twitter
jfruh
Apple syncing patent can't come soon enough
pasmith
New Twitter features borrow from 3rd party clients
Esther Schindler
Open Source Changes the Software Acquisition Process
mikelgan
How to set up continuous podcast play on the new iTunes
David Strom
Five important Windows 7 mobility features
sjvn
Guard your Wi-Fi for your own sake
Sandra Henry-Stocker
Grepping on Whole Words
Sidekick: The Good News & the Bad News
Either way you look at it Microsoft Data Center management did not follow standards or best practices in this failure. In which case it makes me wonder more about the outsourcing of corporate data much less personal data.
- mburton325
Join the conversation here
Quick, practical advice for IT pros. Made fresh daily.
Want to cash in on your IT savvy? Send your tip to tips@itworld.com. If we post it, we'll send you a $25 Amazon e-gift card.
